Presentation is loading. Please wait.

Presentation is loading. Please wait.

NATO UNCLASSIFIED IEG Portfolio (Scenario A and B) US-NATO Information Sharing (UNIS) TEM6 2 December 2009 Leon Schenkels NC3A Core Applications Core Enterprise.

Similar presentations


Presentation on theme: "NATO UNCLASSIFIED IEG Portfolio (Scenario A and B) US-NATO Information Sharing (UNIS) TEM6 2 December 2009 Leon Schenkels NC3A Core Applications Core Enterprise."— Presentation transcript:

1 NATO UNCLASSIFIED IEG Portfolio (Scenario A and B) US-NATO Information Sharing (UNIS) TEM6 2 December 2009 Leon Schenkels NC3A Core Applications Core Enterprise Services (CAT7)

2 2  Manages and secures information services in between NATO and external organisations. (Supports multiple interoperability scenarios).  Supports core and functional AIS services interoperability based on agreed standards.  Provides flexibility, scalability and high availability.  Complies with NATO policies, Major references:  Infosec Technical and Implementation Directive for the Interconnection of Communication and Information Systems.  NATO interoperability Directive (chapter 7)  Guidance document on the implementation of gateways for information exchange between NATO and external CIS communities. What is the IEG NATO UNCLASSIFIED

3 3 What are the IEG scenarios NATO standardised approach to cross domain information exchange Several scenarios A: NS ↔ NS (Enclave) B: NS ↔ NATO Nation Secret C: NS ↔ Mission Secret D: NS ← (↔) NNN/IO Supports Core and Functional services NATO UNCLASSIFIED

4 4 IEG Architectural Approach  IEG developed as discrete components supported by generic infrastructure.  Advantages:  Re-uses the core services infrastructure  Accreditation tasks are simplified (fewer components).  Maintainable (minimises the number of additional proxies) NATO UNCLASSIFIED

5 5 Information Exchange Gateway case A+B Symmetric IEGs NATONATO MTA WEB Proxy IDS MTA WEB Proxy IDS ZZ NATO Nation DSA BPDBPD BPDBPD

6 NATO UNCLASSIFIED6 IEG Scenario B (RIEG)

7 NATO UNCLASSIFIED7 Phased approach to NATO RIEGs  Phased increase in security protection  Step 1 (Scenario A implementation)  Build network level infrastructure (Firewall, IDS)  Local/central management as required  Add web proxy services first, then (through Upgrade project).  May require some waivers for IATO  Step 2, 3 etc (Scenario B Implementation)  Add formal messaging and directory services  Directory Services for may be added by Upgrade project (GAL Sync)  Add other services when authorised e.g. TDL

8 NATO UNCLASSIFIED8 Case A IEG Project Status  Case A IEG Project - Authorisation for 6 NATO Regional IEGs & 18 National IEGs  Stage 2 Authorisation Request 3Q07  Contract award 2Q08  Regional IEGs installation completed 2Q09  National Site Surveys commence 3Q09  National IEGs installation begins 1Q10  Final Acceptance Test 4Q10

9 NATO UNCLASSIFIED9 Scenario B IEG Planning Project Future Milestones  Validation of technical solution – 3Q09  TBCE developed – 4Q09  TBCE screened by WGNTE – 1Q10  Contract Signed – 4Q10  Service Transition/Installation Commences – 1Q11  Project Completion – 4Q13

10 NATO UNCLASSIFIED10 Upgrade  Upgrade – Programmatic  Proposals received – Oct 2007  Price evaluation completed – Dec 2007  Technical evaluation commencement – Mar 2008  Contract award - 2Q09  Compliance Tests – 4Q09  Commence deployment in – 2Q10  Complete deployment in – 3Q10

11 NATO UNCLASSIFIED11 NATO Messaging System - Phase 1  NMS Phase 1  Factory Acceptance Testing complete – Feb 2006  Certification Testing complete – Oct 2006  Alternate Solution Evaluation  Compliance Testing complete – Feb 2007  Usability Testing complete – Mar 2007  Evaluation report – Jul 2007  NMS Phase 1 contract amended - April 2009  Phase 1 Amendment coordination  Award Amendment contract –1Q09  Regression testing of upgrades – 1Q10  3Q09 - 4Q09  Site surveys and preparations – 3Q09 - 4Q09  Begin Phase 1 deployment (surveys and installation) – 2Q10 – 4Q10  IOC (System Acceptance for Phase 1) – 2Q11

12 NATO Messaging System – Phase 2  Phase 2 coordination commencement – 4Q09  Minimize gap between Ph 1 and Ph 2  Subject to successful initial deployment of Ph 1  Replace PKI with NATO PKI, ACP145, Integration into IEG B, Interoperability tests with Nations  Identification of Phase 2 Sites  Successful system testing of Phase 1 sites  Phase 2 Authorization – 3Q10  ACP145 inclusion (if joint standard ratified)  ACP133 Edition C inclusion (latest ratified version)  IEG Scenario B integration  NATO PKI deployment  FOC (end Phase 2) – 2Q12 12NATO UNCLASSIFIED

13 13 NATO Enterprise Directory Service (NEDS)  NEDS Project Status  Phase 1 completed – Sep 2008  Phase 2 Authorization Request – Nov 2008  Information for Bidders release – 3Q09  Contract Award – 1Q10  Site Surveys – 2Q10  Initial Operational Concept commencement – 1Q11  Final System Acceptance – 2Q11

14 IEG A project milestones NATO UNCLASSIFIED14 Now R-IEG N-IEG S.S N-IEG D’ploy N-IEG FOC IEG Web NEDS* * Information Provider Only NMS Ph 1 NMS Ph 2 ARH BMTA PTC Enhancements IEG-B IEMS DS IEMS DS IEG-CKFOR IEG-C+KFOR IEG B project milestones IEG C project milestones The IEG portfolio

15 NATO UNCLASSIFIED15 Discussion...

16 NATO UNCLASSIFIED16 CONTACTING NC3A NC3A Brussels Visiting address: Bâtiment Z Avenue du Bourget 140 B-1110 Brussels Telephone +32 (0) Fax +32 (0) Postal address: NATO C3 Agency Boulevard Leopold III B-1110 Brussels - Belgium NC3A The Hague Visiting address: Oude Waalsdorperweg AK The Hague Telephone +31 (0) Fax +31 (0) Postal address: NATO C3 Agency P.O. Box CD The Hague The Netherlands

17 Pre-IEGs and Interconnection Scenarios Supported 17NATO UNCLASSIFIED

18 Future IEGs and Interconnection Scenarios Supported (partial, only secret level included) 18NATO UNCLASSIFIED

19 19 IEG-Light IEG-Light  Current status :  IEG-Light was identified as “quick win” project beginning 2007  IEG-Light is a prototype implementation of an IEG-B for deployment  Core Module :  7 SBCs (HDD Raid1), 4 LANs, Cisco FTR, KVM Switch, Monitor  IEG-Infrastructure with FTR, FW, IDS  IEG-Core with mail, web and directory synchronization  Specialized Module :  (HDD Raid1)  4 SBCs (HDD Raid1), 2 LANs  Stackable with Core Module  Optional use for:  Functional services TDL  VoiP  Data Forwarding  MIP-DEM NATO UNCLASSIFIED


Download ppt "NATO UNCLASSIFIED IEG Portfolio (Scenario A and B) US-NATO Information Sharing (UNIS) TEM6 2 December 2009 Leon Schenkels NC3A Core Applications Core Enterprise."

Similar presentations


Ads by Google