Mit 18 4 final

The Voice of Military Information Dominance

Network Warfighter

Brig. Gen. Kevin NallyChief Information OfficerU.S. Marine Corps

Mobile Authentication O 4G Innovations O JIEDigital IF SATCOM O Software-Defined Networking

www.MIT-kmi.com

C4July 2014

Volume 18, Issue 4

Who’s Who SponsorshipsDetailed Organization Profiles

Command Profile SponsorshipsQ&A with Top Level Command Leaders

Product ProfilesHighlights your product in the military niche market

Business ProfilesCustom Materials for Custom Audiences

Industry Event ReportsDesigned specifically for your industry-focused event

Resource GuidesProgram Management Updates; Contracts Guides; Products and Services Catalogs; Reference Guides

Posters/Poster SponsorshipsAgency Timelines; Command/Organization Anniversary Timelines; Message Posters

CDs/DVDsStrategically position your promotional CDs or DVDs with a tip in disc carrier

KMI Media Group offersADDITIONAL PRODUCTS and

SERVICE OPPORTUNITIES

To learn about advertising opportunities, contact Conni Kerrigan at [email protected] or 301.670.5700 ext. 111

Cover / Q&AFeatures

14

Departments2 Editor’s PErsPEctivE3 Program notEs/PEoPlE12 data bytEsC3 cotsacoPia

5 Joint information UPdatEAFCEA’s Joint Information Environment Mission Partner Symposium brought together officials from the Defense Information Systems Agency and other government and industry organizations to discuss the current status and future plans for the Department of Defense’s ambitious effort to realign and restructure the construction, operation and defense of its IT networks and systems.By Harrison Donnelly

8 commUnications EvolUtionAs the U.S. military, like much of the rest of the world, rushes to take advantage of the huge potential of Fourth Generation Long Term Evolution technology, the explosive popularity of this standard for high speed wireless communication is offering both opportunities and challenges for the Department of Defense.By Karen e. THuermer

17 satcom’s nExt big thingSeeking to reduce costs and enhance control of satellite communications, a multi-service group in the Department of Defense is working to stimulate development of technology that will enable a switch from analog intermediate frequency to digital intermediate format technology for processing transmissions.By Harrison Donnelly

July 2014Volume 18, Issue 4military information technology

nEtworking catchEs UPWith its promise of improved efficiency in setting up and controlling networks, software-defined networking (SDN) is bringing fundamental changes to this critical aspect of information technology. While the Department of Defense has so far taken only limited steps in this area, experts predict SDN will soon bring major changes to military networking as well.By PeTer BuxBaum

22

“Migrating to a net-centric interoperable network is at

the heart of our vision for enabling

a knowledge-based force.

Achieving this vision requires

the development of improved

mobile, seamless and secure

communications across the information enterprise.”

--Brigadier General Kevin

Nally

smartPhonE idWith access to many logical and physical devices, including computers and offices, hinging on Department of Defense workers’ Common Access Cards, military officials are debating how best to keep up with the increased use of smartphones and other digital devices while matching the security levels found on the desktop.By William murray

19 brigadiEr gEnEral kEvin nally

Chief Information OfficerU.S. Marine Corps

While the debate over the value of cloud computing in govern-ment is pretty much over at this point, the questions of how to get there and the obstacles that need to be overcome are very much a live issue.

One of the more interesting and significant cases of cloud migration currently underway involves the Intelligence Community Information Technology Enterprise, which seeks to create a cloud-based common IT infrastructure for the 17 military and civilian intelligence organizations. A recent U.S. Geospatial Intelligence Foundation workshop offered some insights into the challenges of cloud migration from IT leaders in that field.

For Janice Glover-Jones, deputy chief information officer for the Defense Intelligence Agency, and Dave Bottom, director of the National Geospatial-Intelligence Agency’s IT Services Directorate, the challenges are not about technology, but rather cultural change and the delicate task of informing people that the ways they have been doing their jobs in the past are not going to work in the future.

“When you look at the culture of the cloud, it’s different,” she observed. “When I tell an infra-structure team that they are not going to be running their own infrastructure anymore, the looks that you get ask, ‘Where’s my value?’ The value is how quickly we can retool you as something else—your agility, flexibility and emotional intelligence to be able to make that switch.”

“When you come down to it, the issue is not technology, but skill sets,” said Bottom. “How are we as leaders, both in industry and government, leading our folks through change? It’s all about change. Something that is a good idea to one person sends someone else into the grieving cycle.

“They start out with denial, then get angry, and then we’ll start to negotiate. You know you have them when you start to negotiate, but it takes time to do that,” he continued. “At NGA, we’ve had leadership training about this, because we know that we need to lead our people through that.”

Bottom added: “I don’t think you can underesti-mate the level of engagement that we have to have in the change aspects of this. I get reminded of that every day.”

Harrison DonnellyeDiTor

eDitor’S PerSPectiVe

The Voice of Military Information Dominance

EditorialManaging EditorHarrison Donnelly [email protected]

Online Editorial Managerlaura mcnulty [email protected]

Copy Editorsean Carmichael [email protected]

CorrespondentsPeter Buxbaum • Cheryl Gerber Karen E. Thuermer • William Murray

art & designArt DirectorJennifer owers [email protected]

Ads and Materials ManagerJittima saiwongnuan [email protected]

Senior Graphic Designerscott morris [email protected]

Graphic Designers andrea Herrera [email protected] Paquette [email protected]

advertisingAccount ExecutivePatrice lucid [email protected]

kmi media groupChief Executive OfficerJack Kerrigan [email protected]

Publisher and Chief Financial OfficerConstance Kerrigan [email protected]

Editor-In-ChiefJeff mcKaughan [email protected]

ControllerGigi Castro [email protected]

Trade Show CoordinatorHolly Foster [email protected]

OperatiOns, CirCulatiOn & prOduCtiOn

Operations AdministratorBob lesser [email protected]

Circulation & Marketing AdministratorDuane ebanks [email protected]

CirculationBarbara Gill [email protected]

Data Specialistsraymer Villanueva [email protected] woods [email protected]

a Proud member of:

subscription informationMilitary Information Technology

issn 1097-1041is published 8 times a year by KMI Media Group.

all rights reserved. reproduction without permission is strictly forbidden. © Copyright 2014.

Military Information Technology is free to qualified members of the u.s. military, employees of the u.s.

government andnon-u.s. foreign service based in the u.s. all others: $75 per year.Foreign: $159 per year.

corporate officesKMI Media Group

15800 Crabbs Branch Way, suite 300rockville, mD 20855-2604 usa

Telephone: (301) 670-5700Fax: (301) 670-5701

Web: www.miT-kmi.com

Military Information Technology

Volume 18, Issue 4 • July 2014

KMI MEDIA GROUP LEADERSHIP MAGAZINES AND WEBSITES

www.GCT-kmi.com

UAS Leader

Col. Tim BaxterU.S. Army Project Manager UAS Project Office

Technology & Intel for the Maneuver Warfighter

May 2014Volume 5, Issue 3

www.GCT-kmi.com

Rapidly Deployable ISR O Tactical UAS O Enduring REFArmy Aviation O Wheeled Vehicles O Ammo

SPECIAL SECTION:MANNED-UNMANNED TEAMING

Ground Combat & Tactical ISR

www.M2VA-kmi.com

Military Medical & Veterans Affairs

Forum

www.GIF-kmi.com

Geospatial Intelligence Forum

www.MT2-kmi.com

Military Training Technology

www.MAE-kmi.com

Military AdvancedEducation

www.NPEO-kmi.com

Navy Air/Sea PEO Forum

www.MIT-kmi.com

Military Information Technology

www.SOTECH-kmi.com

SOCOM Leader

Adm. Bill H. McRaven

CommanderSOCOM

Diver Gear O 3-D Training O Protective Gear Mulltinational Partnerships

May 2014 Volume 12, Issue 4

www.SOTECH-kmi.com

World’s Largest Distributed Special Ops Magazine

Program Management Updates

SOCOM2014

Special Operations Technology

www.MLF-kmi.com

Reverse Auctions O Defense Transportation O Afghanistan RetrogradeILS O Supply Chain Efficiencies O DMSMS O Senior Logisticians

The Publication of Record for the Military Logistics Community

Resource Aligner

Vice Adm. William A. “Andy” Brown Deputy CommanderU.S. Transportation Command

SPECIAL PULL-OUT SUPPLEMENTUSTRANSCOM

www.MLF-kmi.com

November/December 2013Volume 7, Issue 10

Exclusive Interview with:

GAIL JORGENSONAcquisition Director USTRANSCOM

Military Logistics Forum

www.CGF-kmi.com

U.S. Coast Guard & Border Security

Program noteS Compiled by KMI Media Group staff

Cloud Approach Urged for Navy Big Data

As Navy analysts struggle to keep pace with the growing flood of data collected by ISR sensors, cloud strategies could help overcome barriers to timely, accurate analysis, according to a new RAND Corp. study.

“The Navy should pursue a cloud strategy similar to those adopted by Google, the intelli-gence community and other large organizations grappling with big data’s challenges and oppor-tunities,” said Isaac R. Porche III, lead author of the Navy-requested study and a senior engineer at RAND. “Specifically, the Navy should adopt the intelligence community’s cloud approach, designing its next generation of ISR tools and systems to work with the National Security Agency’s distributed cloud concept.”

Time is of the essence, Porche said. If the Navy continues to field sensors as planned but does not change the way it processes, exploits and disseminates information, it will reach an intel-ligence gathering “tipping point,” when it will no longer be able to process and utilize all incoming information as fast as desired, as soon as 2016.

“Whether captured from drones or other sources, the Navy has a growing demand for intelli-gence to help Navy vessels avoid collisions, pinpoint targets and perform other vital tasks,” Porche said. “But the amount of data it may collect in the future is more than it can process today.”

The study finds that as little as 5 percent of the data collected by ISR platforms actually reaches Navy analysts. Porche attributed a large

part of the problem to slow download times, shared communications pipelines and large chunks of untagged raw data.

Using a model of intelligence specialist productivity and a year of operational data, RAND found that one potential solution—dynamically managing analyst workloads across geographic areas—would help improve productivity, but only to a point. To be complete, a solution to the Navy’s challenge must involve changes along four dimensions: people, tools and technology, data and data architectures, and demand and demand management.

The report, “Data Flood: Helping the Navy Address the Rising Tide of Sensor Information,” can be found at www.rand.org.

Air Force Brigadier General John D. Bansemer, who has been serving as director of intel-ligence, Headquarters U.S. European Command, has been assigned as deputy chief, Central Security Service, National Security Agency, Fort Meade, Md.

Brigadier General Bruce T. Crawford has assumed command at Army Communications-Electronics Command at Aberdeen Proving Ground, Md.

Brigadier General Paul M. Nakasone, who has been serving as deputy commanding general (operations), Army Cyber Command, has been assigned as commander, Cyber National Mission Force, U.S. Cyber Command, Fort Meade

Air Force Colonel Mark E. Weatherington, selected for the grade of brigadier general, has been assigned as deputy director for command, control, communications and computer/cyber systems, J-6, Joint Staff.

Army Major General Gregg C. Potter, who has been serving as deputy chief of staff, intelligence, International Security

Assistance Force, Operation Enduring Freedom, Afghanistan, has been assigned as deputy director, Signals Intelligence Directorate, National Security Agency, Fort Meade.

Rear Admiral (lower half) Dwight D. Shepherd has been assigned as director for command control systems, J6, Headquarters North American Aerospace Defense Command and director, architectures and inte-gration, J6, Headquarters U.S. Northern Command, Peterson AFB, Colo.

Terry Halvorsen, who has been serving as chief information officer (CIO) for the Department of the Navy,

has been named CIO of the Department of Defense on an acting basis. He replaces Teri Takai, who had served as DoD CIO since November 2010.

Air Force Brigadier General Christopher P. Weggeman, deputy director for command, control, communica-tions and computer/cyber systems, J-6, Joint Staff, has been assigned as deputy director, future operations, U.S. Cyber Command, Fort Meade.

Robert Carey, who recently retired as prin-cipal deputy chief infor-mation officer for DoD, has been named vice president and general manager of CSC

Cybersecurity, where he will lead CSC’s public sector cybersecurity busi-ness.

Finmeccanica North America and DRS Technologies has announced the appoint-ment of Sally A. Wallace as president of the company’s C4ISR business group. Wallace previously was vice president of busi-ness operations for the DRS Maritime & Combat Support Systems business group.

PeoPle Compiled by KMI Media Group staff

Sally A. Wallace

Brig. Gen. Bruce T. Crawford

www.MIT-kmi.com MIT 18.4 | 3

Program noteS Compiled by KMI Media Group staff

Battle Command System Tested in Harsh Terrain

The Joint Battle Command-Platform ( JBC-P) system this spring completed its multi-service operational test and evaluation with more than a battalion of Marines on hand to test out the capabilities of the system in joint operations with the Army.

Test results should be available in the summer, with program managers planning to field the C2 system to the units in the next year or so.

“JBC-P is a joint digital, battle command information system that provides enhanced map imagery, integrated command-and-control and situational awareness information to tactical commanders and leaders,” said Major Steve Musick, the program’s project officer at Marine Corps Systems Command (MCSC) at Marine Corps Base Quantico, Va.

The platform provides information about the battlefield, including reports on friendly forces, enemy positions and civilian entities, and consolidates it onto a digital display for real-time reference for war-fighters. It also provides the ability to pass orders and graphics, which gives the warfighter the capability to visualize the commander’s intent and scheme of maneuver.

The JBC-P family of systems falls under the purview of Marine Air-Ground Task Force Command, Control and Communications at MCSC. The JBC-P test was part of the biannual Network Integration Evaluations staged at Fort Bliss, Texas.

JBC-P was one of 12 systems under evaluation during the full range of military operations in the harsh terrain at Fort Bliss.

Army Takes “Marketplace” Approach to Radios

The Army has released a draft request for proposals to procure additional Rifleman Radios using a full and open competition approach, under which the Army will award contracts to multiple vendors, creating a “radio marketplace” where vendors will compete for delivery orders as needed, after they achieve technical and opera-tional requirements.

The five-year base, plus a five-year option indefinite delivery, indefinite contract, will be awarded to multiple vendors who meet both the technical and service requirements to support the radio. This structure enables the Army to choose from numerous technologies, and to release a new contract if radio technology changes significantly after the initial five-year award.

The competitive non-developmental item acquisition strategy is expected to reduce radio procurement costs as the Army continues to modernize the network amid fiscal constraints. The acquisition strategy also includes on-ramp opportunities for vendors whose tech-nologies mature after the initial competition and operational tests. A contract award is expected in fiscal year 2015.

“The full and open competition gives all vendors the opportu-nity to participate as we work together to build the Army network,” said Brigadier General Daniel P. Hughes, Program Executive Officer for Command, Control and Communications-Tactical. “The radio marketplace will support continuous innovation to deliver better radios for our soldiers.”

Once the contract is awarded, each radio will undergo initial laboratory tests to determine if threshold requirements have been met. Vendors that meet the qualifications will move to the next phase, an operational test to be performed at one of the Army’s semi-annual Network Integration Evaluations.

The Rifleman Radio is a lightweight, rugged, hand-held radio that transmits voice and data via the Soldier Radio Waveform (SRW). With the SRW, the Rifleman Radio acts as its own router and allows information to be transmitted up and down the chain, as well as into the network backbone provided by the Warfighter Information Network-Tactical (WIN-T).

The Rifleman Radio can also be linked to Nett Warrior, an Android-based, smartphone-like capability that enables soldiers to send messages, access mission-related applications and track one another’s locations with GPS technology. Through low rate initial production, the Army has already purchased 21,379 Rifleman Radios, which are carried by soldiers at the platoon, squad and team levels.

The radios, fielded as part of the integrated Capability Set (CS) 13 network package, are currently supporting dismounted operations in support of the advise-and-assist mission in Afghanistan. Fielding is now underway to additional BCTs as part of CS 14, with eventual fielding planned across the entire force. The Army’s total acquisition objective for the Rifleman Radio is 193,276 radios.

www.MIT-kmi.com4 | MIT 18.4

DaviD StickleyDirector, JIE Implementation OfficeDISA

There is an awful lot hap-pening on JIE across the globe. We’re shying away from the concept of increments, or the idea that there is some sequen-tial lay-down of JIE capabilities across increments one, two and three. We’re trying not to talk about increments anymore, because much of the capability that we’re rolling out is truly global.

[DISA Director] Lieutenant General Ronnie D. Hawkins Jr. earlier mentioned the standup of the enterprise operations center (EOC) in Europe, but let me emphasize it’s not just the EOC in Europe. The team at DISA has done a fantastic job at standing up that EOC, building the relationships you need to run an operations cen-ter. But the EOC doesn’t stand alone. The network capability that supports that EOC has been ongoing for a couple of years, and there has been an agreement with the Army to take over some fiber on top of that, and [DISA Network Services Director] Cindy Moran’s shop has been installing

routers across Europe. We’ve got seven bases coming on line in the next 30 to 60 days. We have built out a core data cen-ter in Europe. Our Stuttgart, Germany, facility has been virtually expanded into Wies-baden, and we’ll have services up and running in that facility in30 to 60 days. We are putting JIE capability on the ground. But all of that foundational infrastructure does no good until you start looking at the applications, since a core data center without applications doesn’t help us much. We’re working with our EUCOM and AFRICOM partners to roll out applications into the data cen-ter.

Shifting to the Pacific, we just had a summit with our partners in PACOM. If you look at our JIE documentation, we talk about our Mission Partner Environment focus. Certainly it is, because that’s essential to the way they do war fighting today in their CENTRIX envi-ronments. We’re going to look at how we leverage MPLS as a capability for supporting those CENTRIX environments, and we’re doing that in Europe as well. That’s why I say don’t look at this as a sequential incre-ment march, because we are laying these capabilities down globally. The focus now is doing what we started in Europe, defining the core nodes and

Recent pResentations offeR insights into the cuRRent status and futuRe plans of dod’s Joint infoRmation enviRonment.

(Editor’s Note: AFCEA’s Joint Information Environment (JIE) Mission Partner Symposium, held May 12-14, 2014, in Baltimore, Md., brought together officials from the Defense Information Systems Agency (DISA) and other government and industry organizations to discuss the current status and future plans for the Department of Defense’s ambitious effort to realign and restructure the construc-tion, operation, and defense of its IT networks and systems. Followed are edited excerpts from a few of the many presentations at the symposium, selected to provide an overview and example of the range of activities underway.)

By haRRison donnelly, mit editoR


enterprise operations centers where we focus efforts on, and the best candidates for core data centers. We’ll be making those decisions soon.

In CONUS, our first instan-tiation of the single security architecture (SSA) is standing

up at Joint Base San Antonio, Texas. This is truly the revo-lutionary part of SSA, and in my view of JIE today. We have a great partnership and an enormous investment by the Army in this security archi-tecture. The Joint Regional

Security Stack (JRSS) is being built now in San Antonio, in a partnership between the Army, Air Force and DISA. What wasn’t originally part of our SSA plan has now become an integral part of the way we look at cybersecurity. What was

originally rolling up base boundaries into a regional stack is now a hard-core look at how we do cyber-analytics. We now have an opportunity to do cyber-analytics on one platform in a joint fashion. We’re talking joint computer network defense.

BrigaDier general Brian t. DraviSDirector, JIE Technical Synchronization OfficeDISA

I like to talk about it as I like to talk about it as a region-alized approach supporting a global continuum. We’re not using the term increment

anymore, but looking at a regionalized approach. In EUCOM and AFRICOM, the two combatant commands with EOCs, we’re building out an SSA focused on a JRSS. Simultaneously, we’re working with the Pacific theater on the Mission Partner Environment, and establishing requirements, capabilities and approaches to satisfy the engineering, design and requirements to deliver those capabilities into that

area of responsibility. At the same time, we’re working with the Army and Air Force on a SSA approach to JRSS imple-mentation at 11 locations in CONUS. In addition, we have a significant testing effort and engineering design effort and a significant operational focus on the command and control and management of those multiple environments as we seek to accelerate the JIE ini-tiative.

It’s hard to say when we will get to the end. I would like to see a global end date that satisfies the minimum and ini-tial operating capabilities that define a global JIE. But because we’re taking a regional approach through something that is not a program of record but a DoD ini-tiative, I think it’s fair to target 2020 as the date to have enough of the requirements satisfied to say we have met the threshold to declare victory on the JIE.

al taraSiukChief Information OfficerOffice of the Director of National Intelligence

I’d like to talk about how the Intelligence Commu-nity Information Technology Enterprise (IC ITE) and JIE coexist, and the role of the Defense Intelligence Informa-tion Enterprise (DI2E). Much of what I’ve said about IC ITE should sound familiar to those who have been work-ing on JIE. They both come from similar places and have

many of the same goals—to consolidate existing IT infra-structures while improving mission effectiveness, enhanc-ing information security and reducing costs. Both IC ITE and JIE will increase mission agility through eas-ing integration of opera-tions, enhancing information discovery access and secure sharing, providing greater capacity through the ability to quickly surge, providing a more defensible IT infra-structure, and supplying a strategic platform for innova-tion for both of our communi-ties.

But while we strive for the same things, our communities

are very different entities. As a result, our implementation of these strategies differs. At the IC, our initial implementation has focused on IT infrastruc-ture services for the TS/SCI information domain. My office has established an overarch-ing governance framework to address management, technical and security activi-ties across planning and implementation phases. IC ITE sharing capabilities will be achieved through the use of cloud-based architectures to deliver secure IT infor-mation services. For DoD, implementation of JIE focuses on the infrastructure as well, but at a much larger scale.

It is initially focused on net-work normalization, data center consolidation, pri-marily for the Secret and unclassified domains in DoD enterprise capabilities for identity and access management, email, file storage and trans-port.

Working these large efforts within the scope of existing and shrinking budgets and on such a scale makes this a very daunting task for both of us. But while there are differences in approach, there are also close relationships between the two, namely in ensuring that we jointly work to sup-port mission operations. One area of strong convergence is

6 | MIT 18.4

in governance. We participate across major CIO governance boards belonging to both the IC and DoD CIO. Many of the standards committees and data element discussions are now jointly operated and often co-chaired.

Most importantly, stan-dards and architectures are

being reused and applied in a standard fashion to all of our domains. To maximize our relationship and interoper-ability further, we are going to be working closely with two defense activities through the next portion of IC ITE implementation. In April, we had our kickoff planning

meeting with DISA to provide the services that currently exist or are being planned for the TS/SCI domain for the Secret and unclassified domains. This is an important and stra-tegic partnership for us, as DISA will be able to leverage the significant experience in establishing enterprise class

IT services as well as ensur-ing interoperability between systems connected to and sharing within IC ITE and with JIE. The other defense activity we are working with is the DI2E, which has been charged to serve as the unify-ing construct between IC ITE and JIE.

lieutenant colonel JameS BowenChief, Air Force JIE Team

For the past two years, the Air Force has been fully engaged and involved with the DoD CIO, Joint Staff and DISA in the establishment of the JIE concept. In a lot of ways, we’ve seen JIE as not just a way to improve ourselves in the Air Force, but also to take advan-tage of what we have learned with AFNet over the past couple of years, and provide that as a way forward in a lot of areas. We want to be part of the discussion and help shape the solution sets for JIE.

The fact that we have gone through the AFNet consolida-tion in the Air Force will allow us to adopt JIE much more quickly than if we hadn’t taken that step. Throughout the pro-cess, we’ve acknowledged that AFNet is our path to the JIE. But it’s not an end point either. Given the things that we’re doing at AFNet to consolidate from a major command level view of the network to an Air Force view of the network, it’s only a logical next step to get to a department view of the network.

[Air Force CIO] Lieutenant General Michael Basla recently signed the Air Force JIE strat-egy, which aligns closely with the forthcoming initial capa-bilities document being put out by Joint Staff J6, and we’ve participated in development of that document. We want to be engaged at the depart-ment level so that the tasks and solutions that we are being driven toward are those that we find acceptable and meet our requirements.

Our ability to shape JIE is as important as our abil-

ity to adopt it. We’re taking a strategic approach to help the department develop its strategy rather than waiting for someone to come across the wall and then complain about it. We want to be on the other side of that wall help-ing develop the solution. There have been a lot of efforts going on in the Air Force, and now we need to feed those back into the JIE discussions. We feel we have some solutions in the Air Force that we can provide to the department as joint solutions.

army colonel John mclaughlinC4 Operations Division ChiefU.S. Special Operations Command

We’re working to expand the global SOF network, which is where our SOF Information Environment (SIE), tagged with the JIE, comes into play. When [USSCOM Commander] Admiral William H. McRaven talks about expanding the global network, he is not talk-ing about ones and zeroes, but about the people and relation-ships, whether a SOF orga-nization on the battlefield, interoperability with a con-ventional unit, information sharing in the interagency, or a coalition environment. As

he expands the global SOF network, we have to support that on the C4I side. His intent is a global network, rapidly deployable and synchronized and coordinated.

The key to our require-ments within the SIE, and how we execute in the JIE, is that we are a global expeditionary force—one global enterprise. But we build from the tactical to the garrison, starting with the operator on the ground. How do we get his or her information, and at the same time get information to them?

It has to be simple and agile, able to move, and responsive, because we are moving rap-idly, and you never know when that one sergeant might have the critical information to go after a high value target, or stop an operation, or to do the information sharing needed to help build coalitions.

We are working to bring high bandwidth out to every location where we have SOF operators, including video teleconferencing, full motion video and Web portal pres-ence, and to be able to get

services out to you whether you’re in the mud, at head-quarters or with coalition partners. You have to be able to share, since a lot of the combat power that SOF brings to an operation comes from the ability to share combat information. O

For more information, contact MIT EditorHarrison Donnelly at

[email protected] or search our online archives for related

stories at www.mit-kmi.com.


As the U.S. military, like much of the rest of the world, rushes to take advantage of the huge potential of Fourth Generation Long Term Evo-lution (4G LTE) technology, the explosive popularity of this standard for high speed wireless communication is offering both opportuni-ties and challenges for the Department of Defense.

Even as the military ser-vices launch a number of pilot projects exploring the operational use of 3G and 4G LTE, and the Defense Infor-mation Systems Agency (DISA) reaches out to indus-try for help in taking advan-tage of 4G LTE, the demand by the telecommunications industry for more bandwidth is putting heavy pressure on

the military’s traditional access to portions of the electromagnetic spectrum.

The global wireless broadband indus-try is seeking to reallocate spectrum from defense to commercial use to meet con-sumer demand for greater mobility and more data-rich applications.

The extent of that demand is evident in a report issued by Juniper Research, which projects that this year there will be more than 220 million 4G LTE subscribers around the world in 70 countries. In addition, a

Mike Zirkle

By KaRen e. thueRmeR, mit coRRespondent

the gRowth of 4g lte technology is cReating challenges and oppoRtunities foR the militaRy.


mobile data traffic forecast through 2018, issued by Cisco, indicates that a 4G connec-tion generates far more traffic on average than a non-4G connection.

Although 4G connections represent only 2.9 percent of mobile connections today, the Cisco study found that they already account for 30 percent of mobile data traffic. By 2018, 4G will be 15 percent of connections but 51 percent of total traffic, and by 2018, a 4G connection will generate six times more traffic on average than a non-4G connection.

“The number of connected devices and the demand for greater bandwidth and net-work performance is what is driving this,” said Mike Zirkle, associate director for public sector marketing, Verizon Enterprise Solu-tions. “In fact, the Cisco forecast states that the number of mobile devices will exceed the number of people on earth. When you get into that, LTE is certainly a big part of the global data growth.”

In addition to competition for band-width, the military also faces technical chal-lenges in deploying 4G LTE in ways that meet its unique operational needs. The Navy, for example, faces a problem in that there are few cell towers its warships can access when at sea.

“Very simply, the difference between the military and civilian sector in 4G LTE is the commercial vendors,” said Rob Semple, senior manager of business development for Exelis. “AT&T, Sprint and Verizon have an extensive network of cellular phone towers to provide uninterrupted coverage. Because of this extensive network, available frequencies that operate within the specified frequencies needed become scarce, and the military sold off a bunch of frequencies that were made available to the commercial market.”

spectRum issues

A big difference between military and commercial requirements is that the com-mercial world can plan for what it needs, explained Vanu Bose, chief executive officer of Vanu Inc.

Verizon Wireless, for example, engi-neers its network about six months ahead of demand and invests on average more than $6 billion annually in its network to satisfy growing demand for voice and data services.

“The military is dealing with a global spectrum situation where the frequency allocation and uses are different all over the world. This is also the case in the U.S.,” Bose said.

Military training programs offer an example of how this can be a problem. “Some of the guys who do training cannot use the same system at U.S. bases as they do in the field because the frequencies are not available,” Bose explained.

Recognizing the potential for growth in one of the more vigorous sectors of the economy, the Obama administration has been pushing to free up more bandwidth. A 2010 policy called for making available a total of 500 Mhz of federal and non-federal spec-

trum over the next 10 years, suitable for both mobile and fixed wireless broadband use. Nations in other parts of the world are also taking similar actions to make additional spectrum available for wireless broadband.

DoD officials have responded to the need, issuing a major report on electromagnetic spectrum strategy in 2013 and agreeing last fall to a compromise under which the military would give up use of one portion of the spectrum while moving to another por-tion that would be shared with commercial broadcasters.

The 2013 report recognized that carriers are finding creative ways to meet demand by offloading traffic to low power unlicensed WiFi hotspots and deploying smaller wireless cells.

“They expect more improvements will be needed and continue to develop more capable wireless devices and applications,” it stated. “Consequently, DoD has the oppor-tunity to leverage commercial technologies and wireless services to meet DoD require-ments, where appropriate.”

militaRy Benefits

The military benefits from a lot of 4G conversion center on reliability and sig-nificant security updates inside of 4G LTE, according to Zirkle. “In LTE, both signaling and payload information is encrypted,” he said. “LTE offers enhanced security through strong mutual authentication, user iden-tity confidentiality, along with other secu-rity enhancements that make it even more secure than existing 3G technologies.”

The opportunities for the federal gov-ernment and the military are the same as what is being seen in the broader market, he added. “The goal is to have the most reliable network in the United States. The military certainly takes advantage of that.”

Just as with video and enterprise applica-tions that are increasingly being pushed to the edge in the corporate world, the mili-tary wants to take advantage of unclassified capabilities, for example for training. “The need is not just for email or text messages, but video and more unified communications and collaboration such as navigation and data services—components that are enabled because of 4G LTE,” Zirkle said. “4G LTE delivers speeds of 5 to 12 Mbps from network to device and 2 to 5 Mbps from device to network.”

Another factor is the increasing accep-tance of “bring your own device” in the


workplace policies. “People recognize that 4G LTE networks allow greater data speeds and coverage, which translates into better quality applications, larger and higher-qual-ity video images, and faster connectivity,” said David Bezzant, senior national director of public sector direct sales for T-Mobile.

Crowdsourced consumer data shows that T-Mobile has the fastest nationwide 4G LTE network, Bezzant said. “Compared to other technologies, 4G LTE technology is spec-trally efficient so network speeds are faster, latency lower, and there is more capacity per megahertz of spectrum.”

The military can benefit from T-Mobile’s 4G LTE network, Bezzant continued, as a result of improved data connection continu-ity through rapid failover from landlines; improved low-latency voice and text appli-cations for dissemination of mission com-mand data; video streaming capabilities for surveillance and monitoring; and bandwidth for high-resolution imagery needs such as mapping.

“T-Mobile believes our nationwide 4G LTE network helps the military leverage its own investments in data centers and networks by improving its ability to oper-ate larger, more sophisticated cloud-based services on mobile devices,” he remarked. “T-Mobile covers 96 percent of Americans coast to coast, reaching over 287 million Americans. Overseas mili-tary personnel can also ben-efit from T-Mobile’s unlimited data coverage Simple Choice plan.”

T-Mobile has already enhanced its LTE by deploy-ing 10+10 MHz 4G LTE in 43 of the top 50 metro areas, delivering download speeds up to 72 Mbps. “In November 2013, we began deployments of Wideband LTE with 15+15 MHz and 20+20 MHz,” he said. “What that means is that we’re building 4G LTE super-highways that are incredibly fast and wide open—and where you can experience down-load speeds up to147 Mbps.”

Still, there is only a finite amount of spectrum. “If the government clears out the spectrum for exclusive federal use, we would probably still run out of bandwidth in 10 years,” Bose said, adding, “LTE requires a wide spectrum to operate.”

LTE networks run on frequencies in the 700 MHz to 2.5 GHz range, though spectrum on lower frequencies is preferable for carriers

since it can maintain signal strength over longer distances. Industry observers contend that because 4G LTE provides much greater bandwidth—up to 100 times more in some cases—the military can benefit from this technology.

“The big advantage of LTE is, with the global uptick in its usage, everything gets cheaper because volumes of users get so high,” Bose added.

On the other hand, military usage doesn’t come close to that of the com-

mercial market, nor can the military invest in spectrum for its own needs the way commercial entities do. For example, the range of 4G LTE penetration becomes difficult for the military as it has to deploy a mobile network in austere environments.

“Where a major cell com-pany would have five towers to cover a 10-mile area, the military would have to deploy

mobile ‘cell towers’ or points of presence to provide the coverage and reachback capabil-ity to the network inject point via some type of wideband communications,” Semple said.

industRy collaBoRation

DISA in March released a request call-ing for industry, universities and research organizations that are involved in wireless technology, radars and signal processing, electronic warfare, and spectrum monitoring and sensing to collaborate to find ways for the military to better use 4G LTE technology.

In response, Vanu Inc. is involved in putting together a consortium of private industry to work with the government on solving its dynamic spectrum problems. The company builds wireless network equipment and focuses on creating solutions for places that do not have coverage today.

Meanwhile, a number of companies are involved in testing and elevating LTE sys-tems to understand where the military can use it.

“The military continues to explore extend-ing the network to the disadvantaged user via cellphone, 3G and 4G LTE, focusing more on 4G LTE due to its increased bandwidth,” Semple stated. “This allows the disadvantaged user to leverage COTS smartphones with specifically developed apps to support their mission.”

Using commercially developed smart-phones is a key strategy, since today’s soldiers grew up and are comfortable with these devices and other technologies. “DoD has conducted numerous training exercises that leverage the 4G LTE technology to extend the network to the soldier during Network Inte-gration Evaluations and Army Expeditionary Warrior Experiments,” Semple stressed.

Exelis provides that capability now with its Global Network on the Move-Active Distri-bution (GNOMAD).

“GNOMAD supplies a mobile point of presence to provide services out to the disad-vantaged user via high data rate light-of-sight radios, or with its 3G/4G PICO cell module,” Semple stated. “The GNOMAD connects back into the network via its wideband SATCOM link (Ku-, Ka- or X-band) while operating on the move.”

Kevin Kelly

(Left) Lance Cpl. Keaton L. Lyon, the senior radio operator with 2nd Platoon, Bravo Company, 1st Battalion, 1st Marine Regiment, 1st Marine Division, works with 2nd Lt. Spencer M. Everingham, platoon commander for 2nd Platoon, to communicate with the command operations center during the company training segment of Exercise Mountain Warrior 06-10 at Marine Corps Mountain Warfare Training Center Bridgeport, July 22.


4g at sea

Another company that is active in this area is Oceus Networks, which has been working with the Navy on a high profile 4G LTE project. Jeff Harman, senior vice president of DoD solutions for the com-pany, noted that the Navy has been active in exploring innovative uses of 4G LTE technology for operations at sea.

“The Navy’s visit, board, search and sei-zure (VBSS) mission requires the ability to stream full motion video from helicopters to the ships and fast boats engaged in VBSS operations,” he said.

To do this, Naval Air Systems Com-mand partnered with Oceus to develop a pilot program on two ships using 4G LTE technology to enable this mission. The USS Kearsarge and the USS San Antonio were equipped with a micro-wave-based wireless wide-area network augment existing satellite-based communi-cations. The LTE network lets personnel on the two ships receive real-time video streaming from air nodes mounted on heli-copters, which in turn allows officers to make quicker and more accurate decisions based on what advance units are doing.

Oceus also is providing solutions based on secure communications in a 4G LTE environment for other military organiza-tions as well. “Our solutions have been integrated onto Navy ships and helicopters, on Army vehicles and for dismounted sol-ders, and on UAVs and aerostats,” Harman said.

A key focus for Oceus has been in pro-viding end-to-end solutions for the military. “We don’t just provide the bandwidth, but we also worked with the military, including the National Security Agency, to ensure these 4G LTE transmissions are secure,” he said.

Oceus was the first company to receive interim authority to operate 4G LTE at the secret level.

“We have integrated applications and improved the user experience for the devices used by our men and women in uniform,” he added. “Additionally, we developed a mis-sion management solution to better enable the military to use these new capabilities in their mission.”

Along with testing and evaluating LTE systems, DoD remains focused on how companies can provide secure systems, par-ticularly when it comes to cell/smartphone usage.

“If you talk to any warfighter who has been to Iraq or Afghanistan, they will tell you they used their cellphones there,” Vanu commented. “Many comment that the map-ping capability on their cellphone is often better than any other technology. It’s easier to use and the map itself is oftentimes better than what the military supplies.”

Consequently, Bose maintained, war-fighters need to be enabled with those capa-bilities in a way that is as secure as possible. “It’s never going to be as secure as a Type 1 military radio,” he said. “But we need a middle ground. If we change the security requirements you can open up the use of modified commercial technology much more easily.”

advanced secuRity

The security incorporated in 4G systems is much more advanced in comparison to earlier cellular standards, said Kevin Kelly, chief executive officer of LGS Innovations.

“To enhance security, mobile device management capabilities are being devel-oped to enable DoD to support an overlay of its own mobile user management with VPN AES (FIPS) encryption standards, DoD user authentication, and DoD application stores,” he said.

Kelly added that a substantial body of 4G LTE and LTE-Advanced (LTE-A) technology is building in the industry, and that future tactical systems should apply this technol-ogy base. These technologies include small cells, micro cores, self-optimizing networks, multi-cell coordinated signal processing, multiband operation and RF component miniaturization.

The LTE-A standard will deliver much higher throughput, with up to 100 Mbps in mobility conditions and up to 1 Gbps in static mode.

Kelly sees a wide range of tactical use cases. “They have a common theme of sup-porting deployed personnel from the Army, Marines, or Navy by providing local broad-band wireless communications in an on-the-move or at-the-halt common operational picture, with either agile or fixed backhaul to operating bases, airborne platforms, sat-ellites, or other communication links to the theater backbone network,” he said.

The tactical base stations would be deployed with the military assets, and per-sonnel would use tactical smartphones with security enhancements corresponding to mission threat levels. “An example would be

a call for fire (CFF), which could be made faster and more accurate by sharing a com-mon operational picture with all personnel, issuing commands and receiving location information for force tracking, using digital targeting devices to further identify hos-tile locations, supplementing the commu-nications with text and photographs, and transmitting graphically entered symbols initiating the CFF,” Kelly said.

Smartphone combat fire support appli-cations have been developed under DoD’s Forge.mil, a collaborative software develop-ment program, that support the CFF mission in a net-centric environment and provide the military observer with improved situ-ational awareness in the local area, graphics based targeting, highly networked mission fire support and coordinating measures pro-cesses, and command review/authorization.

“In effect, deployed military personnel would have local broadband communica-tions that would be deployed with them, using DoD applications on smartphones and tablets with which they are already familiar,” he explained.

Another use case leverages the comple-mentary capabilities of mobile broadband applications of 4G LTE IP systems with the robust, secure voice communications of widely deployed Time Division Multiplexed (TDM) Land Mobile Radio (LMR) systems.

“LMR systems support military and first responder secure communications, but have very low rate data capability,” he said. “These systems can coexist in the same physical area, and they can provide broadband ser-vices and extended calling as complemen-tary extensions of each network through interoperability either with gateways or with further IP to TDM interface standards devel-opment.”

LGS Innovations offers a full portfolio of 4G LTE products, both in its own capac-ity and as the exclusive reseller of Alcatel-Lucent products where the end customer is the federal government.

“LGS is a leader of base station router technology in which the base station is a small, software-defined fully integrated wireless network element with IP interfaces that interconnect to IP networks with plug and play capability,” Kelly explained. O

For more information, contact MIT Editor Harrison Donnelly at [email protected]

or search our online archives for related stories at www.mit-kmi.com.


Medium Orbit Satellites Offer Affordable Connectivity

SES Government Solutions (SES GS) will offer O3b services on their General Services Administration schedule as of June 30, making it the first distribution partner to offer the O3b capability directly to the U.S. government. The O3b next-generation medium earth orbit (MEO) constellation of satellites offers customers affordable connectivity for up to 1.6 Gbps throughput and fiber-like latency (less than 150 msec). The first four satellites were launched in June 2013. The second four are scheduled for launch in July 2014, with another four scheduled in early 2015. SES GS provides global fixed and mobile satellite solu-tions in the geosynchronous (GEO) orbit. By combining this capability with O3b’s MEO offerings, SES GS offers government customers the benefit of having one provider for fixed and mobile GEO satellite service with broad coverage and comple-mentary MEO satellite service with high throughput over O3b coverage areas. This combination will provide connectivity for customers in remote areas where terres-trial fiber infrastructure is not available and low-latency applications are required. O3b provides connectivity to support troop welfare, time-critical high bandwidth traffic, disaster recovery and mari-time operations.

Sustainment Provided for Blue Force TrackingComtech Mobile Datacom has been awarded a three-year contract to continue to provide sustainment

support for the Army’s Force XXI Battle Command Brigade and Below-Blue Force Tracking (BFT-1) program, a battle command real-time situational awareness and control system. In addition, the Army agreed to continue to license certain Comtech intellectual property pursuant to a separate contract. Under the new three-year BFT-1 sustainment contract, which has a not-to-exceed value of $38.2 million, Comtech will provide engineering services and satellite network operations on a cost-plus-fixed-fee basis and program management services on a firm-fixed-price basis. The base performance period begins April 1, 2014 and ends March 31, 2015, and the contract provides for two 12-month option periods exercisable by the Army. The total estimated value of the base year is $13.6 million.

Contract Supports

Battle Network InitializationCACI has been awarded a $21

million task order contract to provide business, logistics and engineering services for Army Product Director (PD), Initialization (formerly Product Director Tactical Network Initialization). The contract award, which is for one base year and one option year, was awarded under the Army’s Strategic Services Sourcing contract vehicle. PD Initialization provides data products in support of network operations and connec-tivity for the Army Battle Command System, which is a digital C4I system that includes a mix of fixed, semi-fixed and mobile networks and is designed for interoper-ability with U.S. and coalition C4I systems. CACI’s services will help advance the integration of systems and tools for PD Initialization and migrate them to a more fully automated environment. This will allow Army units to take full advan-tage of the capabilities provided by their battlefield communica-tions networks throughout all echelons, from battalion through theater commands. CACI’s support services will include research and engineering development, proto-typing, demonstrations, integration, fielding and support for product/software, systems engineering and logistics.

Partnership Delivers Enterprise Resource PlanningBAE Systems and Infor have announced a new strategic partnership

to deliver and install Infor’s enterprise resource planning (ERP) software solutions for the U.S. government. BAE Systems’ analysts and engineers will install and operate Infor software solutions purchased by federal agencies, helping expand Infor’s business with the U.S. government. These systems include the Infor Public Sector (Hansen) suite, Infor ION, Infor Enterprise Asset Management, Infor Lawson and Infor Approva. Infor has a 30-year manufacturing and distribution legacy for ERP systems within the a

erospace, automotive, chemical, electronics, food and beverage, and indus-trial manufacturing sectors. In addition to this partnership, BAE Systems has invested in a new Infor products lab that will provide BAE Systems technical experts and customers with enhanced knowledge of Infor’s ERP systems, enabling them to develop best practices for system integration. It will also serve as a formal system training environment for BAE Systems’ network analysts, operators and engineers who will be installing and maintaining Infor products purchased by the U.S. government.


Data ByteS

Navy Orders High-Bandwidth Shipboard Terminals

The Navy has awarded Harris an eight-year contract valued at up to $133 million to provide shipboard terminals that give crews access to high-bandwidth voice and data communications. Under the agreement, Harris will provide up to 120 terminals in addition to the 70 terminals already delivered since 2008 under the indefinite delivery/indefinite quantity Commercial Broadband Satellite Program (CBSP) Unit Level Variant (ULV) contract. The new award brings the total potential value of CBSP ULV and Force Level Variant contract awards to Harris to more than $250 million through 2022. The program provides worldwide, commercial, end-to-end telecommunica-tions services to the Navy. The 1.3-meter Harris terminals offer X-band opera-tion over existing military satellites, and the option of military/commercial Ka-band operation for future deployed satellite systems. They support essen-tial mission requirements and provide high-speed Internet access and video communications on small combatant and support ships. Harris terminals also are used onboard Navy amphibious assault ships.

Offering Streamlines Vulnerability Assessment and Auditing

Tenable Network Security has released Nessus Enterprise, a new offering to streamline vulnerability assessment, configuration and compliance auditing and demonstrate adherence to PCI DSS require-ments. Nessus Enterprise makes it easy for teams to collaborate by providing central management of Nessus scanners, simplifying access for multiple users to scanners and scan results. Nessus Enterprise enables security and compliance teams to scan more assets more often; include role-based access for administrators, auditors and security analysts; and share scanners, schedules, scan results and

policies. Nessus Enterprise Cloud, also available now, is Nessus Enterprise hosted by Tenable. It allows users to access their Nessus internal scanners and reports from the cloud and perform external scans of their Internet-facing IPs for network and Web application vulnerabilities. A PCI-Certified Approved Scanning Vendor solution, Nessus Enterprise Cloud also includes quarterly network scanning for external vulnerability scan validation for PCI. Nessus Enterprise is the first major scanning solution that can be deployed on-premises or accessed from the cloud.

Single Board Computer Supports C4ISR Applications

Curtiss-Wright Corp.’s Defense Solutions division has intro-duced the first member of its new family of rugged ARM-based COTS processing modules, the VPX3-1701, a 3U VPX single board computer (SBC) based on a CPU that features dual 1 GHz ARM processors. This cost-effective, low-power small form factor SBC is rated at less than 15W maximum power dissipa-tion. Curtiss-Wright’s ARM-based SBCs are the industry’s first VPX architecture processing modules to harness the affordability and low power advantages of the ARM architecture. They provide unmatched performance-per-Watt without compromising full-featured connectivity and I/O options. The VPX3-1701’s integral high-speed backplane and XMC connectivity enable multi-GB/s data flows from board-to-board through the backplane interface and from the backplane to its on-board XMC site to support the acquisition, processing, and distribution of sensor data for demanding C4ISR applications such as video, radar and sonar data processing.

Test Shows Seamless Switching Between SATCOM Networks

In-flight network switching between a Ka-band Wideband Global SATCOM satellite and a commercial Ka-band satellite has been successfully demonstrated by ViaSat. The flight demonstra-tion was conducted under a Cooperative Research and Development Agreement with the Air Force Life Cycle Management Center in cooperation with Air Mobility Command, 193rd Air National Guard, MITRE, and MIT Lincoln Laboratory. In the past year, ViaSat has significantly expanded the bandwidth on its global airborne network to address government requirements for broadband ISR delivery and en route connectivity. The company offers multiple service tiers, providing increasing levels of priority access to assure performance when the mission warrants it. This test proved a basic premise underlying the ViaSat “best available broadband network” concept: Seamless network-switching is possible not only between government and commercial satellites, but also between different airborne networks.


Compiled by KMI Media Group staff

Brigadier General Kevin Nally is the director for command, control, communications, and computers/chief information offi-cer (CIO) for the U.S. Marine Corps, and Department of the Navy (DON) deputy CIO (Marine Corps).

Nally was commissioned a second lieutenant in the Marine Corps in May 1981, after graduating from Eastern Kentucky University with a Bachelor of Science in agronomy and natural resources. After completing the Basic School and Communica-tions Officer Course, he was assigned to the 1st Marine Amphibi-ous Brigade, where he served as a communications platoon commander for the Marine Service Support Group-37 and later as a communications platoon commander for the Brigade Service Support Group. During this tour, he attended SCUBA School, Pearl Harbor, where he served in an additional duty capacity as a search and rescue diver.

In 1985, he was reassigned to Marine Corps Recruiting Sta-tion, Los Angeles, Calif., where he served as an officer selection officer. In 1988, Nally attended Command, Control, Systems Course in Quantico, Va. After graduating in 1989, he was assigned to the 2nd Tank Battalion, 2nd Marine Division, where he served as the communications platoon commander during Desert Shield and Desert Storm. Following this, he was assigned to Communi-cations Company, Headquarters Battalion, 2nd Marine Division as the executive officer.

In 1992, Nally was assigned as the operations officer, Recruit Training Regiment, Marine Corps Recruit Depot/Eastern Recruit-ing Region, Parris Island. In 1995, he was transferred to the 3rd Marine Division, where he served as the S-6, then the S-3, and finally as executive officer for the 4th Marine Regiment. In 1996, he served as commanding officer, Communications Company, Headquarters Battalion, 3rd Marine Division.

In 1998, Nally was assigned as the deputy director, J-6, U.S. Forces, Japan, and completed a Master’s in Information Systems Management. From 2000 to 2002, Nally was the commanding officer of Support Battalion, MCRD/ERR, Parris Island. From May of 2002 to July 2003, he served as director, Marine Corps Martial Arts Program.

Nally is a 2004 graduate of the Industrial College of the Armed Forces with a concentration in information strategy. Following this assignment, he served from 2004 to 2006 as the deputy direc-tor for C4, U.S. Central Command where he deployed twice in support of OIF/OEF. In 2006, he was transferred to Camp LeJeune, N.C., where he served as the II MEF AC/S G-6 and subsequently as the II MEF chief of staff. From 2007 to 2009, he served as commanding officer, Marine Corps Communications-Electronics School in 29 Palms, Calif. He served as the AC/S, G-6, MCAGCC/MAGTF-TC from 2009 until 2010.

Q: in broad terms, how would you describe the differences, as well as similarities, between the c4/it needs and goals of the marine corps as opposed to those of the other services?

a: Each service has a unique set of missions, roles and respon-sibilities. For the Marine Corps, the commandant has placed a

Brigadier General Kevin NallyChief Information Officer

U.S. Marine Corps


network warfighterEnabling a Flexible, Robust, Agile and Secure Network

Q&AQ&A

priority on ensuring that the Corps is America’s crisis response force, and that we are a force that is scalable, responsive, flexible and agile across the spectrum of operations. As with the other departments within HQMC, everything we do is to support our forward deployed forces as well as those units and organizations that support them (the supporting establishment). Therefore the C4/IT needs and goals are set to enable a flexible, robust, agile and secure network that enables operations across war fighting and business functions, and I would say that all the services have a similar vision. Another similarity is with respect to the current fiscal environment, as we all have increased focus on fiscal and budgetary responsibility.

Q: how do those differences affect your mission as cio of the marine corps?

a: The mission of CIO is set forth by law (Title 10), so there are few differences between service CIO functions. The unique mis-sion and role of the Marine Corps requires the CIO to establish policies, standards and procedures, to execute processes, and to employ enterprise decision support capabilities for the effective and efficient governance of Marine Corps Information Enterprise assets and alignment of those assets to Marine Corps warfighter domains and mission areas.

Q: as the marine corps charts its own course on some key it issues, do you see any disadvantages, in terms of overall DoD coordination and interoperability, that go along with the ben-efits of having tailored solutions and policies?

a: The Marine Corps is not charting its own course, but rather is conducting IT business to enable Marines, civilian Marines and support contractors to operate more effectively, and to be fis-cally sustainable and responsible. The Marine Corps remains in compliance with higher-level policies such as Joint Information Environment (JIE). The Marine Corps is aligned to meet the ini-tiatives that seek data access and information sharing, improved joint mission effectiveness, more effective training, increased security, and IT efficiencies. The Marine Corps Enterprise Net-work Unification Plan (MCEN-UP), which has been approved by the Department of Defense and DON CIOs, was developed to unify and synchronize the MCEN directly to JIE.

Q: how would you assess current DoD progress towards a Joint information environment, and what does the marine corps have to offer to these efforts?

a: The DoD JIE remains focused on the consolidation efforts directed by OMB and DoD, while ensuring service and combat-ant command mission success. Discussions range from the identification and implementation of primary core data centers, to application rationalization processes, to the identification of specific “enterprise services” that are to be provided within the JIE. The Marine Corps’ move into the Next Generation Enter-prise Network (NGEN) contract initiated probably one of the most comprehensive “in-sourcing” efforts in recent memory. The Marine Corps Unification Plan has been systematically mov-ing the service from a contractor-owned/contractor-operated environment to a government-owned/government-operated one.

A key factor in this transition is transforming the former-NMCI environment into one that implements the major attributes of JIE, for example, consolidated data centers, single security architecture framework, and transparent Marine Corps network capability from the garrison to the tactical edge.

Q: what is your current policy in respect to the development of an enterprise email system, as well as other shared services?

a: The Marine Corps has been on an enterprise email system since the Navy Marine Corps Intranet (NMCI) began in the early 2000s. NGEN is DON’s portion of enterprise email. We continue to work with DoD in support of a DoD Enterprise-wide Global Address List capability. The Marine Corps will continue to sup-port all DoD and DON shared services models where operation-ally effective and cost efficient.

Q: how would you define the marines’ approach and policy as the Don pursues the ngen program to replace nmci?

a: In regard to the NGEN program, the Marine Corps fully transitioned to a government-owned and government-operated model (GO/GO) in June 2013. We are utilizing the NGEN con-tract vehicle to provide the Marine Corps with touch labor and technical resources in support of Marines and government civil-ians planning, operating, installing and maintaining the Marine Corps Enterprise Network. We have been successfully running the Marine Corps Classified portion of the MCEN since 2008. Using this model, we will continue to utilize our lessons learned as well as plans, polices, processes and technologies to support our future improvements to the unclassified portion of the MCEN. The MCEN-UP is our way ahead to achieve many of those future objectives.

Q: what is the current state of progress in development of pol-icy and implementation of the use of mobile devices, especially those owned by uSmc personnel?

a: Migrating to a net-centric interoperable network is at the heart of our vision for enabling a knowledge-based force. Achiev-ing this vision requires the development of improved mobile, seamless and secure communications across the information enterprise. We have taken a number of important steps to address evolving information needs and challenges across the MCEN. One of these steps occurred in 2013 with the publication of the Marine Corps commercial mobile device strategy, which established a secure mobile framework intended to aid the iden-tification of mobile device capability requirements and promote the use of existing resources, including approved personally owned mobile devices. In accordance with Goal #4 of the Strat-egy, “Incorporate Personally Owned Mobile Devices within the Marine Corps Enterprise Network,” the Marine Corps has been developing an unclassified personally owned corporate enabled (POCE) mobile device capability, which seeks to provide person-ally owned commercial mobile devices with access to the MCEN. In terms of progress, we are currently conducting a beta test to refine the technical details of the solution. Following this phase, a large-scale pilot will be conducted in order to test all elements of the user experience and further refine the model technical


details. Pending successful completion of the pilot, we will determine whether the initiative will be incorpo-rated across the CONUS elements of the enterprise.

Q: can you describe your vision of a future tactical communications architecture that includes radios as well as smartphones, tablets and other devices?

a: The future Marine Corps tactical environment will be a maneuver environment unsupported by fixed infrastructure. Smartphones, tablets and other devices are simply host devices for applications that will draw network services and access data from echelons within our tactical network that can best provide reduced latency, increased availability and failover. To support existing and emerging operational concepts, expect to see data services pushed to lower levels, enabled through a mobile tactical mesh network. The specific waveforms that enable these mobile networks include Adaptive Networking Wideband Waveform, Soldier Radio Waveform, and Wideband Networking Waveform, employed in architecture of tiered subnets. However, narrowband communications provided by HF and VHF capabilities will continue to be relevant.

Q: what is the current status, and how do you see the future potential, of the use of cloud computing by the marine corps?

a: The Marine Corps has been leveraging a cloud-based approach for over a decade. As this market continues to expand and become more robust, we will follow indus-try best practices where operationally effective and cost efficient. The Marine Corps will continue to build out our private based cloud environment within the Marine Corps Enterprise Information Technology Services (MCEITS) program of record located in the Marine Corps Information Technology Center in Kansas City, Mo. Our future cloud computing goal is to move from our current infrastructure as a service to a more mature platform as a service approach. Over the coming fiscal years, the Marine Corps will continue to consolidate and standardize our multiple application hosting and development environments within MCEITS.

Q: what initiatives do you have underway in the area of infor-mation security, and how does your organization coordinate with marForcyBer?

a: Cybersecurity initiatives include a single security architec-ture framework that includes a “comply-to-connect” construct initially within the garrison environment. This construct would take systems that are plugging into the MCEN and automatically ensure all open IAVA patch requirements and Security Technical Implementation Guide standards are pushed and installed before allowing the systems access to any internal resources. This is in alignment with the Federal Continuous Monitoring construct. As the Marine Corps CIO, the overarching service responsibil-ity for the network falls to C4, and this is executed through policy and standard development, with institutional validation of

compliance with those policies and standards. MARFORCYBER has been tasked to operate and defend the MCEN, and they execute the direction and actions needed to ensure a protected, defended operational environment in accordance with policy and standards.

Q: how would you describe your goals in the area of it gov-ernance, and what processes do you have to ensure that your programs are meeting the needs and responding to the feedback from uSmc users?

a: IT decisions require an objective, disciplined, repeatable process to meet the network demands of scalability, responsive-ness, flexibility and agility. Our goal is to continue to execute IT governance that way: ensure roles and responsibilities, authorities and accountabilities are accurately assigned, under-stood and acted upon. We maximize collaboration facilitated by people, processes and technology to hear, understand, and address the needs of USMC users. We continue to mature in executing CIO Core Competencies established by the Federal CIO Council, and those processes and practices that just make sense from an operational performance and fiscal perspective. To meet user demands, we have open dialogue about require-ments, and through the PPBE process balance these require-ments, along with cybersecurity, with Marine Corps fiscal objectives. O

Sergeant. David Evans monitors the data traffic and servers that support high-tech satellite communications of the Combat Operations Center. The Operations Trailer, combines cutting-edge technology with rapid deployment capability. It is a two-wheeled trailer that carries all the necessary equipment to setup and establish a high-tech COC including: essential servers, routers and encryption systems that can reach back to standard military radios or to the internet via satellite.


Seeking to reduce costs and enhance control of satellite com-munications, a multi-service group in the Department of Defense is working to stimulate development of technology that will enable a switch from analog intermediate frequency (IF) to digital intermedi-ate format (digital IF) technology for processing transmissions.

The Digital IF Working Group includes the Army Project Manager Defense Communications and Army Transmission Sys-tems (PM DCATS), Defense Information Systems Agency (DISA), MILSATCOM Systems Directorate, Communications-Electronics Research, Development and Engineering Center (CERDEC), Air Force Life Cycle Management Center, Navy Program Executive Office C4I, Army Space and Missile Command, and other key com-munications-focused commands. It is pursuing a long-term strategy aimed at putting together standards and encouraging COTS produc-tion of systems that will bring the benefits of digitization to the analog systems currently used in SATCOM gateways.

“This fundamentally will change how we do busi-ness, and the way we strategically deliver SATCOM capabilities,” said Colonel Clyde E. Richards of PM DCATS, a working group participant who has referred to digital IF as “the next big thing” in military SAT-COM.

“It’s a very familiar paradigm shift from analog to digital, and all the benefits that come from that,” Richards explained. “You can talk about greater capac-ity and reliability. You get better error correction and faster speed. We will have the ability to centrally

manage the gateways, or terminals, and the services that are pro-vided. Today, we operate and manage in a decentralized manner. The systems being introduced will provide greater capacity and speed to warfighters and decision makers, and enhance responsiveness in terms of making critical decisions and moving faster than the enemy.

“Finally, one the greatest benefits is that it will significantly reduce the costs and footprint of what we are doing today,” Richards added.

Randy Nash, chief of CERDEC’s Developmental Systems Branch, SATCOM Systems Division, Space and Terrestrial Communications Directorate (STCD), offered some historical perspective on the need for new SATCOM technology: “Historically, the evolution of the stra-tegic SATCOM architecture has been relatively slow in comparison to the evolution of other telecommunications technologies. The component-level technology that you would typically find in a stra-

tegic SATCOM terminal subsystem has significantly evolved over time, due to demands in other growing technological areas. However, the system-level tech-nology has significantly lagged with regards to break-through innovation, predominately due to the longer than expected lifecycle of the strategic terminals.

“SATCOM systems have not taken a significant technological leap forward, even in the last decade. Digitizing the transmission path entirely or by com-ponent would significantly improve their technical performance, resulting in efficiencies gained in both cost and space segment power/bandwidth resources,”

multi-seRvice gRoup woRKs to stimulate development of digital inteRmediate foRmat technology foR pRocessing satellite tRansmissions.

Col. Clyde Richards

By haRRison donnelly, mit editoR


added Nash, whose agency has been a leader in this area in recent years, sponsoring the Future Advanced SATCOM Technologies (FAST) initiative with the goal of developing the next-generation, all-digital IF architecture for strategic SATCOM.

tRansmission faBRic

Within a ground station, IF is the fabric that moves waveforms from the modems to the antennas and terminals. IF is used because it offers better signal processing than at the higher frequencies used for Radio Frequency (RF) propagation. In addition, it provides a fixed frequency for processing signals, instead of having to pro-cess multiple frequencies, Richards explained. “It’s much easier to process and handle, and costs less. Finally, it isolates the frequency, so it can filter out any other frequencies at a close range.”

Currently, all Army/DoD SATCOM operations rely on analog IF from the modem to the antennas. In order to make a switch from an analog to an all-digital format, modems capable of providing a digital IF format will have to be installed, along with new routing and switching.

“We want to implement this as soon as it is mature, available and affordable,” Richards said. “We’ll be prepared to make the investments where they make most sense. It will probably be a nor-mal transition that fits into the tech refresh cycles that we already have planned for obsolescence.”

The issue is that digital IF technology today is not at the level of maturity where it could be acquired and deployed on a system-wide basis.

“It’s not available commercially, and what we are doing is try-ing to stimulate the market so that this capability becomes readily available. We know it can be done, it’s just a matter of getting it to market,” he noted, adding, “We’re looking at it from a COTS perspective, so we want a product that is being provided, not a developmental effort by the government—a product that we can procure that meets an open standard.”

Once available, however, the digital IF technology is expected to provide substantial operational and economic benefits. “From a performance standpoint, we get higher capacity and speed to meet what we see as a growing demand for SATCOM. That translates into wider satellite transponder bandwidth, so we will be able to transmit and receive higher carrier counts than we do today,” Richards said. “We also get higher reliability, and we can mitigate noise issues that we currently have with analog terminals, taking advantage of superior signal quality that comes with digital. So we reduce the number of transmissions we have to make to get the transmission right. There is no way we can do that today without a digital capability.”

From a distribution standpoint, terminals today operate in a decentralized fashion, each terminal being managed separately. With digital IF, however, the IF can be distributed globally from centralized points of operation.

“We can distribute over the existing high-speed terrestrial network at the high rate of speed that it brings,” Richards said. “We’ll be able to centralize the equipment and staffing operations, rather than distributing all the capability in a decentralized man-ner, and having all the overhead and staff costs at each location. It not only provides better management, but also better control and security, since it is now more centralized. It provides global flex-ibility, because once you have this infrastructure in place, you have

the ability to move transmissions over any gateway. It also provides redundancy, which gives you more reliability.”

“When you talk about the economic standpoint, you will reduce costs because you won’t need to have as many modems and decentral-ized locations. We can reduce the floor space and costs of maintaining equipment and facilities. We also won’t have to pay as much over the life cycles of all the equipment we had. Finally, we get the benefits of digital capabilities and technology. As things get faster, we will be able to incorporate that into the capability and leverage it,” he added.

To that end, the working group has been collaborating for the past couple of years, bringing together a total of nine organizations focused on developing an open commercial standard that can be pro-vided to industry and turned into products. “We hope to see standards established and production begin within the next four to six years,” Richards said. “We have made a lot of progress. One of our greatest challenges is the fiscal constraints we face. It isn’t happening fast enough for us, because we want to start integrating this technology and reaping its benefits. But we have to go through the process, and get the funding. Based on where we are, the business case indicates that from performance and cost standpoint, this is the way to go.”

fast pRogRess

With several years of experience in developing and demonstrat-ing the technology, CERDEC STCD is serving as the subject matter experts in the digital IF SATCOM domain. The organization has been examining the issue for several years, undertaking several initial and proof-of-concept studies before launching the FAST program under STCD’s Joint SATCOM Engineering Center.

Lessons from the early prototyping efforts shaped digital IF devel-opment, Nash explained. “The need for standardization became a pri-ority throughout the early development stages, as it became apparent that an all-digital SATCOM architecture can take on many variants, depending on the mission-specific requirements. It also became apparent that the architecture core subsystems can be functionally equivalent, but not interoperate when designed by different vendors.”

In response, the FAST Working Group was set up in fiscal 2012 to develop an Open Standard Digital-IF Interface (OSDI) for SATCOM systems. “The impetus behind this effort was to collaborate with indus-try to develop an open-system architecture and protocol standard for digital IF SATCOM, using practical design experience and practice,” Nash said. “The other objective was to stimulate industry development of digital IF SATCOM systems and subsystems. This development focused on fostering open market competition while not limiting cre-ative ‘black box’ designs, non-proprietary technology, and designs that achieve compatibility, interoperability and interchangeability.”

The FAST Working Group has included STCD and DISA, team-ing with Harris GCS, Comtech EF Data Systems, Welkin Sciences, Hughes Defense and Intelligence Systems, L-3 Communications West, and RT Logic.

This effort has resulted in a modular architectural framework defining the signal processing elements and the subsystem com-munication interfaces to create all-digital strategic fixed SATCOM terminals. The standard is currently being tested, and will subse-quently be published in the public domain. O

For more information, contact MIT Editor Harrison Donnelly at [email protected] or search our online archives

for related stories at www.mit-kmi.com.


With its promise of improved efficiency in setting up and control-ling networks, software-defined networking (SDN) is bringing funda-mental changes to this critical aspect of information technology. While the Department of Defense has so far taken only limited steps in this area, experts predict SDN will soon bring major changes to military networking as well.

SDN embodies a number of interrelated concepts and technologies, not all of which are new, but which have gained currency due to sheer necessity. Network design has lagged behind other aspects of information technology such as computing and storage, and SDN has come about to allow networking to catch up.

Today’s networks are largely based on decades-old technologies. Provisioning and configuring net-works continue to be time-consuming and laborious tasks because much of the programming remains in hardware components. Making changes requires the manual reprogramming of each piece of hardware.

One key attribute of SDN is to remove control of the network from distributed hardware components and introduce software that enables network manag-ers to program the network centrally, holistically and dynamically.

A second important aspect of SDN involves net-work virtualization. Virtualization of computing and storage has been ongoing for some years now. Especially in a connected world, and for a military that seeks to push information to the edge, network virtualization is required for the network to integrate with the compute and storage components of the IT infrastructure.

Creating an open-source SDN community began to take off last year. But SDN could just as well be represented by proprietary offer-ings, and some vendors have marketed those kinds of SDN network controllers.

The OpenFlow communications protocol, an open standard that separates packet forwarding from high-level routing policies—an important characteristic of SDN—was developed some years ago by researchers at Stanford

University. OpenFlow has since been incorporated into OpenDaylight, an industry consortium seeking to develop an open platform for net-work programmability.

Some commercial entities have undertaken major SDN deploy-ments, but the U.S. military has lagged behind. Nevertheless, a few defense organizations have experimented with SDN pilots, and ana-

lysts say it is almost inevitable that SDN will make its way into DoD networks, for all of the benefits and efficiencies it can provide.

“The networking industry is going through a funda-mental technology change,” said Tim LeMaster, director of systems engineering at Juniper Networks. “Traditional network design practices do not adequately support the modern user, and the networking industry is responding with SDN. This shift builds on changes already taking place in the data center, including the virtualization of servers and storage, which allowed them to be more agile and responsive to the services and applications that operators and providers are trying to provide.”

“When you change the way you compute, you have to change the way you network,” said Lorraine Cleary, director of product management at Avaya Networking. “Computing has already been virtualized. Everything in the data center needs to talk to each other, but the net-work became a bottleneck. The concept of automatically programming the network came to get that bottleneck out of the way.”

“SDN evolved into an expression of frustration with how networks are traditionally configured and man-aged,” said Doug Gourlay, vice president of systems engineering at Arista. “SDN has developed from a single

standard that allows networking components from different vendors to be orchestrated together into more of a meta-movement.”

Lorraine Cleary

Tim Lemaster

the pRomise of softwaRe-defined netwoRKing is to Keep the deployment, pRovisioning, and management of netwoRKs as simple as possiBle.

By peteR BuxBaum, mit coRRespondent

www.MIT-kmi.com MIT 18.4 | 19www.MIT-kmi.com

agility and contRol

Old-school networking combines the data and con-trol functions by embedding the programming in the network hardware. SDN came to separate the logical from the physical, noted Dan Kent, chief technology officer of Cisco’s public sector business.

“That means separating the control plane from the data plane,” Kent explained. “This was done on the server and compute side years earlier. The reason for doing this is to create a more agile type of network and to have some form of central control defined by software.”

“The network has become the long pole in the tent for delivering new services,” noted LeMaster. “Network solutions provisioning and configuration takes longer than the other components of service deliv-ery. It often takes several weeks to get the virtual local area networks and other networking components provisioned and configured. SDN promises to improve that time to deployment.”

Reconfiguring or reprogramming current networks requires experts to visit 1960s era command line interpreters and manually provision them, Gourlay explained. “What happened is that enter-prises and service providers started getting increasingly frustrated,” he said. “Workloads were moving faster than humans were able to pro-vide for them. They wanted to enable software-to-machine interfaces to configure machines.”

Networks have been built the same since the 1980s, noted Cleary. “Any innovations were always bolted on the existing infrastructure. As a result, networks run too slow and had difficulty supporting real-time applications, like Voice over IP (VoIP).” Avaya Networking provides VoIP network applications.

Much as cloud computing came to drive efficiencies in comput-ing infrastructure and deal with the ever-growing demands on that infrastructure, SDN remedies the issue of network scalability that is not keeping up with increased traffic and business needs.

“It’s limited by the number of appliances a provider can deploy to deliver their services,” said LeMaster. “For example, every service, such as load balancing, intrusion detection and prevention, and deep packet inspection, requires another appliance. That approach isn’t flexible or scalable enough for the agility that organizations require. Organiza-tions are looking to the cloud to increase agility and responsiveness when deploying services.

“SDN is a critical component to a more responsive infrastructure, making it easy to connect clouds and the virtualized resources within them,” LeMaster added.

The cloud infrastructure is made up of compute, storage and net-work components, noted Kent. “The cloud in the data center allows multiple tenants to share resources,” he explained. “The virtualization of computing enables administrators to dynamically turn out and turn down servers based on need. To build out a large cloud infrastructure requires the creation of a network and all the services that go along with that.

“SDN allows network managers to dynamically provision network resources. Its first capability is to virtualize the network so that you can turn up and turn out ports and routing, firewalls load balances. SDN provides the ability to do that with software,” Kent said.

The core of SDN’s management capability involves the extraction of the network brains from individual hardware components and plac-ing them in a software application that is used to manage the network as a whole. “Current networks hard-program components to examine

data packets to determine where they should be directed,” explained Robert McBride, senior product manager for Brocade.

“With SDN, this is controlled by policies embed-ded in software. Routing protocols are now dictated by this software, which is managed and updated from a single entity rather than being distributed across multiple network elements.”

“For example, in order to establish that a voice application on a network gets higher priority, the network manager has to press one button and all the switches involved will be reprogrammed,” said

Clearly. “Before, each switch had to be visited and reprogrammed individually. A mistake made on one switch could bring down the entire network.”

SDN also allows network administrators to view and manage their networks more holistically. “Before SDN, we were faced with having to guide individual elements and manage components with separate policy configuration engines or network configuration applications,” said McBride. “By providing a holistic view into the network, SDN allows managers to understand what is running on the network and where, and also to identify where security holes might be so that they can implement policies to address them.”

open standaRds

The movement toward SDN open standards hit a few speed bumps a while back, as network vendors attempted to take them in-house and make proprietary controllers, according to Gourlay. But some software developers also produced controllers that supported multiple vendors and have allowed the SDN movement to grow.

The industry movement to create open standards for SD has gained steam over the last year and a half. OpenFlow was a pioneer in this area and still plays an important role in its latest instantiation, although it does not provide the full gamut of functionality. Open application programming interfaces (APIs) fill these gaps by allowing the diverse components of the network to communicate with the cen-tral manager and facilitating network programmability.

“Standards are very important for customers to maintain the flex-ibility necessary for a scalable services architecture,” said LeMaster. “Many vendors of SDN solutions being suggested today are based on proprietary or inflexible protocols. Those proprietary protocols will lock customers in to particular solutions and prevent them from adapting to the ever-changing and fast-paced evolutions of data center architectures and cloud based models.”

“With OpenFlow and open APIs, the controller is able to tell all network components how to program themselves on how to manage the forwarding of traffic,” said McBride. “It removes the intelligence from within the network element and places it within the control-ler. Network policy changes can be made from a single application and adjusted, instead of each device having to make that decision itself.”

Juniper’s SDN controller, Contrail, is built on existing standards-based protocols, allowing users to interface with existing components provided by VMWare, OpenStack and other vendors without the need to swap out hardware. “Contrail automates and orchestrates the creation of highly scalable virtual networks,” said LeMaster. “Juniper made the code available via the open source OpenContrail Project, with the goal of helping drive innovation and adoption of SDN across

Robert McBride


the industry. Open APIs will also be important to provide interoper-ability between different vendors.”

Arista offers a set of products that run on a single operating system. It includes programmable APIs and OpenFlow, which allow network components to integrate with infrastructure running Open-Stack, Microsoft System Center and other solutions. “This enables better visibility, faster provisioning, and more rapid network trouble-shooting,” said Gourlay.

In this way, SDN also supports military aspirations for on-the-move communications, according to Gourlay. “Server virtualization is not well defined for mobile machines,” he said. “With network vir-tualization, wherever a virtual machine moves, connectivity follows. It allows personnel to find virtual machines, provision networks, and automate a lot of the more painful troubleshooting problems.”

Cisco’s interpretation of SDN, Cisco ONE (Open Network Environ-ment), is a series of tools that allow even legacy networks to become programmable and centrally managed. “Anything that was deployed in the last five years or so can be part of Cisco ONE,” said Kent. “Our components are already programmable, but also support OpenFlow and provide programmable APIs that allow outside parties to write programs to our equipment.”

OpenFlow 1.3 provides basic programming functionality, such as the ability to turn network ports on and off, Kent noted. The APIs add additional value to network programmability. Other tools included in Cisco ONE, such as NetFlow, can be used to analyze network traffic and identify security trouble spots.

“If you see traffic somewhere in the network where it was never seen before or if you see higher than usual volumes of traffic in certain portions of the network, NetFlow can be used as a diagnostic tool to check that out,” said Kent. “NetFlow can send an alert to an analytics device in the enterprise or the cloud, and the analytics system can do automatically what previously was a manual process, such as shutting off certain ports or sending traffic to a packet inspection tool. SDN allows for the automation of this closed-loop process.”

Cisco ONE has been piloted in several DoD organizations, but details of the projects are not publicly available.

Brocade comes to SDN from a number of different angles. The company is invested in a number of open source SDN-related projects such as OpenStack, a system for managing virtual resources, and OpenDaylight, an effort to create an open network controller sup-ported by several vendors.

The company also has a large number of products, such as high-capacity routers that have been deployed in many DoD locations worldwide, that have the functionality of OpenFlow enabled within the product itself, according to McBride.

shoRtest path

Avaya, as a network application provider of VoIP, has gone in a somewhat different direction by implementing an existing communi-cations protocol that accomplishes much of what SDN sets out to do. “We are not in the data center and we don’t provide the underlying network hardware, but we do know what a well-paved highway looks like,” said Cleary. “We have implemented a standardized technology called Shortest Path Bridging (SPB), embodied in IEEE standard 802.1aq. It smooths out the highway and accomplishes 80 percent of what SDN is trying to do.”

Avaya has embedded its latest generation of switches and routers with an enhanced and extended version of SPB, called Fabric Connect.

“This lets you completely virtualize both the networking and forward-ing in your data center or private cloud,” said Cleary. “This makes the physical layout of your network irrelevant, as you can build any logical network on top. It does to the network, what virtual machines did to the server.”

SPB is able to take voice data packets from the network edge and bring them to the server by way of the shortest path, without the necessity of examining the content of the packet along the way. “This reduces latency to 30 milliseconds,” said Cleary. “That is nothing for VoIP. It may cause some slight pixelization on video transmissions, but on a traditional network that would cause the call to be dropped and the loss of video frames.”

The market is beginning to realize the value of an open approach to SDN, according to LeMaster. “Customers don’t want to be locked into proprietary solutions that require a complete overhaul of their existing infrastructure,” he said. “Instead they want an SDN solution that works with their existing architecture and will evolve with their future needs. There has been a lot of buzz around SDN, but few orga-nizations have taken the steps to deploy the technology.”

Gourlay said he has seen some sizable deployments of SDN in the commercial world, but not yet in the military and intelligence com-munities. “They are slower to adopt new technologies,” he said. “Many of these organizations are overly reliant on a single vendor. There are also regulatory and other barriers to entry.”

“SDN promises to deliver greater mission agility, flexible delivery of applications and services, and scalability via an automated virtual network,” said LeMaster. “These virtual networks let enterprises and service providers harness the power of the cloud for new services, increased mission agility and responsiveness.”

“With SDN, the network infrastructure can easily be modified or manipulated to accommodate for different policies, and this can be accomplished at a very granular level,” said McBride. “Requirements for quality of service can be deployed dynamically into the network centrally, as opposed to configuring components individually. It sim-plifies the configuration that takes place on the network infrastruc-ture.”

SDN also promises benefits in terms of cybersecurity. “SDN can allow the network to respond more dynamically to attacks and to see quicker resolutions or mitigations of those attacks,” said Kent. “Anomalies don’t have to be dealt with at the component level. They can be managed centrally at the network level. With SDN, policies can by put into place to shut down ports and to quarantine or reroute suspicious traffic.”

Ultimately, the promise of SDN is to keep the deployment, pro-visioning and management of networks as simple as possible. This has implications for warfighters, as the military continues to push networks and information out to the edge and down to the lowest operational echelons.

“If we can keep the network simple and available, easy to deploy and easy to tear down, validate that it is working properly and keep it running reliably, this will have implications for the guy on the front lines,” said Gourlay. “It will reduce latencies and update information quickly from the rear to the person who needs the information. The warfighter will have better access to information to make the best decisions.” O

For more information, contact MIT Editor Harrison Donnelly at [email protected] or search our online archives for related stories at

www.mit-kmi.com.

With access to many logical and physical devices, including computers and offices, hinging on Department of Defense work-ers’ Common Access Cards (CAC), military officials are debating how best to keep up with the increased use of smartphones and other digital devices while matching the security levels found on the desktop.

The key challenge is how DoD personnel, including uniformed servicemembers, civil servants and selected contractors, will be able to authenticate themselves using a smartphone or other mobile device. “The big push, over the next year or two, will be how to store credentials from a private key securely in a mobile device,” said Paul Nelson, chief technology officer with Thursby Software.

Analysts say the topic of mobile ID authentica-tion appears to be a classic case in DoD of technol-ogy and user requirements outpacing policy.

CAC readers on desktop and laptop PCs allow personnel to authenticate their identification in a multilayer fashion, which includes what a user knows (password or PIN), who they are (biometrics, such as a retina scan), and what they have (ID card or token), with more layers providing stronger authentication. Office of Management and Budget (OMB) guidelines call for two-factor authentication for network access.

Biometrics is potentially the strongest form of authentication, since passwords can be forgotten, lost or compromised, and an ID card can be stolen. Their weakness for logical networks, however, is in replay capability—the ability of biometric scan data to be replicated on another device through a net-work. “You need a sophisticated method to prevent the ability to replay the scan on another side of the network,” Nelson noted.

Indeed, biometrics scans should never be performed in a networked environment because of the security vulnerabilities, according to Ojas Rege, vice president of strategy at MobileIron.

In order to best take advantage of commercial market innova-tion and economies of scale, DoD officials do not want to require additions to the form factors of smartphones and digital devices, particularly given their small size. So they are hoping to work with COTS products to facilitate the “bring your own device” trend in enterprise computing. Many smartcard readers are as large as

smartphones, and they require their own power source.

“A lot of the initial push came from the user community,” said Rege. “Over time, chief informa-tion officers and technology executives have seen that mobile computing, which requires on-the-go ID authentication, can help push out computing power to everyone,” he said. As a part of the shift toward mobile computing, more federal agency officials are examining the data flows and data pro-cesses within their enterprise networks, he added.

Rege sees a two-pronged approach at play: working with the Apple iOS and Google Android operating systems and devices to ensure appropri-ate security, and then ensuring that end-users have approved applications to work on the mobile devices. Through their applications, he also sees smartphones that go well beyond the first wave of BlackBerrys, which primarily provided mobile email and were early favorites of mobile government users due to their strong security.

The challenge of working with smartcards, Rege noted, is the level of complexity that they add to a mobile computing experience. Strong passwords will always be the preference of network administrators,

dod, industRy push use of moBile devices to authenticate useRs foR secuRe netwoRK access.

Ojas Rege

Paul Nelson

By william muRRay mit coRRespondent


he noted, but when there are long delays in verifying strong pass-words through an enterprise network, it can hurt user adoption.

familiaR inteRface

In its work on mobile authentication, the Defense Informa-tion Systems Agency (DISA) is primarily looking at a COTS native solution, according to Devon O’Brien, the agency’s lead engineer for mobility and public key enablement. “We want to utilize the vanilla offering of the device. A tethered or a Bluetooth solution would be very expensive,” he said.

DoD officials think it makes more sense to use the touch-based interface that many smartphone users have grown accustomed to using. Smartphones are used in mobile environments in DoD cur-rently as pilot or proof of concept projects.

Smartphones already have a great deal of cryptographic capa-bilities, so it would make sense for DoD to take advantage of them, according to Matt Shannon, who goes by the title of “lead dog” at 2DogsStudios LLC. “They know they want it as close to COTS as possible,” he said of DoD officials and their mobile ID authentica-tion plans. Such an approach allows new commercial technology to be integrated faster, and it’s also less expensive.

Shannon’s company produces MAuth, an app that performs mobile-based authentication of personal identity verification (PIV) based credentials for the iPhone, iPad, iPad Mini and iPod Touch. A PIV is a smartcard with the necessary data for federal employees and contractors to access federal information systems and facili-ties, and their criteria was set by the National Institute of Science and Technology (NIST) Federal Information Processing Standard 201, first issued in 2005. Users input their PIN, then personally identifiable information, followed by a fingerprint to authenticate themselves.

An example of a company making a COTS product for the DoD mobile ID authentication market is Thursby Software, whose products include a secure ID reader for mini iPads, a built-in smartcard reader that doesn’t allow the card to protrude when fully inserted into the reader.

Many commercial organizations need the high security stan-dards used by DoD, Thursby’s Nelson pointed out, citing Samsung’s development of the Knox for Android operating system as a sign of the company’s commitment to strong security. “Apple’s incredibly elaborate security system to encrypt files shows their commitment,” he said. “While they lack the two-factor authentication that DoD needs, the cryp-tography in the commercial market is very strong.”

Apple lacks smartcard support, indicated Nelson, who added that the company also could improve in its use of custom tokens to enable third parties to work well outside their framework.

Shannon pointed out that DISA officials last year approved the use of the Apple iOS 6 and the hardened Sam-sung Knox Android operating systems for mobile devices, thus opening a mobile DoD market formerly dominated by BlackBerry.

“It’s a rapidly evolving mobile arena,” O’Brien said. “Finding a solution that is both secure and usable is the biggest challenge. We really want to make sure we don’t compromise our security standards or our security posture. We have rigorous security requirements. We need to make sure each device provides the

required protection and accepts the required credentials.”

enteRpRise appRoach

There are advantages to DoD “unified enterprise approach,” as O’Brien called it. The DoD market is large enough that with a single approach toward security and basic requirements, it can attract innovative commercial companies to provide products and services.

“It gives us economies of scale and ultimately makes a solution cheaper with greater security monitoring and a unified structure,” he said.

According to published reports, DISA officials have been in discussions with Apple, Google and Samsung about improving the security of their products to meet DoD needs for mobile ID authen-tication.

Regarding usability, O’Brien and his DISA col-leagues look at the feasibility of deploying mobile ID authentication in cost-effective ways, since CACs cost $250 each. “We need to improve upon the solution and evolve our offerings moving forward,”

he said.Nelson noted that a Biometrics Associates LP (BAL) Bluetooth

reader for CAC, the only DoD-approved Bluetooth smartcard for Apple iOS and Google Android devices, costs more than $400. Some users also find it to be clunky, according to Nelson, since it can take about a minute to input a user’s PIN into the BAL Blue-tooth reader and have the encryption key properties begin to work.

Nelson acknowledged, however, that he is seeing prices go

First Sgt. Steven Purvis of C Company, 1st Combined Arms Battalion, 5th Brigade, 1st Armored Division, tests a mobile network using smartphones during a field training exercise at White Sands Missile Range, N.M.

Devon O’Brien


down on CAC and smartcard related accessories. He is also seeing improved case design, but thinks that ease of use is a continued need in the marketplace.

Biometric Associates’ baiMobile Framework for Secure Cre-dentials is a reader-independent smartcard framework for iOS and Android operating systems. It was first developed in 2007 for the Air Force and other organizations to support Windows Mobile 6.x, according to Mike Smith, director of business development at Bio-metrics Associates. The company ported the baiMobile Framework to the iOS and Android mobile operating systems under a DoD contract.

“More than 100 software development companies are build-ing mobile apps for industry and government using the baiMobile Framework,” Smith said.

One of the baiMobile Framework’s key features is its ability to support card-specific “plug-ins,” allowing support for most other enterprise smartcards. The framework supports digital certificates on traditional contact smartcards, NFC smartcards, microSD cards and embedded Secure Elements.

O’Brien and his colleagues would like to require that private key infrastructure credentials for each personnel reside natively on the mobile devices they use for authentication. “The users need us to work toward a solution,” he said. “We need to find a way to make them secure.”

O’Brien said he anticipates interim guidance from DoD about this subject, following discussions of senior leaders about the policy. “We’re not going to leap into something without vigorously vetting it,” he said.

O’Brien’s ultimate goal is to make sure that any device that meets DoD’s security requirements can access the infrastructure, regard-less of the manufacturer. “The endpoint is a seamless solution—any device that you have that can get the job done.”

moBile management

Meanwhile, DISA also continues to work on deployment of a mobile device management (MDM) system. Last July, the agency awarded a contract to Digital Management Inc. (DMI) to develop its system, which will help DISA build a multivendor environment to support a diverse selection of devices and operating systems. Observ-ers think it is vital to establish interoperability across enterprises between CAC/PIV cards, biometrics, derived credentials, and near field communications, which is a set of standards for smartphones and similar devices to establish radio communication by touching them together or bringing them to close proximity.

The challenge with the MDM contract is that technology has moved forward since DISA completed its MDM requirements more than a year ago, according to Nelson. “They only have to make it work,” he said of DMI’s obligations on the MDM contract. Other important needs such as ease of use and multi-vendor support are not MDM requirements.

DMI and DISA are building a Mobile Operations Center in the Washington, D.C., suburbs as a part of the MDM contract, to control applications and for configuration settings and other requirements. Mobileiron, which provides security and management for mobile apps, contacts and devices, is working with DMI.

DMI and Mobileiron are also working together on the Depart-ment of Agriculture’s enterprise mobile solution, said to be the first large-scale federal project of its kind.

It’s very important that the MDM contract proceed well, with

interoperability ultimately ensured, according to Nelson. He noted that DISA runs DoD’s email servers, so even if the military services wanted to proceed with their own plans regardless of MDM, they couldn’t.

“The real problem is that no one’s buying anything from the vendors, including hardware like card readers,” said Nelson, who predicted that military service mobile IT authentication spend-ing won’t increase significantly until MDM reaches its goals.

O’Brien pointed out that smartphones and other digital devices do not represent DISA and DoD’s first forays into mobile ID authentication. “The first step in mobility was laptops, as opposed to cell phones,” he said. “The device in my pocket does have increased capabilities, and I can access email, SharePoint and IT services on a mobile device.”

Last fall, Thursby Software announced a partnership with Acronis, a data protection solutions provider, and Silanis, an electronic signature provider, and Juniper Networks to provide secure mobility solutions for federal Apple iPhone and iPad users. More than 400 U.S. government organizations work with Thursby Software, according to company officials, and the company supports tens of thousands of mobile users in the U.S. government and other heavily regulated organizations.

Thursby Software, which holds a GSA schedule contract, is known for its secure Pkard Web browser and email apps. The Pkard Web browser doubles as an authorization agent, coordinat-ing reader and card access for a secure app ecosystem. In addi-tion, Acronis’ mobileEcho offers secure mobile file management, while Silanis provides electronic signature handling, and Juni-per’s Junos Pulse app enables secure Virtual Private Networking.

The apps can be flexibly deployed to personal or government furnished equipment, either directly and standalone, or as part of managed rollouts around app stores, apps or devices.

In September 2013, NIST issued a revised standard control-ling agency smartcard issuance. Nelson said he sees potential in taking derived credentials, a means of taking identity verification and encryption key infrastructure built up since 2005 for smart-cards, and applying it to mobile devices. DoD officials and ven-dors have sought more clarification about derived credentials.

In the two-factor authentication required for access to net-works by OMB, one factor should be a device separate from the computer gaining access. Some have wondered what besides USB devices, such as a SIM chip, could be used as a separate device.

This past March, NIST published more details about the tech-nologies federal agencies could use to apply a derived credential onto a mobile device, and how they could manage this process.

“It’s not the concept but the implementation that’s missing,” said Nelson, who noted that further clarification about hardware needs for derived credentials needs to be made.

According to published reports, however, NIST officials aren’t holding out much hope for near field communications, since many mobile devices either don’t transmit a near field com-munication radio signal or lack the capabilities to interact with a CAC. O

For more information, contact MIT Editor Harrison Donnelly at [email protected] or search our online archives for related stories at

www.mit-kmi.com.


cotSacopia

Platform as Service Delivers Rapid Application Development

DLT Solutions, a value-added reseller in government IT hardware, software and services, has launched a new private platform-as-a-service offering, CODEvolved. Architected by DLT Solutions, the solution is avail-able immediately and brings together Red Hat’s OpenShift Enterprise and Amazon Web Services (AWS) to deliver a rapid application devel-opment, testing and hosting environment built entirely in the cloud. With CODEvolved, public sector organizations can now leverage an on-demand, elastic, scalable and fully-configured environment for increased productivity with faster time-to-deployment for applications. Through CODEvolved, application developers can code, test and deploy their applications in a robust environment without the need to wait for operations staff to provision resources. Operations staff can provide a dynamic, standards-based platform while leveraging the flexibility of the AWS Cloud to provision and configure additional servers as needed. Furthermore, DLT Solutions also offers end-to-end professional services to help customers implement, integrate, and support CODEvolved. CODEvolved eliminates scalability, availability and procurement chal-lenges, allowing agencies to accelerate slow, expensive software develop-ment processes and jumpstart application deployment timelines. Insider Threat Solution

Enhances Privileged User Monitoring

Raytheon has unveiled the latest developments found in the latest release of its SureView endpoint audit and investiga-tion solution, which include new policy support features that enhance product capability for continuous monitoring and network auditing against insider threat and privileged user abuse. With this release, commercial and federal organizations now have access to a privileged user monitoring and auditing policy pack specifically designed to enable SureView to detect malicious acts and policy violations by privileged users that often go undetected. Additionally, this latest release includes SureView Spotlight, a software development kit that allows inte-gration with best-of-breed analytic solutions. Other new features of SureView include host-based network traffic monitoring and collection; simplified policy creation; new collection capability; and enterprise application suite enhancements.

Mission Computers Serve Multiple Air Platforms

Rockwell Collins has released the FMC-4000 series of flight and mission computers, offering advanced capabilities with unprecedented levels of performance and flexibility across a large variety of platforms. The FMC-4000 series is available for fighter, trainer, tanker, transport, rotary wing and UAV systems aircraft. It uses the latest multicore processor and hardware, along with accelerated video and signal processing and compression functions, that are suitable for dual use applications. These comply with both commercial and military environmental requirements.

Performance Management Suite Enables Easier Sharing

Riverbed Technology, a provider of application performance infrastruc-ture, has released new versions of its Riverbed SteelCentral product family, SteelCentral AppResponse 9.0 and Riverbed SteelCentral NetProfiler 10.6. The SteelCentral product family is the only performance management suite that combines user experience, application and network performance management to provide the visibility needed to detect and resolve issues before end-users notice. AppResponse 9.0 and NetProfiler 10.6 include new capabilities to simplify Web application monitoring so IT teams can share data more easily, identify trends faster and make performance data more relevant to users. New features in these releases include a Web console, out-of-the-box and customizable dashboard templates and a global view of the end-user experience. Together, these new features provide diverse IT teams with a holistic picture of end-user experience for Web applications across the network resulting in improved IT efficiency, enhanced business continuity and revenue preservation.

New Processor Speeds Rugged Unit Performance

Getac is upgrading its flagship X500 ultra rugged notebook and X500 rugged mobile server. By incor-porating a fourth-generation Intel Core Processor, Getac has been able to increase CPU performance by 55 percent over the previous model, an enormous benefit to the technologically advanced military customers who rely on speed and efficiency when working in some of the world’s harshest and most demanding work environments. The X500 will also support larger RAM capacities up to 16GB, next generation 802.11ac WiFi, and improved graphics that boast a 286 percent improvement over the previous generation in processing power.

Date post:	01-Apr-2016
Category:	Documents
Upload:	kmi-media-group
View:	224 times
Download:	1 times

Mit 18 4 final

Documents