Post on 28-Mar-2018
transcript
UNCLASSIFIED
UNCLASSIFIED
D o D C I O
Joint Regional Security Stacks
COL Nora R. Marcos
Commander
DISA CONUS
UNCLASSIFIED
UNCLASSIFIED
JRSS* is the Operational Solution
Addresses immediate need to defend the cyber warfighting domain & resolve JIE ICD gaps
Shrinks attack surface from ~1000 disparate ingress points to 50 ingress points (U&C networks)
Achieves a standard network security architecture
Accelerates achieving a standardized Command and Control platform for the Joint Information Environment
JRSS suite fielded enables global synchronized network operations
“I never understood why the Services each spend money creating, maintaining, building, and operating a global communications backbone….We need a joint framework. Each Service could still address its own
needs..” Adm. Mike Rogers
2
JRSS
* JRSS = Security + Network Modernization + Cyber SA
UNCLASSIFIED
UNCLASSIFIED
Implementation Timeline
3
FY14 FY15 FY16 FY17 FY18 FY19
San Antonio Ops Decision (Sep 14)
JRSS v 1.0: CONUS/EUROPE/ SWA Focus
(50% Global Reqt)
Assumes FY15 Funding Available JRSS 1.5: USAF/USA Stand Down Legacy Capabilities
80% Global Reqt (50% in Europe, Africa, Pacific)
Assumes FY16 Funding Available
USN/USMC Migration 100% Global Reqt
JRSS Version 2.0 (DON Enhancements)
Reduced Attack Surface
DOD Installations Connected
Improved C2 and SA
Added Resiliency/Capacity Increased Sharing of Threat Data
100 Sites
300 Sites
400+ Sites
Expanding Cyber C2 Capabilities
1000+ Loosely Controlled Entry Points 50 Robust Entry Points
JFHQ DODIN Activated
UNCLASSIFIED
UNCLASSIFIED
DoD Circuit Infrastructure: Army (Contracted thru DISA)*
TO BE: Total Circuits AS IS: Total Circuits
17.6K Access Circuits
3.5K Access Circuits
Installation of IP Transport/MPLS: ~$80M / Year Cost Savings
• An estimated 80% of existing TDM circuits DS-3 and below can be moved to IP transport as it is enabled
• Army Leased TDM Circuits: $100M ARC • Does not include TDM circuits leased outside of DITCO
• Implementation of IP Transport & MPLS allows elimination of most TDM circuits (estimated @ 80%)
• Elimination of Army TDM circuits could save at least ~$80M or more ARC after FY16
• Elimination of some non-DITCO TDM circuits will result in even greater savings
4
* SOURCE: WWOLS-R as of 4 August 2014
UNCLASSIFIED
UNCLASSIFIED
AS IS
Security • 900+ Security Stacks and 41 Service gateways • Pockets of excellence in each Service
Network • Single threaded, lower bandwidth DISN access connections • 117K inefficient point to point circuits
Cyber Situational Awareness (SA) • Disparate and uncoordinated analysis
Security • Reduced attack surface • Merge best of breed solutions for each threat • DoD protection with MILDEP unique cyber control Network • Improved network resiliency & command and control • 23K point to point circuits (save $400M+ per year)
Cyber Situational Awareness (SA) • Improved Cyberspace Detection and Diagnosis • Supports tailored SA views for all commands
JRSS Operational View
TO BE BASE X
Base B Base A
DISN
BASE X
Base B Base A
DISN
5
UNCLASSIFIED
UNCLASSIFIED July August September 6
1. JMS build-out
2. JBSA Migration
3. Cyber security & accreditation rigor
4. JRSS test events
5. WBS/Master schedule development
6. On-boarding & Mission assignment
Status
Commander’s Assessment
JRSS OPS Update
D O T M L P F S
5 2 1 6 4 3
1. JMS 0.5 risk = Low; JMS 1.0 = High
2. JBSA migration; JMT/SMT readiness, risk = Low
3. Multiple C & A/CND challenges, risk = Low
4. Shared management / Remote Access risk = Low
5. WBS/ Master Schedule development, risk = Low
6. GSM-O contracting actions, risk = Low
1. JMS v.5 awaiting VM & MS license delivery
• JMS 1.0 awaiting funding
2. JBSA Migration
• Multiple ASIs to be conducted this week
3. IATO S: (IATT expires 22 Aug)
• FSO has reviewed; expected award ~ 20 Aug
4. Testing
• System Acceptance and Shared Man. Testing ongoing
5. WBS/Integrated Master Schedule
• Draft IMS template and WBS dictionary developed
6. PWS for JMT
• Est Award ~ 15 Sep
• Completed two Alpha sessions
1. JMS acquisition award, delivery & installation schedule
2. Migration Plan supporting documents
3. None
4. SAT, Shared management, ROC/ROL drills
• TTPs in development to support test plan
5. None
6. GSM-O contract modifications
• Funding for long term
Priorities
Dependencies
Lab Train
ing
JMT
Aw
ard
JMS 0
.5
Fun
ction
al (avail fo
r trng)
IATO
Co
mp
lete
RO
C/R
OLS
Arm
y/AF
acceptan
ce to
Migrate
Ft Sam
Read
iness
review
SAT Test
Shared
M
anTest
FSH M
igrate
UNCLASSIFIED
UNCLASSIFIED 7
JRSS/JBSA Migration Tasks
19 Sep: (T) Final Readiness Review – Army G6, Tenant Customers, NETCOM, 7th SC, 24th AF, JMT
16 Sep: (T) Service GO Readiness Review
11-15 Aug: JMT huddle on FSH-JBSA
Legend
Pending
Complete
In Progress
In Progress (at risk)
Behind Schedule
21 Aug: ASI – Base FW interface migration
11-22 Aug: IWC Army, develop EIP and prepare for NIPR path migration
11-28 Aug: JMT / operator training
7-12 Sep: EIP – Additional Base cleanup
20-28 Aug: Shared management event and training (ICW JMT / operator training)
8-11 Sep: ROC and ROLS (Rehearsal of Concept / Rehearsal of Live Systems)
12 Sep: Action Officer Readiness Review with NETCOM, 7th SC, 106th TSSB, FSH NEC, JMT
13-21 Aug: EIP-NETMOD cleanup (Migrate server farm route-points to CE router)
20 Sept: Migrate FSH Base FW/IPS to Kelly JRSS
7-19 Sep: Stage FSH base FW and IPS in Kelly JRSS
4 11 18 25 1 8 15 22 29 AUG
14 Aug: ASI: Cutting over NIPR Circuit
22-24 Aug: ASI – Server Farm Consolidation
SEP