Enabled Capability and Security in Military Federated Networks

Transcription

Enabled Capability and Security in Military Federated Networks
Enabled Capability and Security
in Military Federated Networks
NATO C4ISR Industry Conference & TechNet International 2014
Bucharest, 26 March 2014
AMN – Not a Federated Network
The Italian Case
•
The ISAF transportation network
has been implemented by NATO
prior to the deployment of the
national systems
•
IFTS (Interim Force Tracking
System) devices have been
assigned to Coalition Forces to
grant interoperability with US
Commands
•
At Brigade Command Post level,
interoperability with Italian FAS
(SIACCON) has been achieved
via NFFI gateways, standard
Ethernet connection and manual
procedures.
As a matter of fact, interoperability is obtained through system homogenization, not through
the integration of networks and orchestration of National Services
© Copyright Selex ES. All rights reserved
2
From a Provider Network to Federated Networks
Users & Missions
Service Management Control
GIG
Functional Area
Services
(Layer 4)
Information & Integration
Services
(Layer 3)
Information Assurance
(Layer 5)
Communication
Services
(Layer 2)
Policy
Architectures
Processes
Standardization
(Layer 1)
•
•
•
•
•
© Copyright Selex ES. All rights reserved
No need of pre-existing infrastructure for
immediate deployment
Use of National Assets
Deconflict different technologies and
applications as the first step towards real
federated networks
Sharing Collaborative Services
Sharing Situational Awareness Data
3
From a Provider Network to Federated Networks
Seamless Solutions across Systems and Layers
Application Segments
FIXED
SEGMENT
Federated Architecture
Same services at different layers regardless
communication & networking technology
Service Areas
Functional Application Services
(FAS) Area
Operative FAS
Air
FAS
Land
FAS
Matitime
FAS
Joint
FAS
Financial
FAS
CROSS COI - Value Added
Services Area
CALL
CENTER
REGISTRO
DEI SERVIZI
FORMAZIONE
RICERCA E
GESTIONE
DEI CONTENUTI
INFORMAZIONI
SUGLI
UTENTI
SUPPORTO
SISTEMISTICO
E DI SICUREZZA
DISCOVERY
ASSISTENZA AGLI UTENTI
SPECIFIC COI
MESSAGGISTICA
MILITARE
STORAGE ON
DEMAND
VIRTUALIZZAZIONE
(HOSTING)
POSTA
ELETTRONICA
GESTIONE
DEGLI
ARCHIVI
GRID COMPUTING
MESSAGING
Administrative FAS
Health
FAS
Logistic
FAS
JCOP
TELEFONIA
SU IP
COLLABORATION
APPLICATION
STORAGE
GESTIONE CHIAVI
E CERTIFICATI
Servizi di Core
GESTIONE DEI
SERVIZI INFORMATIVI
AUTENTICAZIONE
HIDS, NIDS
CONVERSIONE
DI FORMATI
GESTIONE DEI
SERVIZI DI SICUREZZA
SICUREZZA INFORMATICA
Antivirus, Antispam,
Hardening
OPERATING SYSTEMS
MEDIATION
GESTIONE DEI SERVIZI
SICUREZZA
DELLE INFORMAZIONI
Servizi di Infrastruttura
SUPPORTO
IPv4
MONITORING
ACCOUNTING
SUPPORTO
IPv6
TUNNELING
IPv4 ↔ IPv6
GATEWAY
EXTERNAL NETWORKS
CORE IP
QoS FRAMEWORK
Servizi di Rete
PERFOMANCE
MANAGEMENT
COMSEC
Encryption,
VPN,NAT
TRANSEC
SICUREZZA PERIMETRALE
GESTIONE DI RETE
FIBRA
OTTICA
SATELLITE
PUNTO
MULTIPUNTO
LEASED
LINE
TRASMISSIONE
RADIO
Servizi di Trasporto
PUNTO
PUNTO
QUALITÀ
QUALITÀ DI
SERVIZIO
SICUREZZA DI RETE
Servizi di
Sicurezza
6aa-sr100073-01-i A1110
FAULT
MANAGEMENT
CONFIGURATION
MANAGEMENT
Servizi di
Gestione
DEPLOYABLE
SEGMENT
APPLICATIONS
SHARING
CONFERENZA
Audio, Video,
Testuale
AD-HOC
MANET
BROADBAND
RADIOS
MOBILE
SEGMENT
COMBAT
NET
RADIOS
PERSONAL
RADIOS
© Copyright Selex ES. All rights reserved
4
From a Provider Network to Federated Networks
Seamless Solutions across Systems and Layers
Application Segments
FIXED
SEGMENT
Federated Architecture
Same services at different layers regardless
communication & networking technology
DEPLOYABLE
SEGMENT
AD-HOC
Integration
Adapting services to the actual
communication & networking “environment”
resulting in a “seamless” use of common
applications
© Copyright Selex ES. All rights reserved
MANET
BROADBAND
RADIOS
MOBILE
SEGMENT
COMBAT
NET
RADIOS
PERSONAL
RADIOS
5
From a Provider Network to Federated Networks
Enterprise vs. Tactical
Enterprise Environment (Net-Centric Enterprise Services)
• Provides strategic and operational planning
• Unconstrained Bandwidth (>10Mbps)
• Stable Communications Infrastructure; no mobility
• Need to pass large amounts of data in a timely manner, QoS through bandwidth over-provisioning
• Need to discover and share data across disparate systems without developing new interfaces
• Works well for NCES enabling technologies (XML, HTTP, TCP/IP, SOAP, etc)
• Typically based on COTS Technology
Tactical Environment
• Provides operational execution
• Constrained by low bandwidth (< 10/100 kbps)
• Different radio technologies
A AA
• Constrained by unstable, dynamic
communications networks and connections
• Needs information security and transmission
protection
B.de HQ
• Only needs the relevant data for their Area of
Responsibility (AOR)
FOB
• Need to receive actionable information in a
timely manner that has immediate relevancy
• Based on military equipment and devices
© Copyright Selex ES. All rights reserved
6
Selex ES – Italian MoD Forza NEC Experience on
Full Digitisation of Secure Deployable and Mobile Networks
Multi-layered – Heterogeoneous Technologies
Enabling
Technologies:
-
-
Advanced Networking
Tactical MANET
SDR Technology
Waveforms NG,
Legacies
SOTM X and Ka Bands
Advanced BMS/SA
Protection
Sensors
3 x Land Brigades
Landing Force LDF
© Copyright Selex ES. All rights reserved
7
Selex ES – An Unparalleled Portfolio
of Solutions and Capabilities
Three Tier CIS Solutions
Deployed Worldwide
In Operation in many theatres
Italian Cyber Defense Capability
ITA SDR
Program
ESSOR
JTRS
MIDS
EDA
SCORED
EDA
WOLF
WINTSEC
SDR Forum
2.0
NATO
• Develop Joint SDR Platforms
• Promote SDR activities in Italy and EU
• EU ESSOR SDR Architecture Leader
• Coalition HDR WF
• Link 16 PA Design
• Terminal integration
• The Italian Cyber Defense Capability system has been delivered and put
in service by Selex ES in 2013.
• Radio market evolution lead
• Selex ES in now supporting Italian MoD in the evolution of the capability
framework to be integrated with NATO CIRC.
• Advanced communications for dismounted
nodes in urban environment
• Selex ES is supporting the Italian Government to set up the Cyber
collaboration framework at National (Country CERT) and Sector level
(MoD CERT; PA CERT, Critical National Infrastructure CERT, etc.)
• Civil applications
• Member WINNF Board
• SCA Steering Committee, SCA-NEXT Team
Selex ES Company Confidential
• C3SNR SDR WG (5 nations)
• SDRUG
Leader in SDR Technology
NATO, Proprietary and
New Generation Waveforms
Global Player for Information Security
NATO NCIRC Programme undergoing
© Copyright Selex ES. All rights reserved
8
Selex ES – An Unparalleled Portfolio
of Solutions and Capabilities - NETWORKING
Routing
Deployable Segment
Ad-Hoc Routing
AD-HOC REACTIVE
PCN Aware
Connection Oriented
Connectionless
IETF-TACOMS
(Proactive Routing Protocols)
Radio Aware
Routing
MANET
BGP (Border Gateway Protocol)
OSPF (Open Shortest Path First)
PIM-SM...
Switches/Routers
Mobile Segment
Fit for tactical networks with
mission critical data/high mobility of
users and nodes/ unreability of
network links/Low capacity
INTEROPERABILITY and for
networks with high realibility and
capacity of links, limited topology
variation
Above the Mb/s Bit rate
Below the Mb/s Bit rate
SR, LR LOS,SAT
CNR, NBWF, WBNF, Soldier Radios
ATS operation
OTM operation
IOP’s
MULTINATIONAL OPERATIONS
Armoured Vehicles Nodes
© Copyright Selex ES. All rights reserved
Light Vehicles
Nodes
9
Selex ES – An Unparalleled Portfolio
of Solutions and Capabilities – Software Defined Radios
™ Manpack, 2 Ch.s
™ Handheld
2G
NB, WB WF’s
NATO, Popr.
™ Vehicular 4 Ch.s
© Copyright Selex ES. All rights reserved
™ Vehicular 1 Ch
10
Selex ES – An Unparalleled Portfolio
of Solutions and Capabilities – Satellite Comms
Military Segment
X/Ka Band
UHF Band
Civil Segment,
Ku/Ka Bands
Deployable Communications
Manportable
X Band
FDMA/DVB
•
•
•
•
Wide variety of multiband term.s
Leader in SOTM/PAA Technology
DVB/RCS-S2 Secure Modems
Launching Ka-band Systems
(Athena Fidus)
• National Backbone fully integrated
with Expeditionary Assets
• Implementing NATO Satellite
Ground Segment (SGS)
SOTM/X
DVB
UHF Tacsat
Sheltered Tactical Hub
X/Ku/ka Bands – FDMA/DVB
Mobile terminals
X/Ku Bands – FDMA/DVB
© Copyright Selex ES. All rights reserved
11
Defense Communication Systems
Selex
ES Solutions
– An Unparalleled Portfolio
Military
Radio
of Solutions and Capabilities
Ground LOS/BLOS Comms
A complete–Portfolio
100 M
TAC LTE
WIRELESS
BROADBAND ACCESS
Bit/sec
65 M
LOS RADIO RELAYS
UHF/SHF
34 M
8M
2M
128K
BLOS /OTH
RADIO RELAYS – UHF
SOLDIER
V/UHF
VEHICULAR
V/UHF
Wide Band
Wide Band
VHF
9.6K
HF
0
HF
HIGH POWER
HF
15
50
100
•
HF Land, Naval and Maritime (BRASS)
Solutions for long haul links; full support
of NATO STANAG’s – Evolving to SDR
•
Large footprint worldwide with SW
programmable PRR/SSR radios now
complemented with NG SDR solutions
•
NG Military Radio Links supporting ALLIP and Legacy Networks
•
Introducing LTE technology for wireless
comms. at Command Posts level
>1000
Km
LOS
BLOS/OTH
© Copyright Selex ES. All rights reserved
12
Selex ES
TACOMS
Compliancy
Military
QoS
Real Time
Data
Tactical
Services
Federated
Mission
Networks
End-to-End
Security
Information
Protection
SDR
Technology
Ruggedness
© Copyright Selex ES. All rights reserved
13
Selex ES S.p.A.
Via Tiburtina Km 12,400
00131 Rome, Italy
Tel. +39 06 4150.1