Enabled Capability and Security in Military Federated Networks
Transcription
Enabled Capability and Security in Military Federated Networks
Enabled Capability and Security in Military Federated Networks NATO C4ISR Industry Conference & TechNet International 2014 Bucharest, 26 March 2014 AMN – Not a Federated Network The Italian Case • The ISAF transportation network has been implemented by NATO prior to the deployment of the national systems • IFTS (Interim Force Tracking System) devices have been assigned to Coalition Forces to grant interoperability with US Commands • At Brigade Command Post level, interoperability with Italian FAS (SIACCON) has been achieved via NFFI gateways, standard Ethernet connection and manual procedures. As a matter of fact, interoperability is obtained through system homogenization, not through the integration of networks and orchestration of National Services © Copyright Selex ES. All rights reserved 2 From a Provider Network to Federated Networks Users & Missions Service Management Control GIG Functional Area Services (Layer 4) Information & Integration Services (Layer 3) Information Assurance (Layer 5) Communication Services (Layer 2) Policy Architectures Processes Standardization (Layer 1) • • • • • © Copyright Selex ES. All rights reserved No need of pre-existing infrastructure for immediate deployment Use of National Assets Deconflict different technologies and applications as the first step towards real federated networks Sharing Collaborative Services Sharing Situational Awareness Data 3 From a Provider Network to Federated Networks Seamless Solutions across Systems and Layers Application Segments FIXED SEGMENT Federated Architecture Same services at different layers regardless communication & networking technology Service Areas Functional Application Services (FAS) Area Operative FAS Air FAS Land FAS Matitime FAS Joint FAS Financial FAS CROSS COI - Value Added Services Area CALL CENTER REGISTRO DEI SERVIZI FORMAZIONE RICERCA E GESTIONE DEI CONTENUTI INFORMAZIONI SUGLI UTENTI SUPPORTO SISTEMISTICO E DI SICUREZZA DISCOVERY ASSISTENZA AGLI UTENTI SPECIFIC COI MESSAGGISTICA MILITARE STORAGE ON DEMAND VIRTUALIZZAZIONE (HOSTING) POSTA ELETTRONICA GESTIONE DEGLI ARCHIVI GRID COMPUTING MESSAGING Administrative FAS Health FAS Logistic FAS JCOP TELEFONIA SU IP COLLABORATION APPLICATION STORAGE GESTIONE CHIAVI E CERTIFICATI Servizi di Core GESTIONE DEI SERVIZI INFORMATIVI AUTENTICAZIONE HIDS, NIDS CONVERSIONE DI FORMATI GESTIONE DEI SERVIZI DI SICUREZZA SICUREZZA INFORMATICA Antivirus, Antispam, Hardening OPERATING SYSTEMS MEDIATION GESTIONE DEI SERVIZI SICUREZZA DELLE INFORMAZIONI Servizi di Infrastruttura SUPPORTO IPv4 MONITORING ACCOUNTING SUPPORTO IPv6 TUNNELING IPv4 ↔ IPv6 GATEWAY EXTERNAL NETWORKS CORE IP QoS FRAMEWORK Servizi di Rete PERFOMANCE MANAGEMENT COMSEC Encryption, VPN,NAT TRANSEC SICUREZZA PERIMETRALE GESTIONE DI RETE FIBRA OTTICA SATELLITE PUNTO MULTIPUNTO LEASED LINE TRASMISSIONE RADIO Servizi di Trasporto PUNTO PUNTO QUALITÀ QUALITÀ DI SERVIZIO SICUREZZA DI RETE Servizi di Sicurezza 6aa-sr100073-01-i A1110 FAULT MANAGEMENT CONFIGURATION MANAGEMENT Servizi di Gestione DEPLOYABLE SEGMENT APPLICATIONS SHARING CONFERENZA Audio, Video, Testuale AD-HOC MANET BROADBAND RADIOS MOBILE SEGMENT COMBAT NET RADIOS PERSONAL RADIOS © Copyright Selex ES. All rights reserved 4 From a Provider Network to Federated Networks Seamless Solutions across Systems and Layers Application Segments FIXED SEGMENT Federated Architecture Same services at different layers regardless communication & networking technology DEPLOYABLE SEGMENT AD-HOC Integration Adapting services to the actual communication & networking “environment” resulting in a “seamless” use of common applications © Copyright Selex ES. All rights reserved MANET BROADBAND RADIOS MOBILE SEGMENT COMBAT NET RADIOS PERSONAL RADIOS 5 From a Provider Network to Federated Networks Enterprise vs. Tactical Enterprise Environment (Net-Centric Enterprise Services) • Provides strategic and operational planning • Unconstrained Bandwidth (>10Mbps) • Stable Communications Infrastructure; no mobility • Need to pass large amounts of data in a timely manner, QoS through bandwidth over-provisioning • Need to discover and share data across disparate systems without developing new interfaces • Works well for NCES enabling technologies (XML, HTTP, TCP/IP, SOAP, etc) • Typically based on COTS Technology Tactical Environment • Provides operational execution • Constrained by low bandwidth (< 10/100 kbps) • Different radio technologies A AA • Constrained by unstable, dynamic communications networks and connections • Needs information security and transmission protection B.de HQ • Only needs the relevant data for their Area of Responsibility (AOR) FOB • Need to receive actionable information in a timely manner that has immediate relevancy • Based on military equipment and devices © Copyright Selex ES. All rights reserved 6 Selex ES – Italian MoD Forza NEC Experience on Full Digitisation of Secure Deployable and Mobile Networks Multi-layered – Heterogeoneous Technologies Enabling Technologies: - - Advanced Networking Tactical MANET SDR Technology Waveforms NG, Legacies SOTM X and Ka Bands Advanced BMS/SA Protection Sensors 3 x Land Brigades Landing Force LDF © Copyright Selex ES. All rights reserved 7 Selex ES – An Unparalleled Portfolio of Solutions and Capabilities Three Tier CIS Solutions Deployed Worldwide In Operation in many theatres Italian Cyber Defense Capability ITA SDR Program ESSOR JTRS MIDS EDA SCORED EDA WOLF WINTSEC SDR Forum 2.0 NATO • Develop Joint SDR Platforms • Promote SDR activities in Italy and EU • EU ESSOR SDR Architecture Leader • Coalition HDR WF • Link 16 PA Design • Terminal integration • The Italian Cyber Defense Capability system has been delivered and put in service by Selex ES in 2013. • Radio market evolution lead • Selex ES in now supporting Italian MoD in the evolution of the capability framework to be integrated with NATO CIRC. • Advanced communications for dismounted nodes in urban environment • Selex ES is supporting the Italian Government to set up the Cyber collaboration framework at National (Country CERT) and Sector level (MoD CERT; PA CERT, Critical National Infrastructure CERT, etc.) • Civil applications • Member WINNF Board • SCA Steering Committee, SCA-NEXT Team Selex ES Company Confidential • C3SNR SDR WG (5 nations) • SDRUG Leader in SDR Technology NATO, Proprietary and New Generation Waveforms Global Player for Information Security NATO NCIRC Programme undergoing © Copyright Selex ES. All rights reserved 8 Selex ES – An Unparalleled Portfolio of Solutions and Capabilities - NETWORKING Routing Deployable Segment Ad-Hoc Routing AD-HOC REACTIVE PCN Aware Connection Oriented Connectionless IETF-TACOMS (Proactive Routing Protocols) Radio Aware Routing MANET BGP (Border Gateway Protocol) OSPF (Open Shortest Path First) PIM-SM... Switches/Routers Mobile Segment Fit for tactical networks with mission critical data/high mobility of users and nodes/ unreability of network links/Low capacity INTEROPERABILITY and for networks with high realibility and capacity of links, limited topology variation Above the Mb/s Bit rate Below the Mb/s Bit rate SR, LR LOS,SAT CNR, NBWF, WBNF, Soldier Radios ATS operation OTM operation IOP’s MULTINATIONAL OPERATIONS Armoured Vehicles Nodes © Copyright Selex ES. All rights reserved Light Vehicles Nodes 9 Selex ES – An Unparalleled Portfolio of Solutions and Capabilities – Software Defined Radios ™ Manpack, 2 Ch.s ™ Handheld 2G NB, WB WF’s NATO, Popr. ™ Vehicular 4 Ch.s © Copyright Selex ES. All rights reserved ™ Vehicular 1 Ch 10 Selex ES – An Unparalleled Portfolio of Solutions and Capabilities – Satellite Comms Military Segment X/Ka Band UHF Band Civil Segment, Ku/Ka Bands Deployable Communications Manportable X Band FDMA/DVB • • • • Wide variety of multiband term.s Leader in SOTM/PAA Technology DVB/RCS-S2 Secure Modems Launching Ka-band Systems (Athena Fidus) • National Backbone fully integrated with Expeditionary Assets • Implementing NATO Satellite Ground Segment (SGS) SOTM/X DVB UHF Tacsat Sheltered Tactical Hub X/Ku/ka Bands – FDMA/DVB Mobile terminals X/Ku Bands – FDMA/DVB © Copyright Selex ES. All rights reserved 11 Defense Communication Systems Selex ES Solutions – An Unparalleled Portfolio Military Radio of Solutions and Capabilities Ground LOS/BLOS Comms A complete–Portfolio 100 M TAC LTE WIRELESS BROADBAND ACCESS Bit/sec 65 M LOS RADIO RELAYS UHF/SHF 34 M 8M 2M 128K BLOS /OTH RADIO RELAYS – UHF SOLDIER V/UHF VEHICULAR V/UHF Wide Band Wide Band VHF 9.6K HF 0 HF HIGH POWER HF 15 50 100 • HF Land, Naval and Maritime (BRASS) Solutions for long haul links; full support of NATO STANAG’s – Evolving to SDR • Large footprint worldwide with SW programmable PRR/SSR radios now complemented with NG SDR solutions • NG Military Radio Links supporting ALLIP and Legacy Networks • Introducing LTE technology for wireless comms. at Command Posts level >1000 Km LOS BLOS/OTH © Copyright Selex ES. All rights reserved 12 Selex ES TACOMS Compliancy Military QoS Real Time Data Tactical Services Federated Mission Networks End-to-End Security Information Protection SDR Technology Ruggedness © Copyright Selex ES. All rights reserved 13 Selex ES S.p.A. Via Tiburtina Km 12,400 00131 Rome, Italy Tel. +39 06 4150.1