310 likes | 988 Views
Status of the Network. CAPT Kevin Uhrich NETWARCOM Special Assistant for Strategic Business Planning kevin.uhrich1@navy.mil (757) 417-6730. 2004 Strike, Land Attack & Air Defense Annual Symposium 29 Apr 2004. Mission Statement.
E N D
Status of the Network CAPT Kevin Uhrich NETWARCOM Special Assistant for Strategic Business Planning kevin.uhrich1@navy.mil (757) 417-6730 2004 Strike, Land Attack & Air Defense Annual Symposium 29 Apr 2004
Mission Statement “Naval Network Warfare Command enables the Fleet to fight and win inthe information age. We deliver and operate a reliable, secure and battle-ready global network. We lead the development and integration of Information Operations capabilities into the Fleet"
Topics • Mission/Priorities • Enterprise View • Operational Model • Network • Path • Application • Security • Allied/Coalition Initiatives
Navy Enterprise View • People: 377,459 Active duty 148,586 Ready Reserve 182,386 DON Civilians • Networks: 290,000 seats NMCI (planned) (172,506 seats rolled through 4/18/04) 60,000+/- seats IT21 35,000+/- seats BLII OCONUS Goal: Reduce the number of Legacy Networks ASAP!
The Network • Issue:The Navy must transform from a regional Communications Command and Control (C3) structure into a global C3 structure to most effectively support STRATCOM’s Global NETOPS CONOPS • Objectives: • Develop a C3 structure that will better support the emerging unified command structure. • More efficiently manage/monitor/operate global Naval voice, video, and communications systems. • Capture manpower and budgetary savings by using current and future communication technology. • Way Ahead: Operate and monitor all navy C3 functions from a single location under one overarching umbrella; the Navy Global Networks and Security Operations Center (NGNOSC).
The Path • Upgrade to IP • Reduce/eliminate legacy infrastructure • Consolidate functions • Make use of existing and future Joint solutions
BLII / IT-21 / NMCI Rota, Spain Local Network London, England Operations Local Network and Operations Security Center and (LNOSC) Security Center (LNOSC) Bahrain Naples, Italy Information Technology La Maddalena, European Central Naples, Italy Security Center Sardinia Region Theater Network (ITSC) Local Network Network Operations Operations and Operations Center Security Center and (ECRNOC) (TNOSC) Security Center IT-21 (LNOSC) Bahrain Indian Ocean Region Sigonella, Sicily Souda Bay, Greece Network Operations Local Network Local Network Center Operations Operations (IORNOC) and and IT-21 Security Center Security Center (LNOSC) (LNOSC) Misawa, Japan Information Norfolk, VA Technology Sasebo, Japan DISN Outreach Center Information Technology NIPR/SIPR Unified Atlantic Region (ITOC) Outreach Center Network Operations Center Connectivity (ITOC) (UARNOC) IT-21 Atsugi, Japan Information Technology Outreach Center Yokosuka, Japan Diego Garcia (ITOC) Norfolk, VA Information Technology Information Technology Navy/Marine Corps Security Center Outreach Center Intranet (ITSC) (ITOC) Okinawa (NMCI) Information Technology Outreach Center (ITOC) Wahiawa, HI Pearl Harbor, HI Pacific Region Navy/Marine Corps San Diego, CA Network Operations Intranet Navy/Marine Corps Center (NMCI) Intranet Singapore Korea (PRNOC) (NMCI) Information Technology Information Technology Server Farms IT-21 Outreach Center Outreach Center Guam (ITOC) (ITOC) Information Technology Outreach Center (ITOC) Server Farm Server Farm Network Topology Electronics, servers, Routers = 2,612 ~ 850 buildings ~ 42K NIPR/SIPR drops
Applications • Manage Applications Enterprise wide • Echelon I FAM’s • Reduce Legacy Applications/Dual Desktops • NMCI first, IT-21 and BLII second • Speed up testing process
Core Mission…Network Security #1 and #3 NAVNETWARCOM Priority Secure Network Operations & Readiness IT 21 NMCI BLII OCONUS Legacy (operational, Genser networks) Policy, Doctrine, Governance of Naval Networks (to include DAA)~Provide oversight & Guidance to Navy Enterprise for IA/CND
Network System SecurityEngineering Roadmap for the Future !!!!! Internet Modem User Fleet Router Computer-Network Situational Awareness Navy Enterprise View ITSC NAPLES/ GNOC/ ITSC FAR EAST ECRNOC ITSC BAHRAIN/ UARNOC Mission Centric View !!!!! !!!!! NMCI RNOC/ IORNOC !!!!! !!!!! PRNOC Command View !!!!! San Diego NMCI RNOC Computer-Network Defense Management Threat Risk Assessment Vulnerability Assessment Policy Provisioning Operation Performance Configuration Management Computer Network Defense in Depth Computer Network Defense in Depth Network Intrusion Detection Sensor Embedded Firewalls Host - Based Intrusion Detection Sensors Information Assurance Security Tools EFW HIDS Host NIDS IATK Ship Router MALICIOUS Insider
NETWARCOM plays leading role in Allied/Coalition Networks • Host to M2I2: Multinational Maritime IP Interoperability ConferenceCoalition Players and Releasability Levels: • GCTF – Global Counter Terrorism Force (REL GCTF) • CNFC – Combined Naval Forces Central Command (REL CNFC) • MCFI – Multinational Coalition Forces – Iraq (REL MCFI)
UNCLASS FOUO CENTRIXS Overview • CENTRIXS – Combined Enterprise Regional Info Exchange System • Different groups of coalition players & releasability levels have resulted in multiple CENTRIXS networks • DoD established CENTRIXS PMO in 2002 to coordinate coalition network efforts • Although CENTRIXS PMO funds all coalition networks, and all coalition networks now carry CENTRIXS name labels: • CENTCOM manages: CENTRIXS GCTF-1, CENTRIXS MCFI • PACOM manages: CENTRIXS Four Eyes (formerly COWAN A), CENTRIXS CNFC Virtual Private Network (VPN)
UNCLASS FOUO CENTRIXS Overview • CENTRIXS GCTF-1 • Designated as the maritime coalition network for CJFMCC forces in Dec 03 (CJFMCC msg 141048Z DEC 2003) • NAG MIO shifted from CENTRIXS Four Eyes to GCTF-1 • All US combatant ships are equipped for operation on INCHOP • Coalition nations have been requested “to equip their maritime forces with GCTF-1 capability for operation upon inchop” (nearly all are doing this). • Provides REL GCTF e-mail (w/attachments), web, and chat capability to any GCTF nation willing to invest in connectivity and equipment to connect to a node • Network equipment is widely distributed, with nodes at: • Pacific Region NOC in Hawaii (primary access point for ships)
UNCLASS FOUO CENTRIXS Overview • CENTRIXS CNFC Virtual Private Network (CNFC VPN) • Activated 29 Jan 04 (CJFMCC Msg DTG 260746Z JAN 04) • Substantial amounts of REL CNFC information are not REL GCTF, requiring a means to segregate CNFC info within the CENTRIXS GCTF-1 network. • CENTRIXS CNFC VPN provides REL CNFC web, e-mail & chat services utilizing the global CENTRIXS GCTF-1 network infrastructure. Separate VPN protected domain. • US and CNFC coalition ships now access the CENTRIXS CNFC VPN only (i.e., no longer have CENTRIXS GCTF-1)
The Bottom Line… • The Network = Weapons System • Weapons system is only as good as your security • Security is empowered by IA/CND and can be achieved by technology and accountability • Allied/Coalition Networks remain a CRITICAL part of our warfighter operations Warfighter’s lives depend on the network being secure.
NETWARCOM Priorities for 2004 • Network Ops & Readiness (Navy, Naval, Joint, Allied, Coalition) • Operationalize IO in the Fleet • Policy, Doctrine, Governance of Naval Networks (incl DAA) • Fleet Training (Networks, IO) • Enterprise Business Case (Plan, ROI, Metrics, Alignment, etc.) • Sea Warrior Development, Implementation & Integration • Joint Operational Architecture Dev & Coord (incl CONOPS) • Operational Agent for Innovation & Experimentation (incl Fn, IO, etc.) • Fleet & Naval Enterprise Future Rqmts Integration & Assessment • Joint Future Rqmts Integration & Assessments • Internal Claimancy Business Integrity, Resource Efficiency & Alignment
Strategic Business Planning • Created O-6 special assistant for Strategic Business Planning • Single POC for NETWARCOM organizational matters • Short term: manage re-alignment of FFC N6 and CPF N6 staffs into the NETWARCOM organization • Mid-term: manage phase 2 of the re-alignment, looking at other Fleet Commander N6 staffs and other TYCOM’s for efficiencies • Long-term: Establish key business processes and strategic planning objectives over the next 2-3 years • Think/decide/act to increase warfighting effectiveness and efficiency • Create a business plan and incorporate a human capital strategy into that plan
SYNCHRONIZATION GNOSC CJTF Phase 2 All IP Blk IP Core w/ATM CJTF Red Core w/NGM CJTF Phase 3 All IP Black Core Shooter/Amphib Phase 2 All IP Blk IP Core Transition Combatant Blk IP Core w/ATM Shooter/Amphib/Std Phase 3 All IP Black Core Standard Phase 2 All IP Black IP Core Standard All IP Blk IP Core Transition Teleport Gen I Teleport Gen III Teleport Gen I Teleport Gen II Teleport Gen II JNOSC NOSC SIM Near Term STD Arch\ Automation Remoting Consolidation M&C Messaging VOX Video BLII 2 GNOSC NCTAMS as RF Gateway Enterprise M/M HAIPE(V)2 Teleport IP IPV6 IP Term DATMS Ends Black Core TCA JTRS CL1 WNW JTRS AMF WNW/MUOS TCS AEHF DSCS WGS > 2Mbs GNOSC Joint//JTA 42 Sites GNOSC 12 08 09 11 07 04 15% 06 13 10 14 05 35% % Navy Integrated to GIG/GIG-BE
Will We Ever Be Secure • Why are we vulnerable? • Increased Threats? • Attackers? • Cyber Incident Trends?
Network Security Division • NETWARCOM = NAVY DAA • Functional alignment combining DAA, IA & CND • Subordinate Activities performing IA/CND Mission • Provides situational awareness of Enterprise. • Security Health • Readiness • IA Posture • Threats
IA/CND Responsibilities • ISO Genser Networks (up to Secret) • Standard policy and guidance • Centralized Management/decentralized implementation • IATC/IATO/ATO Management • Boundary Security/Firewall/IP Block List Management • Direct DAA Compliance and CND Operational Testing • SI Networks – TBD
IA/CND Strategy • PDD-63, OSD IO Roadmap, CIP and JV2010 • CND (Computer Network Defense) • Protect, Detect, React and Recover • Industry Best Practices • Tactics, Techniques, and Procedures • Certification & Accreditation (C&A) • DiD (Defense in Depth) • CNDiD (Technology, Processes, People, Intel) Tools, Situational Awareness, Training and I&W
IA/CND Strategy Actions • Accountability = BECOME RUTHLESS • Align Fleet IA/CND Requirements, Resources for CNDiD Architecture • Refine prioritized CNDiD Architecture • Align with IO Roadmap • Participate in IA/CND Solutions WG
IA/CND Strategy Actions (cont.) • 5 VM for IA/CND • NETC - HP Center to identify training solutions • Civilian Equivalency • Inherently Governmental? • Knowledge Management • SYSCOMs engineer security and training into systems development • Metrics for ROI analysis • Risk Management • Technology/Ops Capabilities vs Security vs $$$
Current FIWC IA/CND Role • Navy Red Team Testing and Support • DONCIO CIP NIVA • NMCI DAA and SLA • IA technical expertise for OPTEVFOR • Fleet Battle Experiment (FBE) • Fleet CND Training Team • IA/CND FRP and IDRC • CND deployer assigned to all CSG’s and ESG’s
Current NAVCIRT IA/CND Role • NAVCIRT – Central authority for enforcement of Navy CND policies • Incident Handlers/Forensics • Local and Onsite NCIS Agents (quick reaction) • Intrusion Detection System (IDS) Monitoring • Respond to Navy incidents worldwide • Trend Analysis • IAVM • On Line Surveys (OLS) • INFOSEC
Top Challenges • Accountability - Compliance visibility insufficient for risk assessment • IDS • IAVM • PKI • Newer technologies present vulnerabilities…. • STIGs break systems • Education, Training and Certification
Top Challenges (cont.) • Web-based Issues – too much info • Poor Physical Security and Practices • Configuration Control/Account Management • Poorly secured external Connections/VPNs/ Backdoors • Allied/Coalition Networks Interoperability • CND actions within Navy Enterprise • Testing and implementation unbalanced