Program Executive Office PEO C4I and Space PMW 160 CANES Overview to FCC team
Delores Washburn (TD) Nick Freije (CHENG) Mike Davis (SCN / NR)
PEO C4I & SPACE
FY-06 C4I Fleet Top Ten (PMW 160 Perspective)
R 041359Z OCT 05 COMSECONDFLT
1. 2. 3. 4. 5. 6. 7. 8.
Coalition communications (CENTRIXS/ISNS/CANES) Reliable SATCOM Standards (NETWORK Rationalization) Lack of adequate data throughput (ADNS) Computer network defense (CND) Common Operational Picture Real-time collaboration (CENTRIXS/ISNS/CANES) Streamlined process to support emergent ops (ISNS/CANES/CENTRIXS/JCDX) 9. Next generation knowledge management (ISNS/CANES/JCDX) 10. Incorporate wireless technology (ISNS/CANES) PMW 160 Programs Are Relevant To Critical Warfighter Needs
1
PEO C4I & Space Leads The Future For Afloat Networks
Key Initiatives / Future Programs
Increased Availability (.95 to .99 Ao) Secure, standards-based and certified Wireless LAN solution ADNS Increment III
All IP environment with Increased Bandwidth and Availability
Cross Domain Solutions
Decreases Space Utilization / Increases Interoperability
End to End Network Management Integrating specialty LANs across platforms to include:
HM&E Control IC / Voice Integration
Service Oriented Architecture
Detailed cost comparison between platform unique and POR networks necessary Arriving At The TSCEI C4I Solution In Step With (Not Ahead Of) Available Technology
SCA Road Map
(Ship Communications Auto - Notional)
FY06 FY07 FY08 FY09 FY10 FY11 FY12 FY13 FY14 ONDJFMAMJJASOND J FMAMJ J ASOND J FMAMJ J ASOND J FMAMJ J ASOND J FMAMJ J ASOND J FMAMJ J ASOND J FMAMJ J ASOND J FMAMJ J ASOND J FMAMJ J AS LAUNCHES Wideband SATCOM EBEM WGS GBS IP CWSP Shore GNOC/RNOSC NOC2NOC Failover NMS (Monitor) NMS (Management) NMS (Automated) Crypto Modernization Tactical Switching
WGS (X/Ka)
AHEF (Q)
TSAT
ECRNOC Closure
I
IORNOC Closure
I
Homeporting
Networks CANES ISNS INC I CENTRIX Shore SCI Shore CENTRIXS INC I SCI Network SubLAN TL/Router
ADNS Increment I Proteon AS Increment II Increment IIa Increment III Red and Cypher Text Core
Consolidated Afloat Networks and Enterprise Services (CANES) Roadmap
Legacy Voice SCI LAN
CBS / WPNS
GENSER LAN (GCCS-M)
ISNS
CANES
HM&E
UNCLAS LAN (NTCSS)
SVDS CENTRIXS
Networks + ADNS + Services FY-08 FY-13 SCI ADNS As Capabilities Become Available, PMW 160 GENSER ADNS ADNS Delivers At Reduced Cost And Risk
EMS
Decreased training cost Decreased manpower Decreased complexity
ADNS
Decreased cost Decreased vulnerabilities
Decreased interoperability issues
Consolidated Afloat Computing Environment
COI Services & Applications Enterprise Services Management
5
Business Mission Area Military Personnel Financial Management Logistics Warfighting Mission Area Command and Control Navigation Weapon Systems HM&E Intelligence Mission Area ISR
Mission Assurance (IA / CND)
Basic Information Services
Operating Systems Email Office Productivity Software / Patch Delivery Browser
Enterprise Infrastructure Services
Mediation / Orchestration Service Registration / Discovery Time Messaging / Middleware User Assistance / Interface (portal)
Other Enterprise Services
Resource Management Collaboration Security Application Hosting Information Discovery Storage
Network Infrastructure
(i.e. LAN)
Long Haul Communication Infrastructure
(i.e. WAN)
Enterprise Network Implementation
Path to the Future through FORCEnet
PMW160 Next Gen Products
Service Oriented Architecture
Mission Planning Service C2 Service ISR Service DCGS-N Service Others
Information Assurance
identity messaging messaging
E2E Engineering E2E Engineering
Core Enterprise Services
orchestration registration discovery
CENTRIX INC I ISNS INC II CDS CND INC I Crypto Mod
mediation discovery
MLS/Distributed Computing Servers/Clients
Routing and Switching Subsystem
Connectivity
ADNS INC III
6 What Technology Gap Prevents Us From Achieving This Today?
Network Management
CANES Compose 4.X
Intelligent, Automated Business Rules
mediation authentication
Todays Generic Architecture Integrated Shipboard Network System (ISNS)
Services Internal to the System
E-Mail Web Browsing Network Management Account Management Directory Services Print Services File Transfer File Compression Chat Office Automation Security Video TELCON
LAN Drops
GCCS-M Unix Server, Etc
Backbone Switch Backbone Switch Edge Switch
ADNS
INE
Enclave Router
Dual Homed Backbone Switch(es) w/UPS
Expanded Edge Switch (concentrators) Router Inline Network Encryptor (INE)
To RF Off Ship
ISNS Server Racks
Architecture is duplicative for GENSER/SECRET & UNCLAS Enclaves
A Certified, OPEVALed Shipboard Network Architecture Already Exists
New Desired Networks Capabilities
Keep intruders off the network and prevent network attacks Higher availability or survivability Ability to recover from disasters and network attacks Minimize requirements to administrate the network Cross Domain Solutions and coalition interoperability Core network services for ubiquitous information access Reduced weight, space and power Improved network access and data rate New Enterprise Services
Wireless mobility Software management Identity management
CANES Final End Goal Network Design
Collapsed Multi security level network
Phone
UNCLAS & Secret Wireless UNCLAS SCI
UnclassSCI servers
Cryptainers Data Storage
SAN
Cryptainers Data Storage
Unclass - SCI clients** Clients include PDA and vice type devices
Requires CDS SOA solutions be available and accredited
FY08 FY09 FY10 FY11 FY12 Target CDS Technology
Thin Clients Managed PCs Multi-Level Thin Clients
CENTRIXS/SIPR CENTRIXS/SIPR/SCI NIPR/CENTRIXS/SIPR/SCI
Multi-Level Servers and CENTRIXS/SIPR NAS CENTRIXS/SIPR/SCI NIPR/CENTRIXS/SIPR/SCI
MLTC NetTop (1.3) Integrity PC/HAP Trusted Services Engine/ NetTop Server TSE/JCDX TSE/NetTop server
When technology would be (is) mature and certified Technology not available or accredited for desired security levels
Accredited solution which enables single multi level security network is not available until FY12
9
Proposed CANES Increment 2 Design
UNCLAS Wireless
Data SAN Data Data SAN SECRET / S/REL SECRET Servers
UNCLAS PC
UNCLAS Servers
Phone
Multilevel Clients
Data
MLTC Secret Data PC S/REL Data SAN S/REL Servers
Data
Data
SCI
Data SAN SCI Servers
Data
PC
10
CANES
Increases War Fighter Network Capabilities
Availably & Survivability
Manning
Core Enterprise Services
Availability Security
.99 Ao Mission critical Automated IAV
Training
Common
equipment Common configuration
Duplicative Ships
Networks
SLA guarantees Single upgrades vice
individual upgrades
Single Points of Failure
Redundant server
design
patching Detecting intruders Managing rogue access
Administrators
Automated software
installs Automated reconfiguration and network monitoring
Shipboard Equipment
Installed
Scalable network
design
SINGLE Set Of COMBAT SURVIVABLE, Secure Shipboard Network Services For ALL Platforms
11
Proposed CANES Increment I
Replaces ISNS Increment two
Navy & Marine Embarkable shipboard wireless
Workstation mobility
Automated, higher reliable, faster servers backup & restore
Disk-Disk data backup
Application Service Provider (Application Hosting)
Replaces current server farms to host services and/or applications for other programs/projects, provides Blade flexibility Also referred to as "Advanced Server Concepts"
S/W Mgmt (COTS Patch Management)
Software Distribution License management Inventory management
Increased Security S/W
Limit permissions based on group policies look for unauthorized code
12
CANES
ISNS INC One Plus Wireless Disk to Disk Data Backup ASP (Application Hosting)
Replaces current Server Farms to host services and/or applications for other programs/projects, provides Blade Flexibility Also Referred to as "Advanced Server Concepts"
S/W Mgmt (COTS Patch Management)
Need to Determine where this fits in w/COMPOSE Roadmap
Increased Security S/W
Need to Determine where this fits in w/COMPOSE Roadmap Ability to Lock Down Desktops, look for unauthorized code
Honorable Mention Increased Survivability, EMIO Wireless, SOA
Not Under Review - Significant RDT&E and/or OPN to implement
CVN78 CANES 7300 Updated To Reflect Inc TWO
13
CANES Analysis Addressed
PR09 / POM10 issues for SCI and SUBLAN Affects on FY06 and FY07 Avoid NT EOL, WIN 2K EOL (Jun 2010) XP EOL (~Dec 2011) Avoid hardware obsolescence ATM, 100MB, and Legacy GIG-E
All ATM Ships get upgrade to Gig-E by FY11
Server/PC Client Refresh Support for currently fielded systems cannot be ignored
14
Portfolio Approach
1. NNWC, PEO C4I & Space and OPNAV Triad prioritized list of capabilities 2. Cost each capability 3. Platform cost base on fielding plan 4. Identify sources of funding within the SCA programs 5. Trade off capability, platform and sources of funding Capability Cost
Balanced Portfolio
Sources of Funding
Platform Cost
15
Triad Priority 1 Capabilities
* Capabilities within priority are not ranked any particular order
16
Triad Priority 2 and 3 Capabilities
* Capabilities within priority are not ranked any particular order
17
CANES Increment Details
Three increments for CANES based on affordability of the network portfolio 1. CANES Increment I
Required because we cannot wait until FY11 to add new fleet network capability Increased capabilities on Secret and Unclassified enclaves only IOC FY09 FOC: Cut over to Increment II, therefore do not reach a true FOC of Inc I
2. CANES Increment II
Covers all security level Provides funded priority one capabilities IOC FY11 FOC FY18 IOC FY14 or beyond Program plan still in development Same design as shown as end goal
18
3. CANES Increment III
Summary
PMW 160 is designing and implementing next generation networks
Common afloat networks (CANES) Shipboard wireless connectivity
CANES End-State - Full Service Provider for C4ISR Wireless capability is a key component of CANES
Initial analysis recommends a mix of wired and wireless Further technical and cost analyses required
Look forward to closer working relationships with ALL PMWs to quantify and define YOUR future requirements
19
Parking lot
20
WLAN Architecture
(Notional architecture)
21
Extended Maritime Intercept Operation (EMIO) Wireless Reach Back
OPERATIONAL NEED
COMSECONDFLT 041359Z OCT 05 - Numbered Fleet Top Ten IT Requirements - Requirement #10 COMUSNAVCENT 011219Z OCT 05 Maritime Security Operations End Game Enablers (Classified msg) USS INGRAHAM 241756Z JUN 05 - Lessons Learned JTFEX 05-4 VBSS Biometrics (Classified msg) IDS-MD CDD (Draft) N767 Program Sponsor Investment buys:
Capability to wirelessly extend the Shipboard Network and integrate MIO collected data through one data pipe into ISNS into a single scalable extensible solution Integration of multiple types of collection hardware solutions and various data types
IMPACT IF NOT ADDRESSED
Plan B Delay start to FY08 using ISNS POM funding Maintain Status Quo
PROPOSED SOLUTION
Technical Readiness Level: TRL 7+ FORCEnet Integrated Baseline Category 4 New program born compliant Wireless policies and standards are in place and are sufficiently mature NETWARCOM has approved wireless waivers when DoD and Navy policies have been followed Testing and accreditation will be performed to meet all military requirements, interoperability, and system certification. Multiple MIO collected data types will be transmitted via the Wireless EMIO Reach Back solution Integrated into ISNS on the Arliegh Burke class (DDG-51)
BUSINESS CASE
Acceleration of a technology to meet an emergent need High return on investment: Improved capability exportable to other Services where wireless transmission of data is required to accomplish similar requirements Solution will be based on integration of mature COTS standards and equipment Supports Force Protection during EMIO Operations: Current operation is extremely dangerous. Maintaining status quo extends overall EMIO timeline by 2 years and exposes boarding teams to increased risk during operations when RHiB is taken off station and used to ferry data between the team and the Host Ship.
22
Service Oriented and Event Driven Environment
MA / COI Users
Afloat Ashore Warfighter Business Intelligence
Enabling Services
Security
Identity Management
Enterprise Services
Collaboration Content Delivery Application Hosting Storage Discovery
Enterprise Catalogue Federated Search
Messaging & Presence
COI Services
GCCS-M NTCSS Navy ERP
AGEIS
Machine-to-Machine
Mediation
Metadata
DPAS AIS
Alerting Discovery
Service, People & Device
User Assistance (Portal)
Tactical Disadvantaged Users
Enterprise Service Management Real-Time Services
23
ADNS Provides
Pre Increment I
1988-1997
IP over RF
Increment I
1997-2004
Increment II
2004-2008
Increment III
Future
Transition from Proteon to Cisco Routers
Increment I Capabilities plus:
Increment II Capabilities plus:
Shipboard IP Network
Integrated Transport of Multiple Security Over Single SATCOM Path
Traffic Distribution Over Multiple SATCOM Paths
Cipher Text Routing & IPv4/IPv6
Router Architecture IP EOC II
Dynamic Fail-over Between Links USMC Amphibious Network Support Network Management & Monitor
AN/USQ-144B(V)2/4 AN/USQ-144C(V)2/3/4 AN/USQ-144D(V)1/2/3/4 AN/USQ-144E(V)2/4 AN/USQ-144F(V)2 AN/USQ-144G(V)2/4 AN/USQ-144(V)5
Flexible Bandwidth Guarantee Application Prioritization Application Level Monitoring
AN/USQ-144D(V)1 AN/USQ-144H(V)2/4 AN/USQ-144J(V)2/4
25 / 50 Mbps Fully Connected Converged IP
TBD
24
Multiple Serial or Network Channels
Multiple Input Sources
Multiple Input Security Levels
SI GCCS-M
Multiple Output Security Levels Radiant Mercury
IPL STONE GHOST
JWICS IPL
OTH-Gold COP NITF Imagery RHR TRE/TRAP Automated Guarding & Sanitization Content Validation TRE TAB S&W Oilstock Plots Wrangler Messages AIS
Serial
Network
NITF Imagery
Rel GCCS OTH-Gold COP SEW-D TRE TAB S&W GENSER GCCS-M OTH-Gold COP Oilstock Plots Messages TDP SIPRNE T
Addressees e
Network
Releasabl
NSANE T
Digital Signature Validation
UNCLASS
25 RHR = Reliable Human Review
Logical System Diagram (Afloat)
Legend
Backbone Boundary Acquisition
Wireless Nodes Telephones
Wireless Devices PCs
Wireless Nodes PCs PCs
Wireless Devices
Peripherals
Peripherals
A D N S
Copernicus INMARSAT
SBU(Unclas)
GENSER SCI Coalition Top Secret HM&E C/S Others
PPL/SSIL/QPL
NT Server Network Management Workstations
Products
Network Storage VOIP HM&E Networks
ICAN SWAN
NT Server Web Apps E-mail
NT Server Web Apps E-mail Network Storage
NT Server Web Apps E-mail Network Storage
UNIX Server
VTC Embarkable Networks
Combat Systems Networks
ACDS AWS
Voice Networks
PVCS SATCC
NAVAIR Networks
ISIS CASS
Modems
WINSALTS RADCOM
Other TELCOM
Non-Shipboard Networks
26
Notional Network and Computer Architecture Vision (from Open Architecture brief)
Non-real-time External e.g. IT21 Tactical Displays Tactical links Embedded & legacy e.g sig pro
R Administrative unclassified K Layer 2/3 switch/router
Link broker
Security gateway
R F e d e r a t e d Primary real-time computing High security enclave Interconnect domains
High avail. switched Std. LAN Noncritical
I n t e g r a t e d
S t o r a g e
Unique domains e.g. HM&E sensors Security domains
Unclassified System high Limited access
Routed link
KG / TAC LANE
27