1 / 19

DMS-Army Classified Messaging Concept

0. 10. 70. 60. 20. 50. 30. 40. DMS-Army Classified Messaging Concept. Introduction. To Get Off AUTODIN, must have up to TS/SCI DMS messaging capability Classified messaging is a small but critical C2 segment of total Army DMS traffic

nasnan
Download Presentation

DMS-Army Classified Messaging Concept

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. 0 10 70 60 20 50 30 40 DMS-ArmyClassified Messaging Concept

  2. Introduction • To Get Off AUTODIN, must have up to TS/SCI DMS messaging capability • Classified messaging is a small but critical C2 segment of total Army DMS traffic • Most “classified” DMS users receive only a small volume of classified traffic on an infrequent basis • 18,000+ Army DMS users will require access to classifiedmessaging • (approximately 5% of total user population)

  3. SBU to TS/SCI NIPRNET SIPRNET JWICS F F F F+ Applique High H A Assurance G Guard Firewall DMS Vision vs. Reality Original DMS Concept Current DMS Reality Writer-to-Reader messaging Over 3+ communications networks operating at different security levels Using Fortezza cards Protected by new electronic guards Running on networks equipped with firewalls

  4. Classified Messaging Concepts • Army DMS users will access their classified messages via: • SIPRNET LAN connections • SIRPNET Dial-Up (D/U) connections • Advanced security networking technologies • A combination of the above • DMS classified messaging components will be fielded at: • Army ACCs • Installations with more than 50 users

  5. Multi-level security is not available today nor in the foreseeable future Incremental Capability • Initial Classified Operational Capability • Provide access to Secret classified message traffic in a garrison environment using existing DMS and MISSI products, policies, and procedures • Full Classified Operational Capability • Extend classified messaging capability to all operational environments (garrison/tactical) • Extend classified messaging capabilities to include TS/SCI

  6. Extend SIPRNET access to users by Extending current LANs Fielding STU-3s Employing INEs (Fastlane, Dragonfly, NES) Using emerging technologies SIPRNET Access Is Critical to Classified Messaging To receive classified messages using DMS... A user must have access to SIPRNET… Current Army SIPRNET access is very limited... Field DMS common user workstations at selected installations (CommCenter Model) OR USE A SMART COMBINATION OF ALL AVAILABLE OPTIONS

  7. 0 10 70 60 20 50 30 40 Implementation Options • Based on available products, three different implementation options have been developed Dial-Up Connections DMS CommCenter Classified Messaging Secure LAN Connections

  8. PUA SMS MLA MFI (option) (UA) (option) (option) LMTA X.400 Dial-Up Native Primary S Groupware Groupware M T Server Server P Native NIPRNET Firewall X.400 Primary PUA SMS MLA MFI S LMTA (option) (UA) Groupware (option) (option) M T Server LMTA P Native Native X.400 DOIM Native Primary Groupware Groupware S Groupware M Server Server PUA SMS MLA MFI T Server P (option) (UA) (option) (option) Native INE Virtual Network INE Secret LAN Secure Enclave Classified Messaging Topologies Dial-Up (164) ACC (5) Installation (124)

  9. Mitigating Implementation Risks • Find the right balance of solutions that will reduce risks to schedule and cost New SIPRNET Networks New Technology C O S T CommCenters Dial-Ups LAN Connections DO NOTHING T I M E & CAPABILITY

  10. Implementation Approaches • #1 - Barebones implementation • Put a single DMS common user workstation at every location (CommCenter Model) • #2 - Balanced capability implementation • Field DMS infrastructure and extend SIPRNET connectivity to installations with >50 users • Based on geographical location, operational criticality, and/or number of users, smaller (<50 users) installations may receive SIPRNET access and infrastructure components, e.g. Kwajalein, Ft Knox, or Dhahran • Installations with <50 users get the barebones approach with over the counter service • Installations with <10 users will get a single DMS workstation and individual SIPRNET accounts to access their classified messages

  11. Dial-Up - 164 Installations - 2,680 Users supported - $448,540 (installation) - $53,136 (fees/year) 0 10 70 60 20 50 30 40 Worldwide “Barebones” Implementation CommCenter - 124 Installations - 15,676 Users supported - $856,964 (installation) - $979,284 (fees/year) - $3,724,340 (personnel/year) All Solutions - 288 Installations - 18,356 Users supported - $1,305,504 (installation) - $1,032,420 (fees/year) - $3,724,340 (personnel/year)

  12. Dial-Up Virtual Nets - 164 Installations - 2,680 Users supported - $448,540 (installation) - $53,136 (fees/year) - 69 Installations - 14,185 Users supported - $25,615,555 (installation) - $297,504 (fees/year) 0 10 70 60 20 50 30 40 Worldwide “Balanced” Implementation CommCenter* - 55 Installations - 1,491 Users supported - $380,105 (installation) - $681,780 (fees/year) - $1,651,925 (personnel/year) All Solutions - 288 Installations - 18,356 Users supported - $26,444,200 (installation) - $1,032,420 (fees/year) - $1,651,925 (personnel/year) * CommCenter supports 10-50 users

  13. Mitigating Implementation Risks • Find the right balance of solutions that will reduce risks to schedule and cost Balanced Support Costs Initial Costs Capability C O S T Barebones Support Costs Initial Costs Capability T I M E & CAPABILITY

  14. DMS Workstation replaces existing AUTODIN TCC equipment and circuits with DMS components and SIPRNET connectivity Customers will receivetheir classified messagetraffic over the counter Dedicated 56Kbps SIPRNET connection F F ACC SIPRNET DMS Common User Workstation Current TCC Operators ASC AUTODIN Existing AUTODIN/TCC Equipment DMS CommCenter

  15. D/U access requires that a SIPRNET dial-up account be established and used to access classified messages Can be deployed using existing computers and SIPRNET connections Computer configuration and accreditation must be verified D/U configuration will normally be used to support from one and ten users ACC SIPRNET Dial-Up Capability (D/U)

  16. Uses advanced security products to pass classified messages over existing local unclassified LANs and the NIPRNET Can be deployed using existing computers and network connections VN configuration designed to support a single workstation which in turn can support multiple users ACC Virtual Networking Capability (VN)

  17. X.400 Native Primary Groupware S Groupware M Server T Server P Native SIPRNET PUA SMS MLA MFI (option) (UA) (option) (option) LMTA Firewall PUA SMS MLA MFI (option) (UA) (option) (option) LMTA NIPRNET X.400 Native Primary Groupware S Groupware M Server T Server P Native Virtual Networking Topology B2 certified virtual networking allows networks of differing security levels to be connected over the same physical cable SBU to Secret via SIPRNET and SBU via NIPRNET Installation DOIM SBU via NIPRNET SBU to Secret via SIPRNET SBU via NIPRNET Note: Concept based on Cryptek Secure Communications, LLC. dynamic virtual private networks

  18. F F F F Preliminary Installation Cost Estimates (1 of 2) Virtual Network Connection Dial-Up Terminal Computer No Cost STU-III (Mdl 1910) $2145 Fortezza Card No Cost PC Card Reader No Cost Hookup Charges $ 50 Other $ 540 $2735 Computer No Cost HD Upgrade & Convert $ 475 Network Card $1000 Fortezza Card No Cost PC Card Reader No Cost Other $ 328 $1803 Note: System requires one administrator console per 5,000 users at $10K per console Note: Unlimited dial-up SIPRNET access costs $27 per month Assumption - LAN access is provided at no cost Assumptions - 1. Since the user already processes secret and SBU material no further PC upgrade will be required. 2. D/Us will be used to support less than ten users Other charges include engineering and installation, training, and support Other charges include installation, test, initial consumables, transportation, and training

  19. F F Preliminary InstallationCost Estimates (2 of 2) DMS Workstation (Dedicated SIPRNET Access) Computer $2500 Printer $ 800 Fortezza Card No Cost PC Card Reader No Cost Hookup Charges $2500 Other $ 911 $6911 Notes: 1. Hookup charges include CSU/DSU, KGs, and key material 2. 56Kpbs SIPRNETaccess costs $1033 per month Assumptions - 1. Computer will be dedicated to providing classified messaging services 2. SEC is capable of handling XX messages per 8 hours Other charges include engineering and installation, training, and support

More Related