IEG Portfolio (Scenario A and B)

Slides:

Advertisements

Similar presentations

Frits Broekema Principal Scientist NATO C3 Agency

Advertisements

NATO NNEC Core Enterprise Services

University of Baltimore Telecommunications Technology

Securing Emerging Mobile Technology JOHN G. LEVINE PH.D. D/CHIEF ARCHITECTURE GROUP 13 SEP

Slide # 1 Report to ADC AR Status Doug Nebert, POC U.S. Geological Survey.

Geospatial One-Stop Version 2 Award Coordination Working Group Meeting February 8, 2005.

NATO Consultation, Command and Control Agency

A formal approach to national CIS validation in support of NATO expeditionary forces certification The Interoperability Experimentation, Testing and Validation.

NATO UNCLASSIFIED. Historical ISAF Mission Networks … NATO UNCLASSIFIED2  ISAF Secret         NATO Managed & Administered CENTRIXS GCTF  US.

United States DoD Public Key Infrastructure: Deploying the PKI Token

IETV : I NTEROPERABILITY E XPERIMENTATION, T ESTING AND V ALIDATION C APABILITY © NATO Consultation, Command and Control Agency, 2009.

© 2007 COPLAN AND COMPANY. All Rights Reserved. Permission granted for use by HIMSS membership. 1 Procurement Management Scott R. Coplan, PMP Educational.

CENTRIXS: “Interconnecting Coalition Networks”

NATO CIS Services Agency Interoperability in Afghanistan The perspective of NCSA The ISAF CIS Coordinator and Service Provider Dag Wilhelmsen Technical.

NATO Consultation, Command and Control Agency

©Centre for Development of Advanced Computing 1 State e-governance Service Delivery Gateway (SSDG)‏ A Messaging Middleware for.

CENTRIXS-ISAF: Phase 1 Overview

Password?. Project CLASP: Common Login and Access rights across Services Plan

Shared Technical Architecture’s Role within the ECIO Organization “Arkansas Shared Technical Architecture”

NATO UNCLASSIFIED NATO Consultation, Command and Control Agency Ad-hoc Networking: Infrastructure-free Communications for Military Operations Michael Winkler,

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

PROTECTION OF NATO INFORMATION AND NATO CIS Col

UNCLASSIFIED – Unlimited Distribution The Role Of BMC3I Simulation In Advancing The NATO Active Layered Theatre Ballistic Missile Defence (ALTBMD) Programme.

Defense Information Systems Agency A Combat Support Agency DISA Quality Management Program Operations DISA Circular Review August 2011 v5.

S.ICZ Frantisek Vosejpka The enforcement of NATO INFOSEC requirements into the policy and architecture of CISs CATE 2003 Brno,

Final Design and Implementation

Clinic Security and Policy Enforcement in Windows Server 2008.

Web Development Process Description

Identity Management in a Federated Environment US-NATO TEM December 2009 Alan Murdock Dr. Robert Malewicz Dr. Sven Kuehne CAT-2 Interoperability.

Aid Management Platform (AMP) Introduction to AMP Tanzania, February 2009.

DoD Acquisition Domain (Sourcing) (DADS) Analysis of Alternatives (AoA) E-Business/SPS Joint Users’ Conference November 15-19, 2004 Houston, TX.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

A Combat Support Agency Defense Information Systems Agency Multinational Information Sharing (MNIS) August 2011.

NATO Collaboration Bodies Einar Thorsen, CTO/CIS

UNCLASSIFIED DITSCAP Primer. UNCLASSIFIED 1/18/01DITSCAP Primer.PPT 2 DITSCAP* Authority ASD/C3I Memo, 19 Aug 92 –Develop Standardized C&A Process DODI.

NASA CIO Standards Activities Presentation to NASA Technical Standards Working Group June 11-12, 2007 HQ/R. Benedict.

Update on IPv6 Transition U.S. Federal IPv6 Task Force Jane Coffin Co-Chair of the U.S. Federal IPv6 Task Force August 2011 – CITEL PCC.I, Mar del Plata,

Module 4 Planning and Deploying Client Access Services in Microsoft® Exchange Server 2010 Presentation: 120 minutes Lab: 90 minutes After completing.

Module 9: Fundamentals of Securing Network Communication.

Federal Aviation Administration System Wide Information Management Segment 2 JRC Progress Presented to: Demonstrations and Prototypes TIM 5 Presented by:

Certification and Accreditation CS Syllabus Ms Jocelyne Farah Mr Clinton Campbell.

"The majority of users in a typical enterprise simply want frequent, location-independent access to a few key applications, such as , calendar and.

Module 12 Integrating Exchange Server 2010 with Other Messaging Systems.

9 Systems Analysis and Design in a Changing World, Fourth Edition.

March 2004 At A Glance NASA’s GSFC GMSEC architecture provides a scalable, extensible ground and flight system approach for future missions. Benefits Simplifies.

NATO UNCLASSIFIED NATO Consultation, Command and Control Agency Acquisition Overview Mr. John D. Edell Director of Acquisition 15 June 2006.

IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Ambient Networks Update Date Submitted: January 17 th 2007 Presented.

"The majority of users in a typical enterprise simply want frequent, location-independent access to a few key applications, such as , calendar and.

Module 2: Installing Exchange Server Overview Introduction to the Exchange Server 2007 Server Roles Installing Exchange Server 2007 Completing the.

TeleTrusT PKI WG Information and Activities PKI-Forum, 19-Jun-2001 Fritz Bauspiess Secorvo Security Consulting GmbH Albert-Nestler-Straße.

Implementing Microsoft Exchange Online with Microsoft Office 365

25 April Unified Cryptologic Architecture: A Framework for a Service Based Architecture Unified Cryptologic Architecture: A Framework for a Service.

COMPULSORY BRIEFING SESSION Enterprise Wireless Solution (Wi-Fi) RAF /2015/00022 Date: 18 January 2016 Time: 11:00.

NNEC Shared Space Implementation of NNEC Data Strategy UNIS TEM 6 Outbrief Dr Sven Kuehne CAT-2 Interoperability | NATO C3 Agency - The Hague Tel.: +31.

Office of Administration Enterprise Server Farm November 2004 Briefing.

Baseline The baseline at July Previously there was a lack of consistency for: Pathways into specialist clinics; Policies, procedures and guidelines.

Building and Implementing An Identity Management Roadmap John Taylor Manager, IT Security & Service Continuity Phil Hall Security Consultant Apologies.

Service Enhancement AMHS Implementation Workshop Chennai, India 15 th – 17 th December 2008.

Bridging The Gap between Development and Production Kevin Sangwell Infrastructure Architect Microsoft Regional Head Quarters.

Leader IPT1 - Architecture

BIL 424 NETWORK ARCHITECTURE AND SERVICE PROVIDING.

Shared Technical Architecture’s Role within the ECIO Organization

NAAS 2.0 Features and Enhancements

NAF Revision Syndicate Update to IDEAS Group

Omnibus IV Contract Overview Elieen Emond Contract Specialist

Proposed core price & service spec L1 product milestone 31 Dec 2019

Presentation transcript:

IEG Portfolio (Scenario A and B) US-NATO Information Sharing (UNIS) TEM6 2 December 2009 Leon Schenkels NC3A Core Applications Core Enterprise Services (CAT7) NATO UNCLASSIFIED NATO UNCLASSIFIED

What is the IEG Manages and secures information services in between NATO and external organisations. (Supports multiple interoperability scenarios). Supports core and functional AIS services interoperability based on agreed standards. Provides flexibility, scalability and high availability. Complies with NATO policies, Major references: Infosec Technical and Implementation Directive for the Interconnection of Communication and Information Systems. NATO interoperability Directive (chapter 7) Guidance document on the implementation of gateways for information exchange between NATO and external CIS communities. NATO UNCLASSIFIED NATO UNCLASSIFIED

What are the IEG scenarios NATO standardised approach to cross domain information exchange Several scenarios A: NS ↔ NS (Enclave) B: NS ↔ NATO Nation Secret C: NS ↔ Mission Secret D: NS ← (↔) NNN/IO Supports Core and Functional services NATO UNCLASSIFIED

IEG Architectural Approach IEG developed as discrete components supported by generic infrastructure. Advantages: Re-uses the core services infrastructure Accreditation tasks are simplified (fewer components). Maintainable (minimises the number of additional proxies) NATO UNCLASSIFIED NATO UNCLASSIFIED

Information Exchange Gateway case A+B Symmetric IEGs NATO Nation N A T O B P D B P D Z Z MTA MTA DSA DSA WEB Proxy Proxy WEB IDS IDS NATO UNCLASSIFIED NATO UNCLASSIFIED

IEG Scenario B (RIEG) NATO UNCLASSIFIED

Phased approach to NATO RIEGs Phased increase in security protection Step 1 (Scenario A implementation) Build network level infrastructure (Firewall, IDS) Local/central management as required Add web proxy services first, then email (through Email Upgrade project). May require some waivers for IATO Step 2, 3 etc (Scenario B Implementation) Add formal messaging and directory services Directory Services for Email may be added by Email Upgrade project (GAL Sync) Add other services when authorised e.g. TDL IDS = Intrusion Detection System IATO = Interim Authorisation to Operate GAL = Global Address List TDL = Tactical Data Link NATO UNCLASSIFIED NATO UNCLASSIFIED

Case A IEG Project Status Case A IEG Project - Authorisation for 6 NATO Regional IEGs & 18 National IEGs Stage 2 Authorisation Request 3Q07 Contract award 2Q08 Regional IEGs installation completed 2Q09 National Site Surveys commence 3Q09 National IEGs installation begins 1Q10 Final Acceptance Test 4Q10 RIEG connection to NGCS depends on Packet Transit Components being updated to re-route traffic through IEGs NATO UNCLASSIFIED NATO UNCLASSIFIED

Scenario B IEG Planning Project Future Milestones Validation of technical solution – 3Q09 TBCE developed – 4Q09 TBCE screened by WGNTE – 1Q10 Contract Signed – 4Q10 Service Transition/Installation Commences – 1Q11 Project Completion – 4Q13 TBCE = Type “B” Cost Estimate NATO UNCLASSIFIED NATO UNCLASSIFIED

Email Upgrade Email Upgrade – Programmatic Proposals received – Oct 2007 Price evaluation completed – Dec 2007 Technical evaluation commencement – Mar 2008 Contract award - 2Q09 Compliance Tests – 4Q09 Commence deployment in – 2Q10 Complete deployment in – 3Q10 NATO UNCLASSIFIED NATO UNCLASSIFIED

NATO Messaging System - Phase 1 NMS Phase 1 Factory Acceptance Testing complete – Feb 2006 Certification Testing complete – Oct 2006 Alternate Solution Evaluation Compliance Testing complete – Feb 2007 Usability Testing complete – Mar 2007 Evaluation report – Jul 2007 NMS Phase 1 contract amended - April 2009 Phase 1 Amendment coordination Award Amendment contract –1Q09 Regression testing of upgrades – 1Q10 Site surveys and preparations – 3Q09 - 4Q09 Begin Phase 1 deployment (surveys and installation) – 2Q10 – 4Q10 IOC (System Acceptance for Phase 1) – 2Q11 The work listed there is being performed on both sides (NC3A and Contractor) IOC = Initial Operational Capability NATO UNCLASSIFIED NATO UNCLASSIFIED

NATO Messaging System – Phase 2 Phase 2 coordination commencement – 4Q09 Minimize gap between Ph 1 and Ph 2 Subject to successful initial deployment of Ph 1 Replace PKI with NATO PKI, ACP145, Integration into IEG B, Interoperability tests with Nations Identification of Phase 2 Sites Successful system testing of Phase 1 sites Phase 2 Authorization – 3Q10 ACP145 inclusion (if joint standard ratified) ACP133 Edition C inclusion (latest ratified version) IEG Scenario B integration NATO PKI deployment FOC (end Phase 2) – 2Q12 PKI = Public Key Infrastructure NATO UNCLASSIFIED NATO UNCLASSIFIED

NATO Enterprise Directory Service (NEDS) NEDS Project Status Phase 1 completed – Sep 2008 Phase 2 Authorization Request – Nov 2008 Information for Bidders release – 3Q09 Contract Award – 1Q10 Site Surveys – 2Q10 Initial Operational Concept commencement – 1Q11 Final System Acceptance – 2Q11 NATO UNCLASSIFIED NATO UNCLASSIFIED

IEG A project milestones IEG B project milestones IEG C project milestones The IEG portfolio IEG A project milestones IEMS Email DS R-IEG IEG Web NMS Ph 1 NEDS* IEG-C KFOR PTC Enhancements IEG-C+ KFOR N-IEG S.S N-IEG D’ploy N-IEG FOC IEG-B IEMS Email DS NMS Ph 2 ARH BMTA 2009 2010 2011 2012 Now NATO UNCLASSIFIED * Information Provider Only

Discussion ... NATO UNCLASSIFIED

CONTACTING NC3A NC3A Brussels NC3A The Hague Visiting address: Bâtiment Z Avenue du Bourget 140 B-1110 Brussels Telephone +32 (0)2 7074111 Fax +32 (0)2 7078770 Postal address: NATO C3 Agency Boulevard Leopold III B-1110 Brussels - Belgium NC3A The Hague Oude Waalsdorperweg 61 2597 AK The Hague Telephone +31 (0)70 3743000 Fax +31 (0)70 3743239 Postal address: NATO C3 Agency P.O. Box 174 2501 CD The Hague The Netherlands NATO UNCLASSIFIED

Pre-IEGs and Interconnection Scenarios Supported NATO UNCLASSIFIED

Future IEGs and Interconnection Scenarios Supported (partial, only secret level included) NATO UNCLASSIFIED NATO UNCLASSIFIED

IEG-Light Functional requirements Interface requirements Current status: IEG-Light was identified as “quick win” project beginning 2007 IEG-Light is a prototype implementation of an IEG-B for deployment Core Module: 7 SBCs (HDD Raid1), 4 LANs, Cisco FTR, KVM Switch, Monitor IEG-Infrastructure with FTR, FW, IDS IEG-Core with mail, web and directory synchronization Specialized Module: 4 SBCs (HDD Raid1), 2 LANs Stackable with Core Module Optional use for: Functional services TDL VoiP Data Forwarding MIP-DEM Functional requirements Same as static, plus tactic services Interface requirements Same as static, plus circuit switched, plus TACOMS Co-location of interconnected CIS Limited WAN capability Asymmetric gateway architecture NATO protects its own CIS Both CIS NATO operated Performance requirements Smaller as in static, e.g. 150 supported users for NRF Implementation and environmental requirements Small, light weight, low power consumption, rough conditions NATO UNCLASSIFIED NATO UNCLASSIFIED