270 likes | 463 Views
Purpose. To discuss how to improve NetOps in Southwest Asia inspired by Thomas Friedman's book ?The World is Flat." . Agenda. The Premise of the World Is FlatNetworks are JointThe Primary NetOps organizations in SWAUSCENTCOM Five NetOps Functional AreasFlattening NetOps Functional Areas
E N D
2. Purpose
To discuss how to improve NetOps in Southwest Asia inspired by Thomas Friedman’s book “The World is Flat.”
3. Agenda
The Premise of the World Is Flat
Networks are Joint
The Primary NetOps organizations in SWA
USCENTCOM Five NetOps Functional Areas
Flattening NetOps Functional Areas in SWA
NetOps Reporting
Information Systems Operations
Network Engineering
IA & CND
Knowledge Management
Example of Flattening - Active Directory Consolidation in Iraq
Summary and Suggestions
Questions and Comments
4. The Premise of the World is Flat
In a flat world information is readily available at any location. Assuming adequate connectivity to a network an organization can improve its capability and/or efficiency by several means. However, the inference is the following must be true for SWA:
Our networks and information systems have to be “flat enough”
NetOps organizations have to trust each other – networks and systems don’t have clear borders which will create conflicts in ownership
If the above are true an organization can gain efficiencies by:
Outsourcing – is there a place where some work can be performed at the same level, and more efficiently?
In-forming – ensuring that all people with requirements have access to all information that is pertinent to them, because dissemination usually requires centralization
Identifying and eliminating redundancy – gets rid of unnecessary layers, creates efficiency and speed of response
The good news - NetOps in SWA works, people have the best communications ever available to a warfighter, but can it be better?
5. Networks are Joint(but Joint doesn’t make them Flat) All networks are joint, because DISA owns the Tier 0 - the problem is how do we establish a proper and flat relationship between joint NetOps organizations and service or component NetOps organizations to prevent redundancy and promote good relationships between communication organizations
Services provide portions of the network, especially for all regions not associated with a JTF, e.g. Qatar, Bahrain, Kuwait, Oman, Kyrgyzstan
Service NOSCs are permanent (or more enduring)
They have an established network relationship with units deploying from their service
They are supported by a global NOSC (NTOs)
They are more likely to have a common toolset
JNCCs are stood up to provide adequate NetOps support for a JTF and therefore:
Are “one-off” based upon the mission – they don’t exist before or after the JTF
Specialists in understanding client-server relationships
Have portions of their network and services provided by the more permanent service organizations
Gap fill for needs
Create new seams in ownership in the network when they are stood-up -because they are new
6. Primary NetOps Organizationsin SWA (Joint and Service) TNC CENT – the combined TNCC and TNC for SWA, TACON to USCENTCOM
JNCC-Iraq
Handles all TLA stacks in Iraq (minus Air Force and Marine)
Manages the Iraq and Iraq-s Forest
Manages and/or monitor IA/CND for Iraq
24x7 Operations Center
JNCC-Afghanistan
Handles intra-Afghanistan routing
DAA Authority over systems (e.g. firewalls, patching)
Splits management on the Afghan Domain
Receives multiple services from the SWA TNOSC
SWA TNOSC
Provides NetOps support for Army components in SWA
Handles all TLA stacks for the Army outside of Iraq
Runs the SWA Forest for Kuwait, Afghanistan, Qatar and Bahrain 831st
Provides IDS for SIPR, NIPR to include Iraq
ACCC/NOSC
Handles all Air Force TLA stacks
Provides CSIDs for all stacks in theater
Handles all Air Force IA/CND
Provides the CENTAF Forest
8. CENTCOM NetOps Functional Areas
10. Flattening NetOps Reporting All NetOps organizations need to see all NetOps information that applies to them, this requires seams to be removed in reporting (compatible information)
Network Monitoring Tools can be different, but must be compatible
Both tactical and fixed/commercial organizations must provide SA
SA must be available to all NetOps organizations that need them - flat
In a joint and flat world there is always more than one person to report to,
Requires a standard reporting schema
Two NetOps organizations may track the same issue, but might have different requirements for SA
The goal should be to have the unit make one report available to many recipients
The information must be correct and detailed – it must be flat (available)
Multiple entities must have the permissions to contact the reporting agency
There must be a RFI process – the ability to get answers to questions rapidly, without having to go through multiple layers of command, one question – one answer
All organizations must understand the requirement to make information available and respond to questions, and follow centrally well defined CCIR
12. Flattening Network Engineering The network requires fewer players in the TLA stacks – its not a specialty skill, and it should be done by the services
There will be TLA stacks in Oman, Kuwait, Qatar, Bahrain, HOA, Sinai, Kyrgyzstan
TLA stack administration should be centralized – lots of redundancy
The military needs to centralize experts
The services are in cheaper areas, contractors cost 50 to 66% in Kuwait and Qatar when compared with Iraq and Afghanistan
TLA stacks and enterprise management can be outsourced, but
The JNCCs will need local support
The support must be in the same time zone, to be responsive
In a flat network, Qatar and Kuwait should be the primary sites because the sites are more enduring, cheaper to man, have better connectivity - and in a flat world could COOP each other
14. Flattening Computer Network Defense Minimizing domain and forests in an AOR is critical to having uniform and controllable security policies in that AOR
There is only one RCERT in the theater – it responds to Tier 1.2 IDS tickets from the Army – this should be leveraged for the entire theater
Data storage, CAC/PKI implementation and Switch Security need to be standardized
lack of standards is hurting security, especially below the Tier 2
only the chain of command has the enforcement function
this requires JNCCs to control their information resources within their AOR
In a flat SWA world, standards and policies for the minimum standard must come through one source – that should be the Combatant Command,
service policies can be stricter, but not less than the CC policy – should be coordinated, the CC is the only organization that everyone recognizes
must reduce waivers, because of the weakest link problem
16. Flattening Content Staging and Information Management Defined here as “ensuring the warfighter has the right information at right time” - the most important of the pillars – all others enable this
This is the “specialist skill” of a JNCC, and therefore they need NetOps SA and control of local NetOps systems
Only a JNCC can provide an understanding of all the component networks and systems, this is important for:
determining operational impact
providing NetOps information for communications integration
coordinating ASIs that affect multiple services
ensure redundant paths
obtain provisioning and trend analysis information – to allow better data flow
Neither the SWA TNOSC or ACCC/NOSC are manned to provide true knowledge management, which requires a direct interface to operations centers.
All implementations require the services as supporting organizations to be responsive to the prioritization of the JNCCs (only they can gain a true understanding of the priorities)
19. Flattening Information Systems Operations Lack of unity in an Active Directory (AD) structure creates problems. For example, there are problems with multiple domains in Iraq.
Creates security inconsistencies (SMS/WSUS)
Violates Netcentricity by creating seams in Single Sign On and information access
Hinders the use of two factor authentication (CAC/PKI)
Requires additional servers and system administrators
Leads to baselining
In contrast a unified AD structure leads to Netcentricity,
Allows for confirmable and consistent security policies with accountability
Eases system administration – you can see the seams between systems
Allows single sign-on and access to information
Saves money (system administrators and servers) – and simplifies identifying redundancy
Increases mobility - users can have an account throughout an AOR
26. Summary of The World is Flat
In SWA NetOps the functional areas are tightly integrated, but all are done differently by country, and by organization – this requires great coordination and flattening of information
Often the biggest problem is the lack of trust between organizations. In extension all organizations feel they have to control something for it to be responsive.
There are many reasons to flatten SWA NetOps:
Makes a more user friendly and available network
Leads to a better and more capable network
Allow for the establishment of a true NetCop
It provides better, more responsive, uniform and controllable CND
It would save millions of dollars
It allows for concentration of expertise
It makes it easier for units and personnel to move in the theater
It makes it easy to identify redundancy