Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tim Smith Program Manager Naval Networks

Published byAnnabella Tate Modified over 8 years ago

Similar presentations

Presentation on theme: "Tim Smith Program Manager Naval Networks"— Presentation transcript:

1 Tim Smith Program Manager Naval Networks
PEO C4I and Space PMW Interfacing IT-21 and BLII with NMCI Navy Marine Corps Intranet Industry Symposium June 17-19, 2003 Tim Smith Program Manager Naval Networks

2 The Navy’s IT Enterprise

3 Extent of our Enterprise
We support 80,000 clients ~300 ships 20 Major Fleet Concentration Areas PMW165 Purview Clients IT-21 Afloat 50,000 BLII 30,000 TOTAL 80,000 Servers are Microsoft based servers on the GENSER, UNCLAS, SCI, and Coalition networks and NOCs and do not include the 3rd IIS server that we will eventually need to field with COMPOSE NIPRNET SIPRNET Fleet NOC Pierside Deployables NGDS

4 Applications WS/Server
IT-21 Afloat SCI LAN Diverse Services Web Browsing Network Management Account Management Directory Services Print Services File Transfer Chat Office Automation Security Video TELCON CENTRIXS NOC GENSER LAN WAN Router UNIX Servers NT Servers Applications on workstations and servers - Four Type I isolated enclaves tied together via ADNS to reuse idle bandwidth by other enclaves. Systems shown are the major PEO C4I program. There are many other non-PEO C4I programs also supported (TAMPS, JSIPS, NFN, TFW, etc). Services listed use common hardware and software where we can so we that leverage procurement and engineering services. UNCLAS LAN Applications WS/Server Servers for Deployables Strike Fighter Online OMMS-NG SOMS Air Wing servers RADMIN SAMS TOPSCENE RSUPPLY DENMIS WINSALTS NSIPS TELERADIOGRAPHY Deployable NMCI Laptops

5 BLII Work Sites Force Protection (Piers) Telephony OCONUS Data

6 IT21 is a Dynamic Environment
Framing the picture 24x7 service requirements – online, anytime, anywhere User has ability to customize at the desktop Multiple workstation users Complex security and storage requirements Limited data reach-back access/limited bandwidth Crossing domains User migration/Identity management Multiple policies and methodologies Enterprise-wide software upgrades take time Every move invokes several man-hour intensive, manual operations to recreate user platforms (with sub-optimum conditions) Slick/recreate machines Recreate proxy clients Reload drivers Delete user profiles Reapply anti-virus and other applications

7 Manage the Interfaces (and Policies)
Security Firewalls, virus protection, intrusion detection Data migration Information reach-back Identity management Application integration Basic IT services , chat, web, DNS, print, and file

8 NCTAMS Shore and Afloat Interfaces
DISN “6” Services DOD TELEPORT Public Services SATCOM STEP Allied and Coalition Networks Afloat Forces Navy Tactical Shore Infrastructure NCTAMS/NCTS (NOCs) Commercial “Teleports” FIBER ISR Products Piers BLII OCONUS NMCI CONUS Piers BLII = Base Level Information Infrastructure ISR = Intelligence, Surveillance & Reconnaissance NMCI = Navy Marine Corps Intranet NOC = Network Operations Center STEP = Standardized Tactical Entry Point NCTAMS/NCTS provide services To Naval, Joint, Allied and Coalition users

9 Backup

10 NGDS Architecture The NGDS will provide a superset of all other Naval directories and be the Identity authoritative source to Naval directories and applications; and external sources. The NGDS also provides direct support for enterprise-wide applications such as the TF Web Navy Portal and the Navy/Marine Corps White Pages. IT-21, MCTN, BLII, and NMCI will input into an NGDS Meta-Directory creating a single superset of directory data Enables enterprise business rules to control data sharing Domains have their own tiered directories that are subordinate that access required information from other domains encryption, certificate based authentication, etc

11 Deployables in BLII OCONUS
Amphibious Objective Area CG III MEF (NMCI) KOREA An example of BLII integration with NMCI and IT-21 in an operational environment are Navy & USMC commands on Okinawa. The USMC will implement NMCI for all Marine Corps Bases in Japan at the end of this year (OCT-DEC 2003). Near simultaneously, the Navy is implementing BLII for all USN bases in the Far East including Okinawa. The Navy and USMC mission are the same – Korea. Scenario – In a Korea contingency, CG III MEF at Camp Courtney Okinawa and Third Marine Expeditionary Force will move men and equipment to the Navy Base at White Beach Okinawa. While embarked shipboard, staffs/units are migrated to the IT-21 network The Navy Amphibious Ready Group will get underway from Sasebo and embark CG III MEF and CTF-76 staffs with marines and transport them to the AOA. Once at the AOA the Marine Landing Force will disembark and eventually set up their HQ ashore with organic assets. (SHF DCS Entry via STEP Site). All users are connected through their NOCs to the DISN Cloud for interoperability on SIPR and NIPR net. The USMC Okinawa NMCI network will be served by the NMCI NOC in Pearl Harbor or San Diego. The USN BLII Network will connect to the IT Service Center (ITSC) Far East at Yokosuka. The USN IT-21 Network connects to the Pacific Region (PR) NOC at Pearl Harbor. USS ESSEX (LHD-2) (IT-21) CTF – 76 (BLII) OKINAWA

12 Teleport Point Design Access DISN IP, Voice and VTC Services at Teleport and non-DISN Services (POTS, VIXS, etc) via Navy TCF

13

14 ALL ABOARD IT-21 – NMCI - BLII
Navy ship deployments - Staff Embarkation Supporting Communications Technologies Dual Routing Limiting Factors - Bandwidth Notes: Various staffs and supporting commands embark aboard Navy ships for extended deployments. Current communications systems provide message send/receive services to the embarked commands while deployed. There is a need to transfer staff archived message traffic and to the ship upon deployment. The volume of this message traffic is substantial and previous hard copy, CD or floppy disk options are inadequate in most cases. Additionally, part of the embarking staffs often remain ashore and must continue to receive the same message traffic and embarked members access. With the the advent of NMCI – BLII server farm designs the option to de-install supporting shore servers and routers and install them aboard ship to support a deployment are no longer available. These components must remain installed ashore continuing to serve others and are not available for installation aboard ship. Depending upon individual ship communication configurations, security concerns, and other variables, various storage device technologies are now employed. The establishment and disestablishment of these services both ashore and afloat can be complex and not without security concerns. And in some cases all message and traffic must continue to be be routed to multiple locations simultaneously so that members aboard ship and ashore continue to have uninterrupted access to the same information. In a military environment this information is often of a critical or life threatening nature therefore the technologies and services must be reliable. Although a separate subject, Navy ships depend upon satellite technology to communicate over great distances and the limiting factor supporting the transfer of message traffic, , high resolution graphics and all the other information required to keep a “city” afloat is – limited bandwidth.

15 Naval Network Challenges to Integration
Naval Networks and NMCI environments are based on different requirements and, therefore, different “rulesets” Naval Networks is a Tactical Network needed 24/7 online all-the-time anywhere NMCI locks down workstations; Naval Networks do not Shipboard administrators are allowed to fully administer network locally NMCI is typically 1-2 users per computer; Naval Networks is typically many users per computer Results in different security measures employed; different methodology for file storage employed Shipboard environment has limited bandwidth on/off ship Different environments result in some challenges for users when they cross domains between NMCI/Naval Network. Particularly in areas of: Embarkable users going from shore-to-ship-to-shore Identity Management

16 Embarkable Challenges
Anti-virus Services Currently have no way to automatically update NMCI embarkable clients in shipboard environment – Unit ITs must use manual process User and Organizational Data Migration Storage locations and methodology different in each environment Use of Network Attached Storage (NAS) devices Services: Proxy Client, MS Outlook Client/MS Exchange Connector, Web browser, IP Addressing/DNS Routing Different environments result in some challenges for users when they cross domains between NMCI/Naval Networks. Particularly in areas of: Embarkable users going from shore-to-ship-to-shore Identity Management ------ Anti-Virus Unit Its must be notified of IAVA from shore (NMCI) and then go to a website to download files User and Organizational Data Migration Various ways files can be copied and transferred over- requires CONOPS and may vary dependent upon overall storage requirements. Unit ITs then need to be able to give access rights to that data, dependent upon person or group. Care must be taken to ensure that similar ACL security exists on the deployed data to allow all users who need access to be able to reach the data. The NAS is a solution to this problem but it still has issues with CONOPS (i.e., how you use it) and also in backing up the NAS. NMCI has greater storage requirements than are currently required shipboard. Backing up that data takes a lot of time. Services Unit ITs are required to make configuration changes to proxy clients if the proxy server onboard ship is different. Similar changes need to be made to MS Outlook Client/MS Exchange Connector , Web Browser to interface with shipboard domain

17 Embarkable Challenges (cont’d)
Deployed Environment Applications Any applications installed shipboard must be deleted prior to re-entering NMCI domain to avoid MAC File and Print Services Updating/Installing drivers Data Reach Back Very limited capability shipboard due to bandwidth restrictions Other Security Issues Deletion of profiles cached in ship domain deleted upon return to NMCI BOTTOM LINE We’ve now put an additional burden on shipboard and Unit IT administrators to accommodate the different environments. We are making some headway here (e.g., Airing Embarkable Servers) but this does not solve all problems for everyone. File and Print Services Must be configured via local administrative right (Unit IT)s. Data Reachback Can’t expect this to work similar to how it’s done on shore. Currently cannot RAS or VPN off ship Deletion of Cache Profiles This goes back to shipboard environment having many users per computer and when a person logs out, their files disappear with them and are stored not locally but in servers. BOTTOM LINE We’ve now put an additional burden on shipboard and Unit IT administrators to accommodate the different environments. We are making some headway here (e.g., Airing Embarkable Servers) but this does not solve all problems for everyone.

18 Identity Management & NGDS
A plan has been developed for the “federation of Identities between the NGDS and NMCI Directories Challenges to this plan include: Complex Business Rules: The sharing of Identity Data requires extensive design and development to ensure that data accountability and ownership are preserved, while meeting needs of both NMCI and non-NMCI communities (entire DON) Security Boundaries: Requires cross-domain solutions that currently have various security policies and multiple DAAs Requirement Validation: The enterprise solutions needed are widely acknowledged and relied upon by many users but are not appropriately resourced

19 Testing NMCI and Naval Networks both have a test process that must be followed to ensure application compatibility Some of these procedures may be duplicative There is a need to share test procedures and test data to eliminate any test duplication NGDS: : Complex Business Rules: The sharing (or Federation) of Identity requires extensive design and development work to ensure that data accountability and ownership are preserved, while meeting the needs of both NMCI and non-NMCI communities (entire DON); Security Boundaries: Requires cross-Domain solutions that currently has various security policy issues that need to be resolved and require coordination of multiple DAAs; New Technology: Will require unique engineering expertise to implement new technology and solution also incurs the risk associated with the use of state-of-the-art technology; Funding: Currently being sought by CNO N615 to provide the catalyst for the NGDS shore enterprise directory infrastructure.

20 BLII Challenges to Integration
Transitioning domain BLII embarkables interfacing with NMCI embarkables Identity Management

Download ppt "Tim Smith Program Manager Naval Networks"

Similar presentations

Unified Communications Bill Palmer ADNET Technologies, Inc.

Unified Communications Bill Palmer ADNET Technologies, Inc.
What you will get? Or what you like to know?

What you will get? Or what you like to know?
Network Systems Sales LLC

Network Systems Sales LLC
Communication and Networking Services Networking Services.

Communication and Networking Services Networking Services.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Navy’s Operational Authority for Naval Networks, Information Operations, and FORCEnet 2004 Strike, Land Attack & Air Defense Annual Symposium Vice Admiral.

Navy’s Operational Authority for Naval Networks, Information Operations, and FORCEnet 2004 Strike, Land Attack & Air Defense Annual Symposium Vice Admiral.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Welcome Overview of this Session Introduction The Migration –Active Directory (replacing Novell) –Email & Calendar – from iPlanet to Outlook –Network.

Welcome Overview of this Session Introduction The Migration –Active Directory (replacing Novell) – & Calendar – from iPlanet to Outlook –Network.
PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.

PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
The Web-Enabled Navy: Made possible through XML. Topics What is the Vision for the Web-Enabled Navy? How do we get there? How is XML different from HTML?

The Web-Enabled Navy: Made possible through XML. Topics What is the Vision for the Web-Enabled Navy? How do we get there? How is XML different from HTML?
Asper School of Business University of Manitoba Systems Analysis & Design Instructor: Bob Travica System architectures Updated: November 2014.

Asper School of Business University of Manitoba Systems Analysis & Design Instructor: Bob Travica System architectures Updated: November 2014.
Exchange server 2003. Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.

Exchange server Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.
Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.

Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.
CHAPTER Introduction to LANs. MODULE Purpose and Use of a Network.

CHAPTER Introduction to LANs. MODULE Purpose and Use of a Network.
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.

A centralized system.  Active Directory is Microsoft's trademarked directory service, an integral part of the Windows architecture. Like other directory.
Improving Customer Satisfaction Through Advances in Remote Management Technology Greg Michel Product Manager Quintum Technologies Inc.

Improving Customer Satisfaction Through Advances in Remote Management Technology Greg Michel Product Manager Quintum Technologies Inc.
Enterprise SharePoint Service (ESPS) 17 August 2011 A Combat Support Agency Defense Information Systems Agency.

Enterprise SharePoint Service (ESPS) 17 August 2011 A Combat Support Agency Defense Information Systems Agency.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Similar presentations

Ads by Google