Presentation is loading. Please wait.

Presentation is loading. Please wait.

IEG Portfolio (Scenario A and B)

Similar presentations

Presentation on theme: "IEG Portfolio (Scenario A and B)"— Presentation transcript:

1 IEG Portfolio (Scenario A and B)
US-NATO Information Sharing (UNIS) TEM6 2 December 2009 Leon Schenkels NC3A Core Applications Core Enterprise Services (CAT7) NATO UNCLASSIFIED NATO UNCLASSIFIED

2 What is the IEG Manages and secures information services in between NATO and external organisations. (Supports multiple interoperability scenarios). Supports core and functional AIS services interoperability based on agreed standards. Provides flexibility, scalability and high availability. Complies with NATO policies, Major references: Infosec Technical and Implementation Directive for the Interconnection of Communication and Information Systems. NATO interoperability Directive (chapter 7) Guidance document on the implementation of gateways for information exchange between NATO and external CIS communities. NATO UNCLASSIFIED NATO UNCLASSIFIED

3 What are the IEG scenarios
NATO standardised approach to cross domain information exchange Several scenarios A: NS ↔ NS (Enclave) B: NS ↔ NATO Nation Secret C: NS ↔ Mission Secret D: NS ← (↔) NNN/IO Supports Core and Functional services NATO UNCLASSIFIED

4 IEG Architectural Approach
IEG developed as discrete components supported by generic infrastructure. Advantages: Re-uses the core services infrastructure Accreditation tasks are simplified (fewer components). Maintainable (minimises the number of additional proxies) NATO UNCLASSIFIED NATO UNCLASSIFIED

5 Information Exchange Gateway case A+B Symmetric IEGs


7 Phased approach to NATO RIEGs
Phased increase in security protection Step 1 (Scenario A implementation) Build network level infrastructure (Firewall, IDS) Local/central management as required Add web proxy services first, then (through Upgrade project). May require some waivers for IATO Step 2, 3 etc (Scenario B Implementation) Add formal messaging and directory services Directory Services for may be added by Upgrade project (GAL Sync) Add other services when authorised e.g. TDL IDS = Intrusion Detection System IATO = Interim Authorisation to Operate GAL = Global Address List TDL = Tactical Data Link NATO UNCLASSIFIED NATO UNCLASSIFIED

8 Case A IEG Project Status
Case A IEG Project - Authorisation for 6 NATO Regional IEGs & 18 National IEGs Stage 2 Authorisation Request 3Q07 Contract award 2Q08 Regional IEGs installation completed 2Q09 National Site Surveys commence 3Q09 National IEGs installation begins 1Q10 Final Acceptance Test 4Q10 RIEG connection to NGCS depends on Packet Transit Components being updated to re-route traffic through IEGs NATO UNCLASSIFIED NATO UNCLASSIFIED

9 Scenario B IEG Planning Project
Future Milestones Validation of technical solution – 3Q09 TBCE developed – 4Q09 TBCE screened by WGNTE – 1Q10 Contract Signed – 4Q10 Service Transition/Installation Commences – 1Q11 Project Completion – 4Q13 TBCE = Type “B” Cost Estimate NATO UNCLASSIFIED NATO UNCLASSIFIED

10 Email Upgrade Email Upgrade – Programmatic
Proposals received – Oct 2007 Price evaluation completed – Dec 2007 Technical evaluation commencement – Mar 2008 Contract award - 2Q09 Compliance Tests – 4Q09 Commence deployment in – 2Q10 Complete deployment in – 3Q10 NATO UNCLASSIFIED NATO UNCLASSIFIED

11 NATO Messaging System - Phase 1
NMS Phase 1 Factory Acceptance Testing complete – Feb 2006 Certification Testing complete – Oct 2006 Alternate Solution Evaluation Compliance Testing complete – Feb 2007 Usability Testing complete – Mar 2007 Evaluation report – Jul 2007 NMS Phase 1 contract amended - April 2009 Phase 1 Amendment coordination Award Amendment contract –1Q09 Regression testing of upgrades – 1Q10 Site surveys and preparations – 3Q09 - 4Q09 Begin Phase 1 deployment (surveys and installation) – 2Q10 – 4Q10 IOC (System Acceptance for Phase 1) – 2Q11 The work listed there is being performed on both sides (NC3A and Contractor) IOC = Initial Operational Capability NATO UNCLASSIFIED NATO UNCLASSIFIED

12 NATO Messaging System – Phase 2
Phase 2 coordination commencement – 4Q09 Minimize gap between Ph 1 and Ph 2 Subject to successful initial deployment of Ph 1 Replace PKI with NATO PKI, ACP145, Integration into IEG B, Interoperability tests with Nations Identification of Phase 2 Sites Successful system testing of Phase 1 sites Phase 2 Authorization – 3Q10 ACP145 inclusion (if joint standard ratified) ACP133 Edition C inclusion (latest ratified version) IEG Scenario B integration NATO PKI deployment FOC (end Phase 2) – 2Q12 PKI = Public Key Infrastructure NATO UNCLASSIFIED NATO UNCLASSIFIED

13 NATO Enterprise Directory Service (NEDS)
NEDS Project Status Phase 1 completed – Sep 2008 Phase 2 Authorization Request – Nov 2008 Information for Bidders release – 3Q09 Contract Award – 1Q10 Site Surveys – 2Q10 Initial Operational Concept commencement – 1Q11 Final System Acceptance – 2Q11 NATO UNCLASSIFIED NATO UNCLASSIFIED

14 IEG A project milestones
IEG B project milestones IEG C project milestones The IEG portfolio IEG A project milestones IEMS DS R-IEG IEG Web NMS Ph 1 NEDS* IEG-C KFOR PTC Enhancements IEG-C+ KFOR N-IEG S.S N-IEG D’ploy N-IEG FOC IEG-B IEMS DS NMS Ph 2 ARH BMTA 2009 2010 2011 2012 Now NATO UNCLASSIFIED * Information Provider Only

15 Discussion ... NATO UNCLASSIFIED

16 CONTACTING NC3A NC3A Brussels NC3A The Hague Visiting address:
Bâtiment Z Avenue du Bourget 140 B-1110 Brussels Telephone +32 (0) Fax +32 (0) Postal address: NATO C3 Agency Boulevard Leopold III B-1110 Brussels - Belgium NC3A The Hague Oude Waalsdorperweg AK The Hague Telephone +31 (0) Fax +31 (0) Postal address: NATO C3 Agency P.O. Box CD The Hague The Netherlands NATO UNCLASSIFIED

17 Pre-IEGs and Interconnection Scenarios Supported

18 Future IEGs and Interconnection Scenarios Supported (partial, only secret level included)

19 IEG-Light Functional requirements Interface requirements
Current status: IEG-Light was identified as “quick win” project beginning 2007 IEG-Light is a prototype implementation of an IEG-B for deployment Core Module: 7 SBCs (HDD Raid1), 4 LANs, Cisco FTR, KVM Switch, Monitor IEG-Infrastructure with FTR, FW, IDS IEG-Core with mail, web and directory synchronization Specialized Module: 4 SBCs (HDD Raid1), 2 LANs Stackable with Core Module Optional use for: Functional services TDL VoiP Data Forwarding MIP-DEM Functional requirements Same as static, plus tactic services Interface requirements Same as static, plus circuit switched, plus TACOMS Co-location of interconnected CIS Limited WAN capability Asymmetric gateway architecture NATO protects its own CIS Both CIS NATO operated Performance requirements Smaller as in static, e.g. 150 supported users for NRF Implementation and environmental requirements Small, light weight, low power consumption, rough conditions NATO UNCLASSIFIED NATO UNCLASSIFIED

Download ppt "IEG Portfolio (Scenario A and B)"

Similar presentations

Ads by Google