1 / 36

Developments in the NII - communication services - December , 2009 UNIS - TEM Dec 2009

Developments in the NII - communication services - December , 2009 UNIS - TEM Dec 2009. Rob van Engelshoven Rob.van.Engelshoven@nc3a.nato.int. Overview. NCI Architecture DCIS TA, NGCS TA, ISAF NCI subsystems Voice service, Protected Core, QoS , SLM DCIS, Satellite and ground systems

elden
Download Presentation

Developments in the NII - communication services - December , 2009 UNIS - TEM Dec 2009

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Developments in the NII- communication services -December , 2009UNIS - TEM Dec 2009 Rob van Engelshoven Rob.van.Engelshoven@nc3a.nato.int NATO UNCLASSIFIED

  2. Overview • NCI Architecture • DCIS TA, NGCS TA, ISAF • NCI subsystems • Voice service, Protected Core, QoS, SLM • DCIS, Satellite and ground systems • Federation • Recommendations NATO UNCLASSIFIED

  3. Overview • NCI Architecture • DCIS TA, NGCS TA, ISAF • NCI subsystems • Voice service, Protected Core, QoS, SLM • DCIS, Satellite and ground systems • Federation • Recommendations NATO UNCLASSIFIED

  4. Aspects of the new NCI architecture • Service catalogue • Converged IP network IPv4/6 • QoS control architecture • Move to a Protected Core (Pcore) • MPLS in the NATO Pcore • Service Level Management • Architectures : NCRA Ed1 and SGRA Ed2 NATO UNCLASSIFIED

  5. Operations & CIS infrastructure NATO Business processes (OAA) SLA Networking and Information Infrastructure (NII) NATO UNCLASSIFIED

  6. NII in the NNEC CIS stack (subset DOTMPLFI) Users & Missions Information Assurance Service Management Control Community of Interest InformationIntegration Communications NATO UNCLASSIFIED

  7. Service Catalogue (2010) - main services • Customer facing services : • (secure) voice • Audio conference • (secure) VTC • Telefax • Service Desk • IP-data service • Circuit emulation (TDM over IP) • L2 point-to-point • WAN access for user domain • Wired Pcore interconnect • Satcom OTA Pcore interconnect • Radio OTA Pcore interconnect NATO UNCLASSIFIED

  8. NCI architecture • Core : transport system - Protected Core Network (PCN) • Access to the Core • EoIP & Circuit emulation subsystem • QoS control system • Service Level Management • (Secure) voice/VTC system • Secure IP subsystem • NU/NR IP subsystem • User system access • Other subsystems…. See NGCS TA • DCIS • SATCOM NATO UNCLASSIFIED

  9. Relationship between Ref. Architectures NATO UNCLASSIFIED

  10. NATO Communication Infrastructure NATO UNCLASSIFIED

  11. NATO Communication Infrastructure NATO UNCLASSIFIED

  12. Intra Nodal Perspective NATO UNCLASSIFIED

  13. Overview • NCI Architecture • DCIS TA, NGCS TA, ISAF • NCI subsystems • Voice service, Protected Core, QoS, SLM • DCIS, Satellite and ground systems • Federation • Recommendations NATO UNCLASSIFIED

  14. The Protected Core Segment • Protected Core segments can be federated to form a Protected Core (Pcore) • Reference to PCN briefings NATO UNCLASSIFIED

  15. NCI : Interconnection of security domains Protected Core Network • IP QoS : • Real-time data • Near-real time data • Interactive • Bulk transfer • Best Effort • Critical system data Network Protocol Discontinuity NATO UNCLASSIFIED

  16. High availability WAN NATO UNCLASSIFIED

  17. NATO’s Satcom Protected Core Segment (PCS – terminals view) NATO UNCLASSIFIED

  18. NATO’s Satcom Protected Core Segment (PCS – router view) NATO UNCLASSIFIED

  19. Protected Core Node NATO UNCLASSIFIED LP : Link Protection

  20. Interface with nations NATO UNCLASSIFIED

  21. Key Service Interoperability Points NATO UNCLASSIFIED

  22. PNG1 - Scenario 1 (2010) NATO UNCLASSIFIED

  23. Service Management scenario 1 (2010) NATO UNCLASSIFIED

  24. SATCOM SATCOM NATO UNCLASSIFIED

  25. Deployable CIS (DCIS) • Based on NCI networking principles • Service catalogue • QoS control architecture • Service level management (central - stand-alone) • Transportable - 5 days notice to move • Configuration templates • BC protected • In support of NATO NRF (DJSE concept) • Large and very small nodes (ORLT) • SATCOM reach back and in-theatre connectivity • Tier 1, Tier 2, Tier 3 and Tier 4; NATO UNCLASSIFIED

  26. Interface roadmap opportunity NATO UNCLASSIFIED

  27. Guidance to nations • Interfaces • SIOP1,2,3,4,5 • Service catalogue • Definitions, KPI, KQI • Service Performance targets • Reference circuits • Management requirements • B-2-B interface, Content, definitions • Trust relationships • Protected Core Network (PCN) • Policies and Concept of employment (Conemp) • Cost share, process • Roadmap NATO UNCLASSIFIED

  28. Conclusions • Service Oriented Approach • service definitions • Service delivery Points • Service Level Agreements • Service Level Management • Slow migration to IP-convergence • Limited support in IP-crypto - NINE ISPEC2 • Limited NATO SLM • Limited QoS control • Push uniform & automated control • QoS enabled IP • SLM - SLA • MPLS NATO UNCLASSIFIED

  29. Conclusions (cont'd) • Required developments • Cross security domain management • Guidance Package for nations about federation of communications • Essential to build a trust relationship NATO UNCLASSIFIED

  30. Roadmap NATO NATO UNCLASSIFIED

  31. Questions? NATO UNCLASSIFIED

  32. Back-up slides NATO UNCLASSIFIED

  33. PNG1 - scenario 2 NATO UNCLASSIFIED

  34. PNG1 - scenario 3 NATO UNCLASSIFIED

  35. SIOP1, SIOP2 • 1000BASE-SX ethernet • L2 802.1Q (VLAN) • L2 802.1X • PKI authority • Certificate based authentication • 802.1 X port based auth. (EAP-TLS) • Management • SLA template • SLA management (KPIs) • Performance/fault reporting per VPN • Policing/shaping NATO UNCLASSIFIED

  36. SIOP5 • IPv4 address harmonization • 802.1X may avoid the BPD, to be verified NATO UNCLASSIFIED

More Related