MIT_17-5_FINAL

The Voice of Military Communications and Computing

Convergence Communicator

Bruce T. Bennett PEO CommunicationsDISA

Cross-Domain Security O Big-Data Analysis O WIN-TSATCOM Cybersecurity

www.MIT-kmi.com

C4June 2013

Volume 17, Issue 5

Special Report:COMSATCOM GUIDE

Learn more • 877-275-UMUC • military.umuc.edu/cuttingedge

ARM YOURSELF FOR OPPORTUNITYWITH A CYBERSECURITY DEGREE.

© 2

013

Uni

vers

ity

of M

aryl

and

Uni

vers

ity

Col

lege

University of Maryland University College is the nation’s largest public university.

To win the battle in cyberspace, we need more cyber warriors. University

of Maryland University College (UMUC) has answered the call, educating

the next generation of cyber security specialists in the public and private

sectors. Our accessible online degree programs have been recognized

for excellence by NSA and DHS. And many of UMUC’s courses address

industry-standard certifications, including many on the DoD 8570

list. UMUC is affordable, too, with scholarships for those who qualify, interest-free monthly payment plans and

participation in the Yellow Ribbon Program. Because the nation’s battle for cyber security can’t afford to be without you.

AT YOUR SERVICE SINCE 1947

130405_UMUC_8.375x10.875_MIT.indd 1 4/23/13 5:05 PM

Cover / Q&AFeatures

Bruce T. BenneTTProgram Executive Officer for

CommunicationsDefense Information Systems

Agency

16

Departments Industry Interview2 ediTor’s PersPecTive4 Program noTes5 PeoPle14 daTa ByTes26 coTsacoPia27 resource cenTer

david cavossaPresident, Government SolutionsHarris CapRock

6 crossing virTual domainsThe increased use by the U.S. military and intelligence community of virtualization technologies and cloud computing environments has brought a whole new level of possibilities to cross-domain solutions.By Peter BuxBaum

22 cyBer-ThreaTs in sPaceAs the cyber-threat makes the leap into orbit, satellite operators and users are focusing increased attention on the security of their communications systems.By Harrison Donnelly

24 Key TesT for WarfighTer neTWorK The second generation of the Army Warfighter Information Network-Tactical, currently under testing, exchanges mission-critical data from headquarters elements to soldiers on the ground. By amy Walker

June 2013Volume 17, Issue 5military information technology

10

20

masTering Big daTaIndustry is stepping forward with ideas and technology to help the military and intelligence communities managing the big-data challenge. By DaviD silverBerg

comsaTcom ProvidersA listing of some of the key providers in the field of commercial satellite communications services for the military and intelligence communities.

28

“One of our ultimate goals

in the agency is to converge into a common transport. We shouldn’t care whether

the data is going by fiber, electrical,

Ethernet, RF or two tin cans and a string.”

— Bruce T. Bennett

A provision of the House Armed Services Committee’s defense authoriza-tion bill could add another boost to the ongoing and vital discussion about how to improve the Department of Defense IT acquisition process.

In its recent report on the bill, the subcommittee that oversees IT programs noted that, even as the importance of such technology is growing, “the department’s success rate in developing, acquiring and implementing these systems remains mediocre, at best.”

While troubled development programs can be found in other areas as well, the failures of programs such as the Expeditionary Combat Support System, Defense Integrated Military Human Resources System (DIMHRS) and the Net-Enabled Command Capability certainly suggest that there are some fundamental issues with the system.

When the chairman of the Joint Chiefs of Staff and secretary of defense call a program a “disaster” yielding only “an unpronounceable acronym” at the cost of a half-billion dollars, for example, as occurred with DIMHRS a couple of years ago, you know you have a problem.

As has been frequently pointed out but not effectively addressed in the past, the problem is that the acquisition system developed for heavy military hardware is not well suited to the fast-changing IT market, where the commercial rather than the military world calls the tune.

“Unfortunately, the committee believes that the department has not done enough to come to terms with this trend, choosing instead to act as though it has the same power to influence computing and electronics markets as it did for most of the 20th century,” the panel contends.

The 2012 defense bill contains a provision authorizing implementation of a new acquisition process for IT systems, but according to the subcommittee, there has been little tangible action to date. As a result, the measure calls for a report on progress in implementing an IT-specific acquisition process, as well as how lessons are being learned from recent missteps in order to improve.

Harrison DonnellyeDitor

eDitor’S PerSPectiVe


Editorial

Managing EditorHarrison Donnelly [email protected] Editorial ManagerLaura Davis [email protected] EditorsSean Carmichael [email protected] Hobbes [email protected] Baddeley • Peter Buxbaum Cheryl Gerber • Karen E. Thuermer

art & dEsign

Art DirectorJennifer Owers [email protected] Graphic DesignerJittima Saiwongnuan [email protected] Designers Scott Morris [email protected] Papineau [email protected] Paquette [email protected] Waring [email protected]

advErtising

Account ExecutivesCheri Anderson [email protected]

KMi MEdia groupPublisherKirk Brown [email protected] Executive OfficerJack Kerrigan [email protected] Financial OfficerConstance Kerrigan [email protected] Vice PresidentDavid Leaf [email protected] McKaughan [email protected] Castro [email protected] Show CoordinatorHolly Foster [email protected]

opErations, CirCulation & produCtion

Operations AdministratorBob Lesser [email protected] & Marketing AdministratorDuane Ebanks [email protected] Gill [email protected] SpecialistsRaymer Villanueva [email protected] Walker [email protected]

a proud MEMbEr of

subsCription inforMationMilitary Information Technology

ISSN 1097-1041is published 11 times a year by KMI Media Group.

All Rights Reserved. Reproduction without permission is strictly forbidden.

© Copyright 2013. Military Information Technology is free

to qualified members of the U.S. military, employees of the U.S. government and

non-U.S. foreign service based in the U.S. All others: $65 per year.Foreign: $149 per year.

CorporatE offiCEs

KMI Media Group15800 Crabbs Branch Way, Suite 300

Rockville, MD 20855-2604 USATelephone: (301) 670-5700

Fax: (301) 670-5701Web: www.MIT-kmi.com

Military inforMation tEChnology

Volume 17, Issue 5 • June 2013

www.GIF-kmi.com

Geospatial Intelligence

Forum

www.BCD-kmi.com

June 2012Volume 1, Issue 1

www.BCD-kmi.com

Border Threat Prevention and CBRNE Response

Border Protector

Michael J. Fisher

ChiefU.S. Border PatrolU.S. Customs and Border Protection

Wide Area Aerial Surveillance O Hazmat Disaster ResponseTactical Communications O P-3 Program

Integrated Fixed Towers

Leadership Insight:Robert S. BrayAssistant Administrator for Law EnforcementDirector of the Federal Air Marshal Service Transportation Security Administration

SPECIAL SECTION:

Border & CBRNE Defense

www.MAE-kmi.com

Military AdvancedEducation

www.MIT-kmi.com

Military Information Technology

www.GCT-kmi.com

Ground Combat

Technology

www.MLF-kmi.com

Military Logistics Forum

www.M2VA-kmi.com

Military Medical & Veterans

Affairs Forum

www.MT2-kmi.com www.NPEO-kmi.com

Carrier Craftsman

Rear Adm. Thomas J. Moore

U.S. Navy Program Executive OfficerAircraft Carriers

Presidential Helicopter O Shipboard Self-Defense O Riverine Patrol CraftPrecision Guided Munitions O Educational Development Partnership

www.npeo-kmi.com

The Communication Medium for Navy PEOs

SPECIAL SECTION:CARRIER ONBOARD DELIVERY OPTIONS

Military Training Technology

Navy Air/Sea PEO Forum

www.SOTECH-kmi.com

Special Operations Technology

www.TISR-kmi.com

Tactical ISR Technology

www.CGF-kmi.com

U.S. Coast Guard Forum

KMI MedIa Group LeadershIp MaGazInes and WebsItes

Exelis is a registered trademark and “The Power of Ingenuity” is a trademark, both of Exelis Inc. ITT is a trademark of ITT Manufacturing Enterprises, LLC., and is used under license. Copyright © 2013 Exelis Inc. All rights reserved. Photo courtesy of the U.S. Army and Sgt. Ken Scar. www.exelisinc.com

Remote mission.Proven broadband.Cost-effective solution.

In the world of satellite communications, GNOMAD stands apart. Combat-proven by the U.S. Army in Northern Iraq and Kuwait, GNOMAD equips forces with reliable broadband communications by extending Wi-Fi and 3G/4G cellular networks into harsh environments.

Modular by design, GNOMAD delivers affordable networking beyond line of sight while on the move. To learn more about GNOMAD’s innovative capabilities, visit www.exelisinc.com/gnomad-dom.

ICN13001Dm_MilitaryInfoTech_8.375x10.875.indd 1 5/24/13 12:04 PM

Program noteS

The Defense Information Systems Agency (DISA) has approved Security Technical Implementation Guides (STIG) for Apple iOS 6, BlackBerry and Samsung Knox devices, clearing the way for Department of Defense organizations to use those devices in conjunction with a secure enterprise mobility environment.

The release of DISA’s Samsung Knox STIG provisionally allows DoD to use the latest technology as soon as it is available commercially. STIGs for the currently available BlackBerry 10, BlackBerry Playbook, and BlackBerry Device Service were also issued. The STIGs allow use of accepted devices as part of approved mobility pilots with actively defended mobile device management (MDM) systems.

The Samsung Knox STIG represents a paradigm shift in DISA’s business processes that dramatically increased the efficiency of bringing new devices into the enterprise. DISA Field Security Operations devel-oped the Samsung Knox STIG ahead of its commercial release, in doing so highlighting how close partnerships between government and industry are delivering the latest enterprise technology to meet department needs.

A key component of the secure mobility environment is the MDM system, which provides the essential enforcement of the STIG settings as well as other key security functions. Achieving departmental security objectives requires both the device security, defined in the STIG, as well as

active defense provided through the MDM. DISA will implement the MDM system through a contract award in early summer.

The recent device approvals are part of the DISA plan for imple-menting commercial mobile devices, which seeks to build a multi-vendor environment supporting a diverse selection of devices and operation systems. DoD currently has more than 600,000 commercial mobile devices in operational and pilot use, including some 470,000 BlackBerrys, 41,000 Apple units and 8,700 Android systems.

In other DISA news, the agency has undertaken a pilot program under a cooperative research and development agreement signed with Google earlier this year aimed at exploring innovative ways for DoD users to securely authenticate to commercial cloud service providers. As part of the agreement, DISA developed a proof of concept authentication gateway service (AGS) that allows for secure translation between DoD public key infrastructure common access card (CAC) authentication and Google-provided cloud services using a standards-based protocol.

In order to demonstrate the utility of the AGS, DISA’s Office of the Chief Technology Officer launched a pilot of Google Apps for Government (GAfG) that allows users to utilize their CACs for authentication, elimi-nating the need for the less secure password-based login. Pilot users will evaluate the use of commercial cloud-based services like GAfG in a typical DoD unclassified office environment.

Security Guides Approved for New Mobile Devices

A recently issued Department of Defense report on military and security developments involving China, which covers a wide range of topics, includes an extension discussion of that country’s activities in cyberspace, especially involving offensive action against U.S. government and industry networks. Following are excerpts from the report:

Activities Directed Against the Department of Defense. In 2012, numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military. These intru-sions were focused on exfiltrating information. China is using its computer network exploitation (CNE) capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs. The information targeted could potentially be used to benefit China’s defense industry, high technology industries, policymaker interest in U.S. leadership thinking on key China issues, and military planners building a picture of U.S. network defense networks, logistics, and related military capabilities that could be exploited during a crisis. Although this alone is a serious concern, the accesses and skills required for these intrusions are similar to those necessary to conduct computer

network attacks. China’s 2010 Defense White Paper notes China’s own concern over foreign cyber-warfare efforts and highlighted the importance of cybersecurity in China’s national defense.

Cyberwarfare in China’s Military. Cyberwarfare capabilities could serve Chinese mili-tary operations in three key areas. First and fore-most, they allow data collection for intelligence and computer network attack purposes. Second, they can be employed to constrain an adversary’s actions or slow response time by targeting network-based logistics, communications, and commercial activities. Third, they can serve as a force multiplier when coupled with kinetic attacks during times of crisis or conflict.

Developing cyber capabilities for warfare is consistent with authoritative PLA military writ-ings. Two military doctrinal writings, “Science of Strategy” and “Science of Campaigns,” identify information warfare (IW) as integral to achieving information superiority and an effective means for countering a stronger foe. Although neither docu-ment identifies the specific criteria for employing computer network attack against an adversary, both advocate developing capabilities to compete in this medium. The [two documents] detail the effectiveness of IW and CNO in conflicts and advo-cate targeting adversary C2 and logistics networks to

affect their ability to operate during the early stages of conflict. As “Science of Strategy” explains, “In the information war, the command and control system is the heart of information collection, control, and application on the battlefield. It is also the nerve center of the entire battlefield.”

In parallel with its military preparations, China has increased diplomatic engagement and advocacy in multilateral and international forums where cyber issues are discussed and debated. Beijing’s agenda is frequently in line with Russia’s efforts to promote more international control over cyber activities. China and Russia continue to promote an Information Security Code of Conduct that would have governments exercise sovereign authority over the flow of information and control of content in cyberspace.

Both governments also continue to play a disruptive role in multilateral efforts to establish transparency and confidence-building measures in international fora such as the Organization for Security and Cooperation in Europe (OSCE), ASEAN Regional Forum, and the UN Group of Governmental Experts. Although China has not yet agreed with the U.S. position that existing mecha-nisms, such as international humanitarian law, apply in cyberspace, Beijing’s thinking continues to evolve.

DoD Report Tracks Chinese Cyber-Threat

www.MIT-kmi.com4 | MIT 17.5

Compiled by kmi media group staff

To help address the situ-ational awareness and commu-nications challenges facing by small units operating in the field, the Defense Advanced Research Projects Agency (DARPA) recently asked for information about technologies that can help lead to digitiza-tion of dismounted squads.

By digitization, DARPA means collecting sensor data that would provide much more detailed and actionable real-time information about a squad’s condition, surround-ings and adversaries. It is believed that digitization could provide squads of nine to 13 members and their unmanned assets with enhanced tactical awareness and advantage up to a mile away, in both urban and open-air environments.

To deliver these capabilities, DARPA is seeking innovative technologies in such areas as sensing technologies for warfighter health and operational status; absolute or relative geolocation

technologies, particularly for GPS-denied areas; non-optical and distributed sensing solutions; communication network solutions; and approaches to tactical information synthesis and delivery.

Army Major General Alan R. Lynn, commanding general, Army Network Enterprise Technology Command, Fort Huachuca, Ariz., has been assigned as vice director, Defense Information Systems Agency.

Brigadier General Paul M. Nakasone, who has been serving as deputy chief of staff, intelligence, for the International Security Assistance Force Joint Command in Afghanistan, has been assigned as director, Army Cyber Operations Integration Center/G-3, Second Army/Army Cyber Command.

KPMG has appointed Doug Gates, an eight-year veteran of the firm, to head its global and U.S. aerospace and defense practice.

ViaSat has hired Ken Peterman as general manager of its Government Systems segment. His industry experi-ence includes serving as presi-dent and chief executive officer of SpyGlass Group, president of ITT Communications and Force Protection Systems, and vice president and general manager of Rockwell Collins Government System’s Integrated C3 business.

Science Applications International Corp. has appointed Lou Von Thaer as president of the company’s

National Security Sector. The NSS, along with SAIC’s current health and engineering businesses, will be part of the solutions company Leidos following the company’s planned separation. In his new role, Von Thaer will lead nearly 13,000 analysts, scientists, engineers, and busi-ness professionals providing support for customers across the full spectrum of national security programs, including cybersecurity. Von Thaer previ-ously served as president of General Dynamics Advanced Information Systems.

Compiled by kmi media group staffPeoPle

Maj. Gen. Alan R. Lynn

Dismounted but Digital

www.MIT-kmi.com MIT 17.5 | 5

The increased use by the U.S. military and intelligence community of virtual-

ization technologies and cloud computing environments has brought a whole new level

of possibilities to cross domain solutions, which regulate the flow of information between different

levels of security classification. Traditional cross domain solutions have regulated

the flow of information to individual users based on the classification clearance of that user. In general, legacy

cross domain solutions allowed data to flow separately from individual security enclaves to a single computer screen either

by toggling the screen among multiple computers, or by allowing access to one network at a time on a single computer. That meant

that users had access to only one class of information at a time when using email, search, chat, and command and control applications.

Cloud Computing and virtualization are Changing how Cross domain solutions Control the flow of information between seCurity levels.

by peter buxbaum

mit Correspondent

6 | MIT 17.5 www.MIT-kmi.com

The ongoing migration to virtualized and cloud environments within military and intelligence agencies, however, is posing two important new questions. One is how to provide cross domain solu-tions to these newer environments. The second is how cross domain solutions can be delivered in a virtualized fashion.

Technologies have already been developed that allow information from different classifications to be viewed together on a single screen. So, for example, top-secret email and search results could be viewed side by side with secret or unclassified email and search results, in a separate window.

The step beyond that is to mash those views together to allow users a single inbox or a single set or search results across all classifica-tion categories to which the user is entitled. These next-generation

capabilities aren’t quite available yet, however. Testing and accreditation of those technologies have yet to be com-pleted, so users will have to wait a little while before gaining access to these new systems.

“Major industry players are develop-ing technology to access data that resides in multiple, separate security domains,” said Mitch Parker, a group vice president at Citrix. “Remote desktop architectures provide users with simple, multi-device access to data that never leaves the data center. By hosting each virtual desktop in the data center, isolated from other domains, users are given access the information and applications they need with incredible degrees of control.”

“Right now there are no solutions approved by the government to provide cross domain solutions across different clouds,” said Steve Bean, a program manager at Lockheed Martin Trusted Security Solutions. “Where we want to go is to provide cloud services through

which a user can call a service to downgrade a piece of data and allow the user to see all data from his security level and down. This will be seamless to the user. He won’t even know the solution is there.”

At least at first, the next generation of cross domain solutions will likely find greatest acceptance at lower classification levels, according to Colin Robbins, technical director at Nexor. “As you go to the higher end you won’t see much change in how cross domain solutions are implemented. At the higher levels of classification, there is a reluctance to accept the risks associated with going to cloud solutions.”

transparent solutions

Military and government agencies are also at work, along with private companies, to develop and accredit cross domain solutions that take advantage of the new computing environments. “We are working to make the solutions more transparent,” said Ryan Durante, chief of cross domain solutions at the Air Force Research Laboratory (AFRL). “Cross domain solutions have traditionally meant to be opaque and hidden from the rest of the world. As a result they are hard to manage and people don’t use them.”

Ryan Durante

Steve Bean

[email protected]

MIT 17.5 | 7www.MIT-kmi.com

The Unified Cross Domain Management Office (UCDMO) was set up in 2007 to create efficiencies across the defense and intelligence communities in the deployment and use of cross domain solutions.

“We are looking to consolidate physical resources,” said Sandi Roddy, director of the UCDMO. “Many organizations use point-to-point solutions. We are encouraging the increased use of enterprise services. That way the burden of maintaining devices can be allocated across a smaller set of resources and broadly distributed across all of the network. This also allows us to make sure that cyber protections are more appropriately applied.”

A key part of the new generation of cross domain solutions is the implementation of a trusted or mul-tilevel operating system. “That way, we can keep the processes and applications running on the computer at the secret level separate from applications and resources at the top secret level,” said George Kamis, chief technology officer at Raytheon Trusted Com-puter Solutions.

“We take this core technology, in our case the Linux server operating system, along with other secu-rity mechanisms, to lock down the system in such a way that information sharing can be done only by the trusted processor. We look at the data, inspect it, and perform file checks and other inspections before allow data to transverse the two different security levels,” Kamis added.

The military’s push toward a virtual desktop infrastructure (VMI), in which individual desktops are stored in the cloud and not on the local com-puter, is an important facilitator to this process. “We expand on that by not only allowing that to occur on a single class level but on multiple class levels,” Kamis explained. “With our trusted thin client product, we can give access to multiple cloud-based VMI environ-ments at multiple sensitivity levels.”

These approaches are consistent with the UCD-MO’s efficiency initiative. “The major reason to go to the cloud is to emulate a cleaner and more adaptable model, as opposed to using point-to-point solutions,” said Roddy.

“Inside of the cloud there may be a cross domain service for the enterprise, and its job is to move email or shared calendaring up and down security domains,” she continued. “We already have implemented that type of service at Defense Information Systems Agency regional support centers in Afghanistan. The model and the capability has been there for some time, and we are now looking to bring that to a broader community of users that access the cloud for cross domain and other security services.”

Data Center ConsoliDation

The consolidation of data centers and the migration to the cloud renders point solutions obsolete and requires more enterprise-oriented cross domain solutions, analysts say.

“Industry is developing cross domain products that allow cloud-to-cloud communications and data transfer in a secure fashion,” said Douglas Steil, director of cross domain solutions at BAE Systems.

“Cross domain end products now need to work in cloud and virtual-ized infrastructures. Many of our customers are migrating from old legacy guards, and consolidating on products that offer one solu-tion for secure chat, email, or any kind of transfer of information, whether OCONUS or CONUS.”

Cloud-based cross domain solutions are better able to support security across multiple classification levels, noted Steil. “Organizations that have 20 different cross domain data guards across 20 different locations are not going to get the performance of a solution that has been designed to support an enterprise architec-ture,” he said. “The fact that the military is consoli-dating data centers means that they need to satisfy multiple customers and domains.”

BAE Systems last year introduced the XTS Guard 5 multi-enclave cross domain solution for enterprise, coalition and tactical use, supporting XML, email and file transfer capabilities. The new XTS archi-tecture supports 22 security enclaves in standard hardware and multiple file-type transfer capabilities in a single appliance.

XTS Guard 5 runs on BAE Systems STOP OS, a high-security operating system already supporting multiple UCDMO-approved solutions. BAE Systems’ other new solution, SIBA, provides intelligence ana-lysts and consumers with the ability to tag sensitive data within a file, so that only users with the appro-priate credentials may access it.

Nexor is taking something of a different approach to cross domain solutions, suggesting that setting up secure portals might be the best way to share information across domains. “Cross domain is all about sharing information between two parties,” said Robbins. “Previously email would have been the most dominant way of doing that. We see the next phase of evolution as the use of portals. Instead of sending emails, many users find it more convenient to put up information on portals that use cloud technology.”

Besides the advantages of user preference, the use of portals can reduce the costs of accrediting cross domain solutions over the long run, according to Robbins. “The up-front costs for portals are greater because they are more complex, but once it is done the accreditation can be used for multiple portals.

As you aggregate those costs over multiple instances, the solution becomes cheaper.”

The use of portals is well accepted for cross domain information transfers in the United Kingdom and elsewhere in Europe, Robbins noted, but less so in the U.S.

Virtual MaChines

AFRL’s engagement in a technical collaboration with Intel and Citrix resulted in SecureView, a government solution that expands on COTS capabilities in Citrix XenClient and vPro processors.

“SecureView is virtualized on top of the XenClient hypervisor so that we use XenClient to virtualize multiple independent machines and provide access to multiple independent networks,” said Brian Testa, a senior computing engineer at AFRL. “We are also using

Brian Testa

George Kamis

[email protected]

Douglas Steil

[email protected]


virtualization to create small hidden virtual machines to host pri-vate network clients so that each virtual machine can talk to other appropriate machines over a single wire.”

“By virtualizing the client hardware, multiple operating systems with local storage can run side by side on a desktop or laptop much in the same way they do on data center servers today,” said Parker. “Leveraging the compute power of the client allows for an enhanced experience for the end user with a higher degree of security than ever, even in circumstances without a network connection. Used together, client virtualization and hosted desktop virtualization becomes extremely powerful.”

Strict separation of workloads must be at the core of any client virtualization solution that handles sensitive data, Parker noted. “Citrix and Intel have worked closely together so that the XenClient hypervisor takes full advantage of the capabilities of the hardware to isolate and protect workloads,” he explained.

“The Xen hypervisor adds a flexible architecture for isolation at the software layer,” Parker continued. “Security-critical tasks like management functions can be separated from untrusted and opaque code. The small code base and the open-source nature of Xen make it ideal for this role, as security-critical source code is open for inspection and verification by third parties. The strength of mechanisms that separate trusted from untrusted code can be evaluated independent of the business interests of any one group of stakeholders.”

In addition to the separation at the platform level, XenClient XT takes advantage of a hardened Linux virtual machine instance to control access. “The cross domain solutions community will signifi-cantly benefit from the adoption of client virtualization,” said Parker. “Value comes from cost savings through client consolidation, along with flexible management policy and operational efficiency.”

An AFRL study estimated that deploying SecureView to 10,000 users over a four-year period would achieve cost savings of $63.5 million compared to a traditional environment with independent security levels and three PCs per user, and $29.9 million compared to a multi-level security solution with one thin-client.

SecureView offloads memory management from the CPU to a chip, noted Testa. “This allows us to isolate certain regions of memory so that nothing can get in the way,” he said. “Attackers can’t do a man-in-the-middle attack because the process is completely directed in the hardware, rather than the software, which is harder to fool and more difficult to change.”

The virtualization in this case takes place at the client level instead of at the server level. “We have moved virtualization to the edge,” said Testa. “You need data close to the user to get the perfor-mance you want. You have the hardware capability to run everything locally but you can also run this on a thin client and access data from the data center.”

smart windowing

An effort to take virtualized cross domain solutions to the next level is now under way as part of an AFRL Cooperative Research and Development Agreement with BlueSpace Federal. AFRL and BlueSpace will work on integration of BlueSpace’s Multi-Level Secure (MLS) 2.0 capabilities with AFRL secure cross domain programs.

“MLS 2.0 is an approach to cross domain applications that trans-fers only highly constrained XML through a certified data guard to provide a unified user experience across multiple security domains

and systems,” said Pat Motola, chief executive officer of BlueSpace. “MLS 2.0 applications can take advantage of trusted workstations to further enhance the user experience.”

Working with AFRL’s SecureView, BlueSpace has developed another innovation in cross domain applications called the Smart Windowing User Experience. “With Smart Windowing, the user interacts with labeled windows from different domains on a single display as part of a single cross domain application experience,” said Motola.

Smart Windowing builds on SecureView 2.0 MultiView technol-ogy that allows application windows from different security domains to be seen simultaneously on the same screen. MLS 2.0 Smart Win-dowing orchestrates these windows so they are related as part of a single cross domain application experience.

“MultiView handles window labeling and data separation,” said Motola. “The user is presented with a unified view of cross domain information. The content now appears in a labeled application win-dow on their display. The user interacts with that window as they would with any other application window.”

BlueSpace technology applies mashups, web services and ser-vice-oriented architecture concepts to cross domain applications, allowing for labeled items from multiple domains to be captured in a single view such as an email inbox or a set of search results.

BlueSpace also has developed specific military applications for use with its cross domain products. GeoSpace is a cross domain command and control application that provides a three-dimen-sional, geospatial common operating picture of the mission envi-ronment across multiple classification levels and coalition partners. Sentinel is a cross domain cyber-situational awareness application that provides a unified view of cyber-status and threats across mul-tiple security levels.

“All this is virtualized on top of XenClient, which is the virtual-ized Xen hypervisor,” said Testa. “Virtualization is what allows us to fuse multiple windows together.”

“MLS 2.0 users always work directly with the original content, at the original security level, under control of the original application. There is no copy, filtering or transfer of the content across security domains,” Motola explained.

Advantages to this approach include immediate access to the data, no waiting for transfer of data through a guard, and no loss of content due to rejection or filtering by the data guard. “There is no duplication of content,” said Motola. “Content duplication creates classification and leakage issues.”

Users may have to wait a bit to try all this, however, since many of these products have yet to receive accreditation from the National Security Agency. Testa said that NSA plans to spend six to nine months studying XenClient, and that U.S. Special Operations Com-mand will be testing SecureView 2.0 and XenClient 3.0 for two or three months beginning this summer.

Lockheed Martin’s next-generation cross domain solution is also ready for testing, according to Bean. He expects cloud-based cross domain solutions to be available within the next 12 to 18 months, at which point, he said, “users will be embracing it.” O

For more information, contact MIT Editor Harrison Donnelly at [email protected] or search our online archives

for related stories at www.mit-kmi.com.


by david silverberg, mit Correspondent


Mastering Big Dataindustry is stepping forward with ideas and teChnology to help the military

and intelligenCe Communities managing the big-data Challenge.

Information has always been an essential element of military operations, and today the informational inputs are more extensive and technologically capable than ever before. Drones, sensors, intercepts, satellites and the Internet all provide terabytes, and increasingly pet-abytes, of digital data. Human beings produce an estimated 2.5 quintil-lion bytes of data every day, and 90 percent of today’s data was created in the past two years.

It has given rise to a whole new language. “Data crush” is the avalanche of information sometimes burying its collectors; “data mining” is reaching into the data to find relevant items; but most of all, “big data” is the term to describe vast amounts of electronically transmitted and stored information. The issues of how to handle this data, sort it, organize it, make sense of it and, most of all, use it, pres-ent the U.S. military and intelligence communities with one of their greatest challenges.

As the leading military power with the most advanced capabilities, the United States is in the forefront of meeting the big-data challenge. To date, however, most of the work on big data has been done outside the Department of Defense in the CIA and, in particular, the National Security Agency. Necessarily, most of that work and progress is secret.

As part of a $200 million, six-agency White House “Big Data Research and Development Initiative” announced last year, the Defense Advanced Research Projects Agency (DARPA) rolled out its XDATA program, which the agency said would develop “computational tech-niques and software tools for processing and analyzing the vast amount of mission-oriented information for defense activities.”

XDATA will develop algorithms to process the vast variety of data, create customizable, interactive tools for handling it and develop large-scale processing for a variety of settings. The software toolkits that XDATA develops will be open-sourced and promote collaboration among all related disciplines and communities.

While that work goes on, industry is stepping forward with ideas and technology for managing the big-data challenge.

data lake

“The first thing is to have an understanding of big data,” said Jason Escavage, a principal on the analytics team supporting clients in defense and intelligence for Booz Allen Hamilton. “There are a lot of different definitions. The way that we collect, store, manage and distribute, it’s the amount of data in the world. A significant amount was created in the last two years and it’s growing exponentially. We’ll max out the traditional storage mediums. But it’s in volume, velocity, variety; that’s where you get the big-data challenges.”

While the government has numerous systems to store data, the challenge comes in attempting to combine data systems. That gives rise to the concept of “data fusion,” the name for tying together differ-ent data systems. Even so, noted Escavage, “The way technology moves and the way innovation happens, it’s hard to [get a handle on data] in a controlled manner where you can truly leverage lessons learned across all the individual engagements.”

Booz Allen’s response has been creation of a concept it calls the “data lake.”

MIT 17.5 | 11www.MIT-kmi.com

“With the data lake, an organization’s repository of informa-tion—including structured and unstructured data—is consoli-dated in a single, large table,” wrote Mark Herman, Booz Allen Hamilton executive vice president, and Michael Delurey, a princi-pal with the firm, in a paper entitled “The Data Lake: Taking Big Data Beyond the Cloud.”

The goal is to end the laborious and difficult task of homog-enizing formats so that data can be accessed, which is a major impediment to leveraging big data’s full capabilities.

In the data lake, wrote Herman and Delurey, “every inquiry can make use of the entire body of information stored in the data lake—and it is all available at once.

“One metaphor for the data lake might be a giant collection grid, like a spreadsheet—one with billions of rows and billions of columns available to hold data,” they continued. That data could be anything, including text, video, photographs and various forms of feeds, and the form, origin and organization of the data make no difference.

This is not the same as data mining, the authors cautioned. To extend the metaphor, data mining means digging for nuggets of information deep within the earth. To get the relevant information out of the data lake, all one has to do is scoop up the water. This means that analysts don’t have to narrow their questions before making inquiries. All they have to do is ask and the connections will appear.

Getting at all the data in its myriad forms “is a challenge that is not going to go away,” Escavage noted. “The key for success is to make a change.”

While there are legacy systems in place, they need new invest-ment to allow for scaling up to the vast amounts of data available, but that needs to be done efficiently and effectively at relatively low cost. “One of the successful ways to do less with more is to find a way to automate and better prepare analysts with better information so they’re able to draw conclusions,” he noted.

The challenge is only going to increase, he maintained. There are new sensors and new platforms generating more and more data. “How do we continue to expand on things and how does all this information get distilled in that environment?”

The answer, Escavage suggested, lies in a combination of capable technology and capable people.

“I think one of the things that’s most important is that tech-nology is interesting, but we need to make sure that it’s relevant. There’s lots of things that technology can do, but we still need the leaders, the users, the humans in the loop to find a way to design, customize and tailor the technology and answer the different kinds of problems that are facing the different organizations in the military or in the commercial world,” he said.

“That’s where the analytics really come into play. We like to say that humans do analysis and machines do analytics,” he noted. “The key is that you need the humans and the data scientists to really define the types of problems the machines can then go look for, monitor and comb through all that information to analyze.

“So I think that one of the things that the military and the government and everyone at large needs to do is to invest in that next generation of data scientists. The technology is now there that is going to allow us to do bigger and better things than we’ve ever been able to. The next phase is developing the generation of

users and warfighters that can harness all the capabilities of that data environment, that technology environment for the benefit of the department,” Escavage said.

struCtured or unstruCtured

Oracle has massive computing in its blood. It had its origins in the mid-1970s, when founders Lawrence Ellison, Bob Miner and Ed Oates worked on a CIA project called “The Oracle,” a relational database. No company had committed to commercializing the technology, and Ellison sensed the opportunity.

Since then, Oracle has become one of the world’s premier software companies and has done extensive defense and intelligence-related work. Now it is committed to helping military and intel-ligence agencies cope with big data.

“Oracle is traditionally seen as a structured data company because of its relational database heri-tage,” observed Peter Doolan, group vice president of Oracle Public Sector.

But big data is unstructured—it comes in many forms and formats and doesn’t necessarily fit into neatly organized data tables. As a result, big data

“is contrary to something that we’re very comfortable with,” he observed, while adding that Oracle is tackling that through its own research and acquisitions.

Despite its complexity, the approach to big data is fairly straightforward, according to Doolan. There are three questions for tackling big data: How is data acquired, how is it organized, structured and stored, and how can it be analyzed?

When it comes to data acquisition, Oracle is hard at work on the Oracle NoSQL database. As Doolan explains it; “It couldn’t be simpler. It’s a big file that you stick anything into: video, audio, Twitter messages, Facebook posts or weblogs. It’s completely unstructured data but it gives you the ability to do very fast read-and-write access into that database.”

NoSQL—known to its friends as “not only Structured Query Language”—denotes a type of database management system that is more flexible than traditional relational databases, and is par-ticularly useful in dealing with massive quantities of data.

At the same time, Oracle has done a good deal of work on its traditional database to get it to take unstructured data, especially in the vast quantities that arrive today.

When it comes to organizing data, Oracle has created what it calls an engineered system. “Basically, it’s a hardware-software combination of pre-built components built in a factory combined with software we’ve developed or acquired. That’s what we call the ‘big-data appliance,’” said Doolan.

The appliance is a large, powerful, networked computer with massive amounts of storage. To complete the software part of the equation, Oracle has partnered with big-data software developer Cloudera. The combination provides a customer the ability to purchase the entire infrastructure for a big-data project from a single source.

Oracle is also working on leveraging Hadoop, an open-source software framework for big data for parallel computing, developed by the Apache Software Foundation. Existing Oracle customers can use the Oracle Big Data Connector, a piece of software that allows them to use Hadoop, for big-data applications.

Peter Doolan


When it comes to analysis, Oracle has put a great numerous tools into its products to enable big-data analysis. This includes embedding the “R” open-source language into the Oracle data-base, giving users a new means of sifting through massive amounts of data. In 2011 it also purchased a company called Endeca, which specialized in unstructured data management. Oracle subsequently created an information discovery tool, called Oracle Endeca, that sits in a browser and can look into all sorts of data, index it and provide answers and patterns, no matter where the data resides or what form it takes.

Another tool is Oracle Exalytics, a computer that has a large amount of information with software that is engineered to con-nect to the Oracle Big Data Appliance and the Oracle database. It provides a very fast means to conduct analysis of large amounts of data. “We’re building products, we’re acquiring products where we need to, and our strategy is around the three areas,” said Dolan.

automated analysis

“Big data is hard to wrestle with, but you can achieve ben-efits if you make the right design tradeoffs and in the way that you approach the handling of the data, how you load it, store it, manage it but also how you query it,” said Joe Got-tlieb, vice president for global security solutions at KEYW, which supports the defense and intelligence communities and private clients with cybersecurity solutions.

Gottlieb and KEYW have been concentrating on working with time-stamp data, which they have put into a data warehouse specifically built for that function. Use of the specialized warehouse enables fast loading of the data as well as fast retrieval. Compressing the data lowers its volume and speeds up answers to queries.

“What we’ve learned is that when you take a certain set of use cases and a certain set of applications, and you specialize the technology to handle big data for a set of things, then you can get really great results,” he said. “In the security world, this has allowed us to do very rich and automated analysis, including statistical filtering on extremely rich data sets. Some of our customers are bringing in information on the level of 6 billion events per day.”

KEYW has had particularly good results with geospatial data, according to Gottlieb. Advanced technology has allowed the effec-tive analysis of aerial imagery to determine situational awareness and plan missions. For example, a photo of disturbed earth at a site can be analyzed for its purpose and then missions planned in response, down to the level of particular features like the thickness of walls or the placement of doors. This is particularly relevant in countering improvised explosive devices.

KEYW has also put its analytics in the service of warfight-ers, although Gottlieb declined to discuss specific missions and situations. The company is also putting its big-data tools into the cybersecurity field.

KEYW is now going beyond data collection and retrieval and putting its tools to work to discern patterns and trends, make predictions and extend these techniques to new areas and realms, like using video and audio information.

In the future, as engineers and analysts get a handle on unstructured data, particularly using Hadoop, the fruits of big data will really come into play, in Gottlieb’s view.

“I would point to a not-too-distant future where we’re start-ing to analyze combat operations on a level that is completely unprecedented,” he predicted. “We’ll analyze them, not only for potential forensic analysis to find something that we missed, but also to analyze them so that we can become smarter and smarter about how to improve them.”

This is already being done for security events, but “it will be worth doing for any high-stakes operation that is worth improv-ing. It’s exciting to see where that technology is going right now.”

aCtionable intelligenCe

For Rich Campbell, chief technologist for EMC Federal, big-data analytics in the military represents a unique opportunity for the high-tech industry. “When you look at what big data analytics can bring to the table for the warfighter and those battling ter-rorism, it gives a much more granular and consistent common operational picture. It’s something desperately needed on an ongoing basis. The biggest benefit today is actionable intelligence in real time that can be used and consumed by multiple people in

multiple locations,” he said. “Use cases involve everything from an opera-

tional commander in the field, who needs to get immediate intelligence in mission-critical situa-tions, all the way back to the bigger picture, like looking at the effect of weather on troops,” Camp-bell said. “The uses cases are varied, but they’re also consistent—at the end of the day, it’s about getting people the right information at the right time, based on a series of strategically compiled data points. That’s really the objective for big data analytics in military and intelligence.”

Along with VMware, EMC recently launched Pivotal, a part of the EMC federation building the infrastructure for cloud, mobility and big-data applications.

“One of the biggest challenges I see is bandwidth.” Campbell said. “The more constrained the end-users are, the less access they have to real-time information. So one of the challenges that Pivotal, EMC and VMware are solving is how to give the abil-ity to do federated analytics with reach-in capability, and make that more available to our military and intelligence customers. It mitigates bandwidth challenges, and gives a more consistent operational picture to forces where they need it.

“They can reach out and grab all of that intelligence, instead of having to have everything sent to them. They can do the analyt-ics Anywhere in the world, and against multiple sources, to get a bigger federated query that will give them the real-time mission information they need,” he continued. “The challenges and use cases go hand in hand with guys at the pointy end of the spear and those in training, who are often disconnected from the big DoD and intel networks.” O

For more information, contact MIT Editor Harrison Donnelly at [email protected] or search our online archives

for related stories at www.mit-kmi.com.

Joe Gottlieb

[email protected]


Intelsat General has been awarded a contract to provide satellite bandwidth and ground-based connectivity in support of activities abroad by the Pentagon’s Asymmetric Warfare Group (AWG). Under the contract, Intelsat General will be a subcontractor to By Light Professional IT Services, a service-disabled veteran-owned small business

that was awarded the prime contract. The AWG contract will use multiple Intelsat teleports, both in the U.S. and other countries, to connect with several Intelsat satellites in order to meet a global coverage requirement. In addition, the contract requires diverse and redundant terrestrial circuits from Intelsat’s gateway to AWG’s networks. The

required bandwidth will augment existing and future MILSATCOM capacity to provide command, control and communications capabilities required by AWG. The contract allows for portability so that if necessary, AWG can shift the coverage to a different part of the world requiring different Intelsat spacecraft and ground infrastructure.

The Defense Research and Engineering Network (DREN) III contract sponsored by the Department of Defense High Performance Computing Modernization Program (HPCMP) has been awarded to CenturyLink. The HPCMP aims to solve complicated and time-consuming problems with massively-parallel computing and very high-speed networking. The contract was awarded to CenturyLink by the Defense Information Systems Agency’s Defense Information Technology Contracting Organization. The 10-year indefinite delivery, indefinite quantity contract has a minimum award value of $250,000 and a ceiling of $750 million.

CenturyLink will provide a high-speed, fiber-optic network that connects the department’s supercomputers and researchers at speeds ranging from 50 megabits to 100 gigabits per second. The company will supply Ethernet, Internet Protocol and optical wave services through a Virtual Private Local Area Network Service that will link defense scientists and engineers at leading research institutions, labora-tories and test facilities at more than 150 DoD locations nationwide. DREN enables researchers to design solutions to complex problems and develop new technologies critical to the defense industrial base and national security.

General Dynamics Fidelis Cybersecurity Solutions has inte-grated its flagship network secu-rity solution, Fidelis XPS, with IBM’s security information and event management product, the IBM QRadar. This product collaboration will help protect customers’ valuable enterprise assets from complex advanced persistent threats by delivering real-time malicious activity reports so customers know what is happening on their networks. Fidelis XPS monitors and analyzes network traffic to help customers detect and block cyber attacks. The next-generation Fidelis XPS lever-ages IBM QRadar to report events as they happen on the network and provides a clear picture of

the type of threats attempting to penetrate the network. Once that information is captured, summa-rized and delivered to an end-user’s dashboard, an analyst can access the Fidelis XPS console using IBM QRadar to gather more information and act on the threat, preventing valuable data from being taken out of the network. Built on General Dynamics Fidelis Cybersecurity Solutions’ patented Deep Session Inspection platform, Fidelis XPS is a network security appliance that delivers network visibility, analysis and control over all ports and all channels in real time, to defend against advanced threats and prevent the possibility of a data breach on multi-gigabit-speed networks.

Ka-Band Service Expands SATCOM Coverage

Astrium Services Government will soon offer UAE-owned Yahsat Military Ka-band service to the U.S. government. This service allows any U.S. government or Department of Defense end-user to utilize Yahsat Military Ka-band capacity that is compatible with the Wideband Global Satellite constellation for greater global coverage and reliability.

Astrium was the prime contractor for the construction of the Yahsat satellite fleet. Astrium Services will provide end-to-end services using Yahsat Military Ka-band capacity in order to meet DoD requirements on contract vehicles such as the Defense Information System Agency’s Future Commercial Satellite Communications Services Acquisition program. Formerly known as Vizada, Astrium Services Government is the point of contact in North America for Astrium Services’ Skynet solutions.

Asymmetric Warfare Group Gains Connectivity

Network Security Collaboration Fights Advanced Threats

Fiber Optic Network Speeds High Performance Computing


Data ByteS

The Navy and Lockheed Martin have delivered the second Mobile User Objective System (MUOS) spacecraft to Cape Canaveral Air Force Station, Fla., where it will be prepared for a July liftoff aboard a United Launch Alliance Atlas V rocket. MUOS-2 was safely transported from Lockheed Martin’s Sunnyvale, Calif., facility to nearby Moffett Federal Airfield. The 60th Air Mobility Wing of Travis Air Force Base, Calif., then loaded the satellite aboard a C-5 aircraft and successfully shipped the spacecraft to Cape Canaveral. MUOS-1 has been providing voice communications since it started operating in 2012. After MUOS-2 is operational and the ground stations and terminals have been certified, the full suite of MUOS features will be available to users in the field as new terminals are deployed.

The Trimble Juno T41 rugged handheld computer is a powerful, connected and compact solution for the entire mobile workforce. The Juno T41 handheld offers the convenience and ease of use of a smartphone with durability and long-term support that smartphones do not offer. Its slim, ergonomic design is easy to grasp and enables all-day use. The handheld unit has voice, SMS text and 3.75G cellular data transfer capabilities on GSM cellular networks worldwide. Users can upload and download data from the cloud using Wi-Fi or WWAN connections, and the 8 megapixel camera can automatically include time and location data from the GPS receiver. The Juno T41 is a rugged, all-in-one device that reduces total cost of ownership compared to durable or consumer-grade smartphones. Mobile workforce solutions based on a single device can be more efficient than requiring workers to repeat-edly handle both a rugged handheld computer and a cellular phone.

Second MUOS Satellite Readied for Launch

Handheld Combines Durability,

Smartphone Ease

The Defense Information Systems Agency (DISA) has signed an agree-ment with EADS North America to purchase three units of its Ectocryp Black high-capacity secure voice encryption device. The device, which recently was approved for operation by the National Security Agency and evaluated by the Joint Interoperability Test Command, helps DISA meet requirements for next-generation secure voice services, including communications that are more agile. Compared to other Secure Communications Interoperability Protocol devices, Ecotcryp Black’s combination of high capacity, relatively small size and programmability enables options for secure voice communications that previously were not possible. DISA will deploy the encryption units in two of its Defense Enterprise Computing Centers. EADS North America delivered the units, and supported installation and integration in one of the centers. With four T1 interfaces that allow for 92 simultaneous individual calls per unit and the ability to store hundreds of cipher keys, Ectocryp Black provides interoper-ability between classified and unclassified networks to a greater degree than any existing system of its size, as well as potential key management efficiencies.

The Army has awarded a contract to General Dynamics C4 Systems for 10 vehicle-mounted Tactical Ground Station (TGS) Lot D systems with an option for 11 additional systems. The TGS system is part of the Distributed Common Ground System-Army (DCGS-A), the Army’s primary deployed system for posting, processing and distributing ISR information in real time to intelligence analysts and commanders. The order is valued at $31.5 million with all options exercised. The first of the new TGS systems is scheduled for delivery during the third quarter of 2013. DCGS-A provides Army analysts with access to more than 600 data sources and allows rapid collaboration through shared data access. The General Dynamics-built TGS-Lot D systems allow analysts to comb through millions of clas-sified and unclassified records within minutes, providing commanders with status updates on persons of interest and imminent threats such as improvised explosive devices. The system is interoperable with other U.S. military, NATO and coalition ground systems, connecting intel-ligence analysts with information from national agencies, combatant commands, military intel-ligence brigades and tactical Army units. TGS systems have been widely deployed to forward operating bases worldwide.

Vehicle-Mounted Stations Support Army ISR System

DISA Purchases Secure Voice Encryption Device


Compiled by kmi media group staff

Bruce T. Bennett is the program executive officer, communica-tions, for the Defense Information Systems Agency [DISA], where he is responsible for the design, evolution, acquisition, implementation and fielding of all the communications within the agency, including terrestrial, aerial, space and wireless. Previously, he served as director, Program Executive Office for Satellite Communications, Teleport and Services.

Born and raised in southern New Jersey, Bennett has a bach-elor’s degree in engineering from the McCormick School of Engi-neering at Northwestern University and numerous advanced certificates from George Washington and Texas A&M. He is also a Level III acquisition professional in program management and systems planning, research, development and engineering. He graduated from the Army Engineering Intern Training Center in 1982.

Bennett was interviewed by MIT Editor Harrison Donnelly.

Q: How would you define your overall mission as program executive officer for communications?

A: My job entails overseeing the design, evolution, acquisition, imple-mentation and fielding of all the communications within DISA, including terrestrial, aerial, space and wireless. If it’s communications, transport or protocols, it falls within the scope of my responsibilities. All these areas are interrelated. One of our ultimate goals in the agency is to converge into a common transport. We shouldn’t care whether the data is going by fiber, electrical, Ethernet, RF or two tin cans and a string. If it meets the user’s downrange need, and his QoS require-ments, that should be good enough. We need to integrate it, because we fight a three-dimensional war. So we ought to be able to support the three-dimensional mission in terrestrial, aerial, space and wireless.

Q: What are your key strategic priorities for 2013?

A: I have quite a few; the biggest one is what we just talked about—the need to converge into a common infrastructure of terrestrial, aerial, space and wireless transport, perhaps not into a single transport, but a series of interrelated transports all working on the same fundamen-tal principles, so that we can aggregate bandwidth, get economies of scale, grow and be as flexible as our warfighters need us to be. Another thing I’m trying to do is to establish a firm foundation for the Joint Information Environment [JIE], which is how we’re trying to converge a multitude of COCOM, service, agency and department networks into a common infrastructure for everyone, to eliminate duplication and redundancies, improve overall reliability, and more importantly, to significantly reduce total overall operational costs, while making

sure we continue to meet all mission requirements. DISA is trying to finish the final roadblock for efficient commercial satellite contracting and leasing, and to increase resiliency across terrestrial, space, aerial and wireless.

Q: How do you see DISA SATCOM and related programs changing as a result of budget restrictions and the drawdown of forces from Afghanistan?

A: I don’t see them changing significantly. The future looks really bright. Users’ and warfighters’ needs continue to increase. Our growth of information is tracking along with Moore’s Law, which means it doubles about every 12-18 months. Yet our budget is decreasing, so how are we going to get around that? Fortunately, we have several ‘white knights’ coming to the rescue. In space, we still have additional Wideband Global SATCOM [WGS], Advanced Extremely High Fre-quency [AEHF] and Mobile User Objective System [MUOS] satellites to be launched, which will significantly increase our MILSATCOM band-width capabilities, and our commercial satellite vendors are placing significantly more bandwidth in space. They are putting up their next generations that are in build and about to be launched. They have com-mercial Ka-band on them, which offers a tenfold bandwidth increase over transitional Ku-band. They’re also putting up new and better Ku-band satellites, which are much more efficient than in the past.

Bruce T. BennettProgram Executive Officer

for CommunicationsDISA


Convergence CommunicatorBuilding a Common Infrastructure of Transport

Q&AQ&A

In the space area, we’re looking at new technologies and spacecraft that will allow us to get more bandwidth, or utilize the bandwidth we have more efficiently, so that we can meet the growth requirements and still comply with reduced costs. Right now, we’re in the best of both worlds.

There is also a lot of pressure on the commercial industry to be more efficient in how they modulate, handle protocols and transmit information across transport networks. We’re seeing some new, inex-pensive technologies that we can adapt to our needs, that will make it more efficient, so that we can get more virtual bandwidth from our existing dollars. Of course, we’re trying to converge everything so that we can eliminate duplication and redundancy. We want to reduce costs for the depart-ment, so that excess reduced costs can be put into bandwidth requirements. Even with the declining budgets that we may see in the foreseeable future, we’ll be able to continue to provide more bandwidth to meet the warfighter’s needs.

Q: How can SATCOM programs respond effectively to the bandwidth challenges created by the growth of full motion video and other intensive data sources?

A: I just mentioned some of the things, such as more efficient protocols and modulations. Some of the newer satellites that are coming on line are going to help.

We need to do a better job of considering spectrum restrictions and SATCOM capabilities early in the design cycle when adding new sen-sors and new applications. As an organization designs a new capability, they need to ensure the commercial and military satellites available can accommodate collection and transport of the information without conflict or capacity issues.

We have to figure out ways to be more efficient in how we collect data, parse that data, get it reduced into mission sets and get it dissemi-nated to the warfighter. There is only so much RF in the world—you just can’t keep going bigger and bigger. For the future, what’s coming out with the new commercial satellites and some of the additional MIL-SATCOM birds, we should be good. But there could be another ‘killer’ technology that comes along that will outstrip our satellite bandwidth capabilities. So we’re always trying to assess that and make sure that we can provide feedback to help develop systems that integrate into the infrastructure we have.

Q: What is your current assessment of the Future COMSATCOM Services Acquisition [FCSA] program, and how do you see it evolving in the future?

A: FCSA has been a tremendous success. It was designed to eliminate some of the constraints that we had put up between us and the com-mercial satellite vendors and integrators. So we took out the problem that you had 10 different ways to sell bandwidth and capabilities to the government. We unified it into one and opened it up so that anyone

who wanted a fair opportunity could have one. We’ve done all we could in that area. For FCSA to grow, and for us to continue to meet warfighter needs, we have to work on the other side of the issue, which is the laws and policies that restrict how we can lease commercial bandwidth. You may have seen the news reports about the DoD Chief Information Office looking at the recommendations on commercial SATCOM that came out of the Defense Business Board. If we can solve that problem, we can eliminate the last major hurdle to the efficient and economically smart way to lease commercial satellite services. Once we get those done, I can guarantee that those changes will be rolled into the FCSA, so that you still have only one way to buy for all of DoD and the government.

Q: What role do you see the programs under your office playing in implementation of DISA’s mobility strategy?

A: Mobility is the game changer for how DoD is going to transport, access and protect all its authoritative data. We are enabling secured and assured connectionless services for the warfighter. Mobility is the ‘killer appliance’ for all of our efforts to develop a Unified Capabilities communications strategy. Mobility will prove that I can work as effec-tively from a tablet or smartphone as I work from my desktop. Today, we are chained to our computers, which are in turn chained to the wired lines. We’re trying to make it such that it doesn’t matter whether you are using 4G, Wi-Fi or Ethernet—if you need access to data, you are able to obtain the data, and do so in a timely manner. We’re try-ing to make all this happen. It’s a tremendous culture shift, and we’re trying to do it as quickly and seamlessly as possible. You’ve seen some of the successes we’ve had, and there are still many more to come. A lot of the things we’re doing, there is no map for how to get there. We had to develop a process to deal with many areas, policy, culture and technology changes to make this happen. But every day, we’re getting more and more believers, and more people are coming to the DoD Mobility solution.

The Mobile User Objective System (MUOS) located at Naval Computer and Telecommunications Area Master Station Pacific, Wahiawa, Hawaii. is a next-generation narrowband tactical satellite communications system intended to significantly improve ground communications for U.S. forces. [Photo courtesy of U.S. Navy/Mass Communication Specialist 2nd Class John W. Ciccarelli Jr.]


Q: How are things going with the Joint IP Modem [JIPM] program, and what benefits do you see it providing?

A: The JIPM will enter worldwide deployment this summer, when it will be available for everyone. What it does is to implement all the latest commercial standards for bandwidth efficiency and utilization. It’s one of the key tools we will need to achieve the efficiencies that are required as budgets decrease and needs continue to grow. JIPM users will see at least 50 percent improvement in their bandwidth efficiency, plus a higher level of situational awareness. Secondly, these are based on commercial standards, and are built on a commercial model. So they’re inexpensive—you or I could afford one. It’s done that way so that as we evolve, there is not a big DoD sunk cost as we evolve. One of the problems we’ve had in the past is that these modem programs cost a couple of hundred thousand dollars each, and you have them in 400 locations. So how do you come up with the money to replace that? We’re trying to eliminate some of the problems to allow us to keep up with technology.

Q: What are you doing to increase resiliency in the ground infrastructures at satellite gateways?

A: We’ve been partnered since day one with the Air Force SMC Resil-ient Bases for Space studies. Some of the things that we’re doing that don’t require any new funding are to integrate all the Standardized Tactical Entry Point [STEP] sites and Teleports across their optical

network into a partial mesh, which means that I can talk to any of the sites as fast as light travels. We’re also upgrading the conver-gence routers in each of the STEPs and Teleports, to allow increased functionality, redundancy and reliability because we have this optical mesh. So I should be able to move a mission from one site to another as fast as I can type a change to a router’s configuration line. We’re adding both virtual and physical diversity to the optical front end of the Teleports, and beginning to integrate some commercial teleports into our utilization plans under the same model. There are some times when I just don’t have the capability where I need it, so I also need to be able to partner with some of my commercial brethren to make sure that I can provide the information downstream.

Q: Where is DISA headed with Teleport integration, and what do you see as the benefits and challenges of that approach?

A: Teleport is our flagship capability for pushing information to the furthest reaches of the warfighter. Teleport can communicate to any satellite that is in orbit today. Some of the other sites have limita-tions—a STEP site, for example, primarily can talk only MILSATCOM, and not with the commercial side. There are a few others out there that can only talk to certain satellites. Teleports can talk to all satel-lites—all types, vendors, bands and protocols. Teleport was designed so that each theater has access to two of these, so that any information can get to wherever it needs to be. Unfortunately, I don’t know what the warfighter’s next need will be, so Teleports need to be a flexible

The Navy’s shift to the Pacific inspires our twelfth title and website...

OUR INAUGURAL ISSUEwill support the Navy with the latest program developments in air and sea for Congress, the executive branch, other services and industry.

Contact Nikki James at [email protected] or 301-670-5700 to participate in the inaugural issue!

OUR 12 TH TITLE

COMING IN JUNE!


as possible. Also, it is our primary connectionless broadband capabil-ity. Satellite doesn’t need any wires hooked up to it, which is really important when you think about the last time you saw a carrier pull out of Norfolk, Va., with fiber out its fantail, an Ethernet cable hooked to an F-18, or telephone wires out of a tank. Also, when was the last time you saw any commercial infrastructure work in a war zone? And a lot of places in the world have no commercial capabilities. For AFRI-COM, if you’re not in the capital city of a major country, you don’t have any true broadband capabilities. So Teleport is required because we have to get information to the warfighters no matter where they are in the world. Today they’re in Afghanistan, but tomorrow they could be in Patagonia. So Teleport is our flagship capability, and we’re using it as a model to help STEP and other types of gateways to grow and evolve.

Q: Looking to the future, what do you see as some of the most promising new technologies coming down the road in your field?

A: One that you might be familiar with is widgets and applications that are written in script for mobile devices. If you look at when the first iPhone was released in 2008, it came with 11 applications. Today, there are more than 8 million applications available. Those kinds of things can be very beneficial for where we need to be, as long as we protect the information and the integrity of the authoritative source. Our transition into 100-gigabit terrestrial transport is a major growth, which will allow us on the terrestrial side to keep up with the

growing demands of the department. The satellite initiatives include DVB-S2/RCS2, which is a commercial protocol that is extremely effi-cient for IP data to deployed people. It’s an offshoot of what is used for DirectTV or Dish TV. In addition, the JIE has an opportunity to significantly reduce costs and increase performance across all of our terrestrial networks. Another thing is to collapse the PE and OTN layers of the network. PE is the first routing layer, and OTN is the last optical layer. We’re trying to converge the PE and OTN layers so that we get much better efficiency and reliability, and have one box do what two boxes did in the past.

Q: Is there anything else you would like to add?

A: One of the things I want to emphasize is that there is no new military SATCOM satellite constellation on order. What we have are Defense Satellite Communication System, WGS, MUOS and AEHF. We’re going to be launching more of those, but we have no new constellations. My job is no longer in design, but in integration and evolution. What DISA has to figure out is how we can use the exist-ing infrastructure better, more efficiently, more economically and with more diversity for fewer dollars. We’re trying to do the opposite of what most people do. Usually, if you want more, you pay more. In this case, I have to give you more and pay less. It’s going to be a chal-lenge. Our commercial brethren have some new technologies coming to bear to help us, but it’s a fight that has just begun and will take a while to succeed. O


w

ADCI of DelAwAre

www.adcit.comADCI of Delaware LLC (ADCI) is

a provider of mobile satellite airtime, products and services to the Department of Defense, Department of Homeland Security, and numerous other public service entities. ADCI’s customers are organizations whose success depends on reliable, secure, mobile satellite commu-nications and remote office functionality worldwide.

AIS engIneerIng

www.aisengineering.comAIS is a woman-owned small business

that provides communications, operations, maintenance and support to federal and commercial clients along with research, design, integration and implementation of satellite communications networks. AIS has implemented fully managed, turnkey global communication services, supplying logistics, engineering, network design, staff-ing, training and integration services for many corporations and government entities since 1994.

ArTel

www.artelinc.comARTEL is an end-to-end managed

network and IT services provider, with core capabilities in satellite and terrestrial com-munications, network operations center ser-vices, solutions integration and information assurance. We understand what it takes to customize and deliver secure, afford-able and reliable products, services and integrated solutions to meet our customers’ mission-critical needs.

fujITSu neTwork CommunICATIonS

www.fujitsu.com/us/services/telecomFujitsu Network Communications is

a North American designer and manu-facturer of fiber-optic transmission and IP broadband platforms and provider

of IT and carrier-class telecommunica-tions solutions. Through innovations and research from Fujitsu Labs, Fujitsu pro-vides fully integrated IT/telecom solutions to deliver traditional and next-generation services over a broad range of metro-politan transport networks, as well as regional, long-haul applications.

HArrIS

www.harris.comHarris is an international communica-

tions and information technology company serving government and commercial mar-kets in more than 125 countries. Head-quartered in Melbourne, Fla., the company has approximately $5.5 billion of annual revenue and about 15,000 employees, including 6,000 engineers and scientists. Harris is dedicated to developing best-in-class assured communications products, systems and services.

HArrIS CAproCk

www.harriscaprock.comHarris CapRock Communications

is a global provider of managed satellite and terrestrial communications solutions, specifically for remote and harsh environ-ments including the maritime, energy and government markets. It owns and operates a robust global infrastructure that includes teleports on six continents, five 24/7 cus-tomer support centers, local presence in 23 countries and more than 275 global field service personnel.

InmArSAT governmenT

www.inmarsatgov.comInmarsat Government provides

secure, reliable and affordable mission-critical telecommunications to U.S. military and civilian organizations. Equipped with the industry’s leading terrestrial and satel-lite infrastructure and partners, it delivers custom, end-to-end commercial satellite communication networks solutions that can sustain connectivity anytime, anywhere.

InTelSAT generAl

www.intelsatgeneral.comIntelsat General provides satellite

communications solutions to military, com-mercial and government customers over Intelsat’s fleet of more than 50 satellites and a global terrestrial network of tele-ports and fiber infrastructure. From remote military outposts, disaster recovery sites and U.S. embassies to health and home-land security agencies, Intelsat General’s solutions support even the most complex operations.

krAToS DefenSe & SeCurITy SoluTIonS

www.kratosdefense.com

Kratos Defense & Security Solutions is a specialized technology business pro-viding mission critical products, services and solutions for national security. Kra-tos’ core capabilities are sophisticated engineering, manufacturing and system integration offerings in areas of expertise including C5ISR, satellite communication systems, electronic warfare, unmanned systems, missile defense, cyber-warfare, cybersecurity, information assurance, and critical infrastructure security. Together with its subsidiaries, Kratos provides inte-grated solutions for end-to-end assurance of satellites, signals and networks, includ-ing satellite command and control, signal processing, remote network monitoring and control, data communications and RF interference mitigation.

krAToS neTworkS

www.kratosnetworks.comKratos Networks helps organizations

assure the availability, reliability and secu-rity of communications across satellite and terrestrial networks. Flagship products include NeuralStar for real-time situational

awareness of satellite, IT and security systems; and Compass for monitoring and control of devices. NeuralStar is used by DISA as the primary software component to administer DoD’s enterprise network as part of its Integrated Network Management System and by customers that include the Army, Department of State and others. With over 3,000 installations, Compass is used by broadcasters, satellite opera-tors and the military to ensure equipment uptime.

krAToS SeCureInfo

www.secureinfo.comThe Kratos SecureInfo team pro-

vides end-to-end cybersecurity services across satellite and terrestrial operations for a wide variety of military, civilian, criti-cal infrastructure and commercial custom-ers. With over 20 years of experience and thousands of engagements completed, Kratos SecureInfo has special exper-tise in areas including SATCOM, cloud security, risk mitigation and continuous monitoring. SecureInfo is an independent agent of the certifying authority for IT and space systems for the Air Force and an accredited third party assess-ment organization under the Federal Risk and Authorization Management Program performing security assessments of cloud service providers for the federal government.

o3b neTworkS lImITeD

www.o3bnetworks.comO3b is transforming communications

by deploying an innovative Medium Earth Orbit satellite constellation, with fiber speed and satellite reach. Governments, fixed/mobile operators, ISPs and enterprises will have flexible low latency, high capacity connections where and when they need them. O3b provides a low-cost, high-speed alternative for remote areas and emerging markets that have been unconnected or underserved.

(Editor’s Note: Following is a listing of some of the key providers in the field of commercial satellite communications services for the military and intelligence communities.)

www.MIT-kmi.com20 | MIT 17.5 | 2013 COMSATCOM Guide

STAkeHolDer

4 pHASeS of ACquISITIon

REqUIREMENTS DEVELOPMENT:

• Gather data/information• Determine scope• Refine requirement [PWS/

SOW, CSSR, Market Research Report, Acquisition Plan (if required), qASP, Evaluation Plan, CLIN structure, and J&A (as required)]

• Develop cost estimate (IGCE)• Obtain SDB• Submit SAR/GAR

REqUIREMENTS COMPLETION & FUNDING VALIDATION:

• Receive funding via MIPR

• Send package to DITCO

• Assign tracking number

• Prepare additional paperwork as required

CONTRACT AWARD:

• Validate funding

• Make award selection

• Obtain DAA approval

• Issue order• Receive

TP; set up service

CONTRACT DEVELOPMENT & PROPOSAL EVLUATION:

• DITCO coordinates review/approval of ACq plan & other documents

• DITCO develops RFq and sends to vendors (RFq on e-Buy for 30 days)

• Vendors submit quotes• Conduct TEB/IA evaluation• Customer provides Informed

Consent Memo

22 days* 8 days*

(Approx 78 days. *Complexity of requirements could increase the duration.)

40 days* 8 days*

Cu

st

om

er

te

Ch

&

Co

ms

at

Co

m C

en

te

r

Cu

st

om

er

Pm

&

re

so

ur

Ce

ma

na

ge

r

Co

ms

at

Co

m C

en

te

r

dIt

Co

Co

nt

ra

Ct

Ing

&

Ve

nd

or

s

Cu

st

om

er

&

Co

ms

at

Co

m C

en

te

r

dIt

Co

Co

nt

ra

Ct

Ing

PWS(Technical)

Customer Req’t

CSSR (Technical)

MIPR ACq Package RFq Vendor

Proposals

Technical Evaluation

& DAA Approval

Contract Award

Clarification Amendment

COMSATCOM Acquisition Process

2013 COMSATCOM Guide | MIT 17.5 | 21www.MIT-kmi.com

rT logIC

www.rtlogic.comReal Time Logic, a Kratos company,

is a leading signal processing systems sup-plier for space-ground communication and ground network applications. The RT Logic ioPLEX Access Gateway (formerly Avtec) is engineered to deliver time-sensitive, mis-sion-critical circuits, via modern IP or ATM networks, leveraging the latest core tech-nologies without impacting end-users reliant on legacy interfaces. Through the use of a segregated dual star topology where data and control are kept completely separate, an embedded operating system with logical and hardware centric redundancy features,

hot-swap components, and extensive use of low-power technology, ioPLEX sup-ports high availability and greater mission assurance.

SAT Corp.

www.sat.comFor more than 25 years SAT, a Kratos

company, has led in providing products and services for identifying and reacting to RF interference events that disrupt the availability and quality of satellite commu-nications. SAT’s products include Monics, the industry’s leading carrier monitoring solution; satID, the most used system for quickly and accurately gelolocating inter-ference sources; and Sigmon, for portable

monitoring and geolocation. In addition, SAT is the only global service provider of managed SATCOM NetOps services. SAT solutions are used by 80 percent of the world’s largest satellite operators in over 57 countries to help mitigate costly RF interference events.

SeS governmenT SoluTIonS

www.ses-gs.comWith a fleet of more than 50 satel-

lites offering comprehensive global cover-age and 99.999 percent availability, SES Government Solutions is an industry leader in supporting U.S. government SATCOM missions. As an FCSA SATCOM

Solutions provider, SES-GS offers tran-sponded capacity, subscription services and custom SATCOM solutions (CS2).

ulTISAT

www.ultisat.comUltiSat’s managed satellite communi-

cations network provides end-to-end ser-vice from design and deployment to 24/7 operations and maintenance of systems in the field. Provided with a complete range of voice, video, data, and Internet service and solutions, UltiSat’s customers include both U.S. and foreign governments, the mili-tary, multinational enterprises, the United Nations, NGOs and telecommunications companies.

As the cyber-threat makes the leap into orbit, satellite operators and users are focus-ing increased attention on the security of their communications systems.

Once effectively isolated, and so pro-tected, from outside intrusions, SATCOM networks today have largely completed the transition from circuit- to Internet Protocol-based technology, as integral parts of broader networks operated by the Department of Defense and industry. With that shift have come not only improvements in efficiency and interoperability, but also greater potential vulnerability to the advanced, persistent and apparently state-supported cyber-attacks that have become increasingly pervasive.

Reports in 2011 that NASA satellites had been hacked a few years before have added to concerns that vital government and private SATCOM systems link-ing military and intelligence forces worldwide could be degraded or mined for secret information.

The SATCOM industry is responding by ramping up efforts to comply with secu-rity standards, such as those developed by the National Institute of Standards (NIST), and introducing new products and services, such as a recently announced satellite cybersecurity assessment service. In addition, key government programs such as the Defense Information Systems Agency/General Services Administration’s Future COMSATCOM Services Acquisi-

tion program are featur-ing enhanced information assurance requirements.

A number of factors have come together to heighten the importance of SATCOM cybersecurity, noted Stuart Daughtridge, vice president of advanced technology at Kratos Defense & Security Solutions.

“Obviously, the threat has changed—cyber-threats have become much more significant,” Daughtridge explained. “But there also have been a lot of changes in the satellite world that have impacted this as well. First, satellite systems used to be very stand-alone and isolated, rely-

ing on the ‘air gap’ as their security mechanism. That’s changing both on the network side, where they’re connecting more and more to IP net-works and are now a piece of a bigger network, and on the control side, because to drive efficiency in operations, they have remote engineers being able to call in to support the system. So you have to make

allowances in your air gap solution to enable people to have remote access. The other chal-lenge is that air gap solutions have now been proven to be able to be breached, so they are no longer the end-all security feature that they once were.

“SATCOM equipment used to be very unique in its command and control proto-cols. But most of the monitor and control functions for RF networks are moving to standard IP, which is great for interoper-ability and efficiency, but is not good from a cybersecurity perspective, because now it’s just another node on the network that can be attacked,” he said.

assessing the risk

To address the increasing threats and unique requirements of the satellite industry, Kratos recently introduced the SATCOM Cybersecurity Assessment ser-vice. With cybersecurity legislation expected soon to require the application of NIST information assurance standards for all U.S. critical infrastructure, including satellite communications, company executives note, the assessment will help ensure compliance

by harrison donnelly

mit editor

Stuart Daughtridge

CyberC4:Alert from RT Logic consolidates security data across satellite networks, including monitoring for traffic from known malicious IP addresses using IP reputation data from the Open Threat Exchange. [Image courtesy of RT Logic]

Cyber-Threats in SpacesatCom providers and users step up efforts to strengthen CyberseCurity against inCreased potential risks.


readiness for these forthcom-ing security regulations.

“Our view is that you need to have a clear assessment of your risk posture. Every sys-tem has vulnerabilities, and there is always risk associated with operating networks. The key thing is to do a deep dive on where you stand relative to your risk posture across the spectrum, from end to end,” said Christopher Fountain, senior vice presi-dent of Kratos’ SecureInfo.

“We advocate a robust assessment of risk, leveraging the control frameworks that are being required by systems used by the government and Department of Defense,” he said.

In addition, RT Logic, a Kratos company, offers CyberC4, its family of products for the SATCOM environment that deliver situ-ational awareness, system hardening, insider and external threat protection, and active defenses. Components include CyberC4:Alert, which it bills as the first Security Infor-mation Event Management system specifi-cally for satellite networks; CyberC4: Armor, which provides anti-tamper protection for mission-critical devices used in satellite ground networks; CyberC4:Capture, which counters insider threats; and CyberC4:Guard, a cross-domain solution for controlling the transfer of information between different security levels.

Satellite operators also are moving to address cyber- and related security concerns. Intelsat General, for example, offers round-the-clock monitoring and proactive security in the Intelsat Secure Operations Center, defense-in-depth design and delivery from IA experts, operations support at each teleport, and emergency response teams.

“IP-based networks raise the risk level for cyber-threats, so we take a number of precautions to make sure that our network and customer services stay safe. The risk applies across the board, possibly affecting network operations, network infrastructure, IT infrastructure, and flight operations. So it is an area that Intelsat takes very seri-ously, with a world-class cyber-protection program in place,” said Mark Daniels, vice president of engineering and operations for Intelsat General.

“Intelsat has taken all of the informa-tion assurance standards that are out in the market for both commercial and government networks and applied the most stringent

parts of those across the Intel-sat network to make sure it’s been hardened against cyber-threats. We’ve been very suc-cessful with this approach. It includes third-party penetra-tion testing, where we hire someone to try to break into our network, to certify that we don’t have any holes,” Daniels said.

Part of the information assurance process that the company goes through on government contracts involves certifying that it is adhering to the required levels of security, including encryption of

the command signals sent to satellites. Most of Intelsat’s satellites are designed with that capability, which gets turned on when a gov-ernment task order requires it.

“Security is absolutely important to our business and customers,” Daniels said. “In protecting ourselves from cyber-threats, we use a defense-in-depth approach to protect-ing the network. It’s a multi-layer approach that protects the IT infrastructure through a hardening of our systems, as well as physical security at our teleports and offices.” O

For more information, contact MIT Editor Harrison Donnelly at [email protected]

or search our online archives for related stories at www.mit-kmi.com.

Christopher Fountain

MILITARY GRADECYBERSECURITY

ACROSS SATELLITE AND TERRESTRIAL NETWORKS

Assuring end-to-end availability, reliability and security of critical communications resources.

SecureInfo end-to-end cybersecurity services across satellite and terrestrial operations.

CyberC4 real-time cybersecurity products designed specifically for satellite ground networks from RT Logic.

NeuralStar real-time situational awareness of satellite, IT and security systems.

www.KratosDefense.com

For more information,call 703-254-2000 or [email protected]

Photo courtesy of U.S. Air Force

MIT Ad v1.indd 1 6/5/2013 11:11:17 AMwww.MIT-kmi.com MIT 17.5 | 23

When the advanced capabilities of the Army’s mobile tactical communi-cations network backbone hit theater, soldiers and commanders inside War-fighter Information Network-Tactical (WIN-T) Increment 2-equipped vehicles down to the company level will be able to remain on the front line, where they can exchange critical information from higher headquarters all the way to boots on the ground.

“WIN-T Increment 2 provides improved information and intelligence on what is happening on the battlefield,” said Colonel Thomas Dorame, com-mander of the 2nd Brigade, 1st Armored Division (2/1 AD). “In the past, that infor-mation would have only been available at

my tactical operations center. And then I would have to try to get a voice message down to the platoon on the ground. But now if a soldier has a WIN-T Increment 2 vehicle, he’ll have that information right there on the battlefield as he is about to conduct operations.”

Dorame commands the operational unit that conducted the WIN-T Incre-ment 2 follow-on operational test and evaluation (FOT&E) this spring.

The Army and Department of Defense last fall outlined requirements for an additional test for WIN-T Increment 2 prior to securing a full rate produc-tion decision and permission to conduct additional fielding beyond Capability Set (CS) 13, which has been delivered to

the 4th and 3rd Brigade Combat Teams (BCTs) of the 10th Mountain Division. To fulfill these requirements, the WIN-T Increment 2 FOT&E was conducted in conjunction with the Army’s Net-work Integration Evaluation (NIE) 13.2, which has used 2/1 AD’s 3,800 soldiers in the realistic operational environments of Fort Bliss, Texas, and White Sands Mis-sile Range, N.M.

The NIEs aim to rapidly mature and integrate the Army’s tactical commu-nications network, and accelerate and improve the way network technologies are delivered to soldiers. NIE 13.2 was the fifth event of the semi-annual NIE series and provides an optimal venue in which to conduct the follow-on test.

by amy walker seCond generation of army network exChanges mission-CritiCal data from headquarters elements to soldiers on the ground.


“The FOT&E will be the Army’s pri-mary focus for NIE 13.2,” Lieutenant Col-onel (P) Robert Collins, product manager for WIN-T Increment 2, said in advance of the event. “Through its support in previ-ous NIEs, the brigade has already gained a great deal of WIN-T Increment 2 opera-tional experience. Between the realistic NIE environment and the unit’s exten-sive experience, the Army will be able to conduct the full spectrum of operations needed for a focused, successful test.”

Based on WIN-T Increment 2 initial operational test and evaluation at NIE 12.2 results from last May, the Army was granted limited permission to field WIN-T Increment 2 as part of CS 13 prior to its final full rate production deci-sion. WIN-T Increment 2 meets a critical need for mobile communications, espe-cially as U.S. forces support the drawdown in Afghanistan.

WIN-T Increment 1, formerly known as the “Joint Network Node-Network,” began fielding in 2004. It provides soldiers with high-speed, high-capacity voice, data and video communications down to bat-talion-level units at the quick halt.

WIN-T Increment 2 improves upon these capabilities by providing users with an integrated, self-forming, self-healing and on-the-move network down to the company level. It further increases capability by introducing network radio waveforms and enhancing Network Oper-ations, a suite of integrated monitoring tools used by communications officers to command and control the network.

WIN-T Increment 2 provides a net-work connection so soldiers are not just relying on “static information,” but have a network that they can reach back to and pull information that others are providing relative to their situation, explained Major Ralf Radka, executive officer for 2/1 AD.

Previously, soldiers could only pass critical network data from fixed command posts via ground satellite terminals at battalion and above. But now they have permanent communications capabilities down to the company level, both static in the command post and on the move in the WIN-T Increment 2 vehicles, from which they can push and pull data, he said.

“Through networking radios, they also have the capability to further pass data all the way down to the soldier level, where they can share it in a variety of differ-ent forms, whether it’s tactical, imagery,

calculated enemy locations or informa-tion about infrastructure,” Radka said. “Anything that they can tap into that is available from the network, they can pull down and get that information to specific locations.”

WIN-T Increment 2 is an important part of the Army’s tactical network mod-ernization strategy and one of its highest priorities. It is also the centerpiece of the Army’s network capability sets. CS 13 is the first of these fully integrated packages, which include radios, satellite systems, software applications, smartphone-like devices and other network components that provide connectivity from the sta-tionary command post, to the commander on the move, to the dismounted soldier.

WIN-T Increment 2 is the tactical communications network backbone that binds the capability sets together.

CS 13 began fielding to the two 10th Mountain Division BCTs last October, and the two units are preparing for possible deployment to Afghanistan with these advanced capabilities. If they are called upon to deploy as security forces advise-and-assist teams, they will work closely with the Afghan forces. The units will rely on the new network as they take down fixed infrastructure and become increasingly mobile and dispersed in their operations.

“WIN-T Increment 2 provides key mis-sion command on-the-move capability to our forces and improves situational

awareness and communications down to lowest echelons, a major enhancement over the current network architecture in theater and critical for the success of these units,” Collins said.

The WIN-T Increment 2 FOT&E has laid the groundwork for the WIN-T Increment 2 full rate production deci-sion scheduled for the fall. A successful decision will allow the Army to continue to procure equipment to support future capability sets, remain aligned with Army modernization and ensure maneuver BCTs are enabled with a mobile network.

“WIN-T Increment 2 provides a signif-icant increase in capability beyond what units have today with WIN-T Increment 1, and deploying units need these advanced capabilities to support their missions,” Collins said. “The WIN-T Increment 2 FOT&E will posture the Army to continue to provide these increased capabilities to our forces in the near future and facilitate further network improvements over the longer term.” O

Amy Walker is a staff writer for Sym-bolic Systems, supporting the Army Pro-gram Executive Office Command, Control and Communications-Tactical, Project Manager WIN-T and MilTech Solutions.

For more information, contact MIT Editor Harrison Donnelly at [email protected]

or search our online archives for related stories at www.mit-kmi.com.

A WIN-T Increment 2 Soldier Network Extension travels across the harsh desert terrain of White Sands Missile Range, N.M., in November 2012 during the Network Integration Evaluation 13.1. [Photo courtesy of Claire Heininger, U.S. Army]


Airborne Solutions Offer Secure Connectivity, SATCOM Monitoring

Compiled by kmi media group staffcotSacoPia commercial off-the-Shelf technology

Vocality, a global network router manufac-turer and supplier of voice and data network routers to the satellite communications market, has announced the immediate release of Vocality Operating System Version 8 (VOS 8). This repre-sents a significant step forward in routing software for local and wide area network opera-tions. Building on its success with VOS 7, which introduced increased routing and optimization

features, Vocality significantly increases its core network routing software to bring major benefits to users of satellite networks, tactical edge and high-performance routing appli-cations. VOS is the routing system used in network routers deployed in defense, nongov-ernmental and commercial satellite operator voice and data networks. The latest release brings a significant under-the-hood boost to

the potential of VOS as a viable alternative in network routing. For example, VOS 8’s inclu-sion of VoIP capabilities from Metaswitch adds SIP registration and proxy server capabilities to Vocality’s product line. VOS unlocks significant potential for bandwidth-saving and improved application support in the field of high-reli-ability, bandwidth-optimized, field-deployed communications.

Tecore Networks, a global supplier of 3G and 4G mobile network infrastructure, has announced its Raven Platform, a tactical solu-tion delivering macro 3G/4G wireless service for rapidly deployable communications. The Raven leverages a size-optimized all-IP based architecture, delivering the most compact, adaptable and cost-effective rapid response tactical platform. The highly portable mobile platform is small enough to qualify as carryon luggage on most airlines. Each Raven system provides voice, text, MMS and megabit Internet services for local users as a standalone system or as part of a larger communications network. When networked together, users have secured access to other Raven locations. The solution Raven offers multiple backhaul connectivity options to securely connect between several locations. The integrated 3G/4G WWAN allows systems to interlink connectivity and coverage at distances up to 10km apart. Optionally, the units can be integrated with an external microwave or VSAT for the establishment of remote IP connectivity. Raven supports numerous key capabilities that are targeted for rapidly deployed systems, with features that provide reduced overhead in IP trans-missions as well as optimized processing for satellite connections.

TWD & Associates and Lemko Corp. are partnering to create an on-the-move (OTM) mobile cellular network. The platform will reduce latencies and drive down operation and management costs by integrating radio frequency (RF)-neutral technologies. The platform can also be integrated with satellite communications, allowing it to operate across all standard SATCOM frequencies. The plat-form is ideal for emergency response efforts, challenged environments and remote loca-tions. Lemko’s SwarmNet technology provides

a self-organizing and self-healing OTM mobile broadband cellular network that is highly effective in austere and RF-challenged envi-ronments. This solution, a software-defined network, virtualizes the core and replaces traditional hub and spoke architecture with an all IP-based architecture that eliminates backhaul. Additionally, the solution easily integrates with Push-to-Talk networks such as Project 25 or Terrestrial Trunked Radio, and it supports all commercial cellular frequencies and end-to-end security.

As the demand for airborne applications increases, iDirect Government Technologies (iGT), a wholly owned subsidiary of VT iDirect, has launched new airborne solutions for secure connectivity and for moni-toring SATCOM functions while in flight, providing situational awareness and enabling reli-able command, control and ISR operations. IGT’s new Airborne In-Flight Monitoring System (AIMS) provides situational awareness with in-flight monitoring, allowing customers to view the status of the entire airborne communications system while in flight. AIMS displays locally to the communications officer on board, providing the real-time position of the aircraft and information on when it is leaving one satellite coverage area and entering another. In addition, iGT is also launching its Evolution 8000 series airborne enclosure (e8000 AE) based on a 4MCU ARINC variant for

permanent integration on aircraft. Compliant with DO 160 certifications and the highest mili-tary security requirements, the e8000 AE provides fast, reliable and secure network connections for high-speed communications on the move appli-cations. The router enables constant connectivity between manned and unmanned aircraft for uninterrupted command and control communi-cations between theaters, ISR applications and the transmission of high-definition imagery from the aircraft to soldiers on the ground.

SATCOM Routing Software Offers Bandwidth Savings

Solution Delivers Wireless for

Rapidly Deployable Communications

On-the-Move Cell Network Drives Down Costs


advErtisErs indExBlueSpace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27www.bluespace.comCornet Technology Inc. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19www.cornet.com/ipgate-whitepaperExelis Electronic Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3www.exelisinc.com/gnomad-domIntelsat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C4www.farmorethansatellites.comKratos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23www.kratosdefense.comUniversity of Maryland University College . . . . . . . . . . . . . . . . . C2http://military.umuc.edu/cuttingedge

The

adve

rtis

ers

inde

x is

pro

vide

d as

a s

ervi

ce to

our

read

ers.

KM

I can

not b

e he

ld re

spon

sibl

e fo

r dis

crep

anci

es d

ue to

last

-min

ute

chan

ges

or a

ltera

tions

.

CalEndarJune 25-27, 2013USCYBERCOM SymposiumBaltimore, Md.www.afcea.org

August 9, 2013DISA Forecast to IndustryFort Meade, Md.www.disa.mil

October 29, 2013SAP NS2 Solutions SummitFalls Church, Va.www.sapns2.com

mit reSoUrce center

With a unique concentration on senior

military officers and DoD leadership, KMI

Media Group focuses on distinct and

essential communities within the defense

market. This provides the most powerful and

precise way to reach the exact audience

that procures and deploys your systems,

services and equipment.

KMI Media Group offers by far the largest

and most targeted distribution within critical

market segments. Sharp editorial focus,

pinpoint accuracy and depth of circulation

make KMI Media Group publications

the most cost-effective way to ensure your

advertising message has true impact.

Want to REACH the decision-makers in the DEFENSE COMMUNITY

KMI’S FAMILY OF PUBLICATIONS

?

To learn about advertising opportunities, call KMI Media Group at 301.670.5700

BORDER & CBRNE DEFENSE

GEOSPATIAL INTELLIGENCE FORUM

GROUND COMBAT TECHNOLOGY

MILITARY ADVANCED EDUCATION

MILITARY LOGISTICS FORUM

MILITARY INFORMATION TECHNOLOGY

MILITARY MEDICAL & VETERANS AFFAIRS FORUM

MILITARY TRAINING TECHNOLOGY

NAVY AIR/SEA PEO FORUM

SPECIAL OPERATIONS TECHNOLOGY

TACTICAL ISR TECHNOLOGY

U.S. COAST GUARD FORUM

June 2012Volume 1, Issue 1

www.BCD-kmi.com

Border Threat Prevention and CBRNE Response

Border Protector

Michael J. Fisher

ChiefU.S. Border PatrolU.S. Customs and Border Protection

Wide Area Aerial Surveillance O Hazmat Disaster Response

Tactical Communications O P-3 Program

Integrated Fixed Towers

Leadership Insight:Robert S. BrayAssistant Administrator for

Law EnforcementDirector of the Federal Air

Marshal Service Transportation Security

Administration

SPECIAL SECTION:

The Communication Medium for Navy PEOs

Carrier Craftsman

Rear Adm. Thomas J. Moore

U.S. Navy Program

Executive Officer

Aircraft Carriers

Presidential Helicopter O Shipboard Self-Defense O Riverine Patrol Craft

Precision Guided Munitions O Educational Development Partnership

www.npeo-kmi.com

The Communication Medium for Navy PEOsI N A U G U R A L I S S U E

SPECIAL SECTION:

CARRIER ONBOARD

DELIVERY OPTIONS

SOF Enhancer

Adm. Bill H. McRavenCommanderSpecial Operations Command

Rapidly Deployable Networks O SOF Light Vehicles

Robotics Technology O Global SOF Training

May 2013 Volume 11, Issue 4

www.SOTECH-kmi.com

World’s Largest Distributed Special Ops Magazine

2013 SOCOM

PROGRAM MANAGEMENT UPDATES


As Harris CapRock’s president of govern-ment solutions, David Cavossa oversees the direction and growth of the business, which focuses exclusively on serving military and federal civilian agencies. He oversees all gov-ernment sales, business development, strate-gic planning, and day-to-day operations.

Q: What unique benefits can Harris CapRock provide its customers in comparison with other companies in your field?

A: Harris CapRock is uniquely positioned to serve as a single source for all our customers’ communications requirements through our extensive self-owned and -operated global infrastructure. We currently provide end-to-end managed satellite communication solu-tions to thousands of remote sites worldwide using more than 60 different satellites. We land that traffic in one of our 12 self-owned and -operated teleport facilities and connect directly to our customers’ networks through a global terrestrial backbone network with 83 points-of-presence. Our robust terrestrial network provides bandwidth on demand with speeds up to 10 Gpbs between more than 50 key Department of Defense locations, mean-ing we can deliver services on our network within hours or days of receiving customer requirements, versus the industry standard of weeks. In total, we provide terrestrial services to more than 1,700 government locations in the U.S. Our network can scale to meet any of our customers’ requirements, and can provide the most cost-effective solutions in a period of contracting budgets. We are constantly innovating and upgrading our network, which enables us to offer increased capacity in a secure and efficient manner thus resulting in considerable savings to govern-ment. Harris CapRock continues to research novel approaches to expand our current ser-vices at the most competitive market rates.

Additionally, as part of Harris Corp., we can incorporate its technical expertise and expansive capabilities into Harris CapRock’s product portfolio. Our recently launched end-to-end commercial ultra-high frequency [UHF] service is a great example of how we are leveraging strengths across the Har-ris family to offer customers something no

one else can. The service integrates Har-ris’ industry-leading radios, waveforms and Harris CapRock’s satellite communications expertise. Thousands of military personnel in the field can use the Harris radios they already know and love with our dedicated UHF satellite channels. Using a Harris tactical satellite waveform, users can actively manage their channels by splitting the capacity into multiple networks for simultaneous users.

The service successfully went live with its first customer, a European military agency, at the beginning of April. We have seen significant interest in the service, especially from international customers who do not have access to military UHF satellite constel-lations the way the U.S. does. We are talking with several more potential customers who need ultra-critical, tactical-edge communica-tions and we think could really benefit from the service.

Q: Are you currently developing any new products and services relevant to military and government customers that you hope to bring to the market in the future?

A: As a global satellite, terrestrial and wireless network service provider, Harris CapRock continually evaluates emerging communi-cation technologies for application in our customers’ solutions. We serve as a trusted technology adviser to our customers, taking the approach of tailoring the right technology for each customer’s unique application envi-ronment. We remain technology agnostic, focused solely on designing the best solution for performance and operational efficiency.

Based on what we are hearing in ongo-ing conversations with our customers, two specific areas we are looking into are ways to integrate additional mobile platforms and high-throughput satellites into our solutions.

Obviously those are two completely different markets. Harris CapRock supports customers with bandwidth requirements ranging from the strategic to the tactical. For certain sets of users, we are asking and analyzing the same big question about high-throughput satellites that our customers are: Which high-through-put technology is right for them? And yet, we’re hearing from other sets of users that despite all the hype about high-through-put satellites, it is important not to forget about the steady demand for narrowband offerings for voice, text and low-data-rate critical communications.

Q: How are you working to strengthen the security of your solutions?

A: Harris CapRock has long been committed to ensuring that information assurance [IA] and security are properly incorporated into every solution design. Several years ago we brought a highly respected IA subject matter expert onboard to help assist our government customers in strengthening the confidential-ity, integrity, availability and over-arching security posture of their networks. Since then, our global security team has upgraded Harris CapRock’s overall IA posture and driven us to progressively higher standards of IA compliance.

In 2011, Harris CapRock was the first COMSATCOM provider to be inspected by the Defense Information Systems Agency [DISA] Field Security Office. We were very proud to be rated “outstanding” by the senior govern-ment representative present. Furthermore, our solutions are consistently approved by the DISA chief information officer to support government operations at the highest levels of mission assurance and confidentiality.

For all the solutions we design, Harris CapRock provides an added layer of ano-nymity and security by positioning ourselves between our customer and the satellite fleet operators. Prior to award, each solution is reviewed and vetted against the contract and security requirements by government contracting and security officials. Our win-ning COMSATCOM solutions always meet or exceed the government customer’s pre-defined security requirements. O

David CavossaPresident, Government Solutions

Harris CapRock

inDUStry interVieW military information technology



July 2013Volume 17, Issue 6nexT ISSUE

Insertion Order Deadline: June 26, 2013 • Ad Materials Deadline: July 3, 2013

FeATuReS

Cover and In-Depth Interview withTeRRy HALvoRSenChief Information OfficerDepartment of the Navy

• JTRS Bears Fruit Although the Joint Tactical Radio System program no longer exists in its original form, it is still bearing fruit with products outside the programs of record that are directly benefitting from work with interoperability and capabili-ties for troops in the field.

• Radio Competition The Army is working on a busy schedule of key contract awards for tactical radios, including the Rifleman Radio, HMS Manpack and Mid-Tier Networking Vehicular Radio.

• Seal of Approval The JTRS certification process is part of an evolving effort to ensure end-to-end joint ser-vice interoperability and security. Achieving JTRS Certification indicates a device’s readi-ness to operate in a DoD or service network architecture.

• Cloud Security With the growth of cloud computing, security issues are drawing greater attention from both government and industry.

• Collaboration Technology Enterprise systems bringing together a variety of technologies for collaboration are vital tools in a time of travel restrictions and budget cuts.

• Citizen-Soldier IT Upgrade of Reserve Component Automation Systems brings new capabilities for those sup-porting the Army Reserve and National Guard.

Step up to best-in-class mobility. Visit farmorethansatellites.com.

Seamless mobility comes down to a simple equation. Intelsat General is already

known within the industry to have the fastest, most reliable global mobility network

on land, sea or sky for critical military communications needs, including end-to-end

solutions, and Intelligence, Surveillance and Reconnaissance applications. Still, our

Intelsat EpicNG platform, launching in 2015, will make the best even better. New

spot beam technology will complement our current C-, Ku- and X-band solutions,

allowing you greater throughput as well as greater flexibility and control. And, as

you’d expect from Intelsat General, this technology is designed intelligently to be

backwards compatible with pre-existing equipment. When the communication is

mission-critical, the choice is epic.

MIT_17-5_FINAL

Documents

Transcript of MIT_17-5_FINAL