National Security & Defence Transformation (Ulusal Güvenlik & Savunma Dönüşümü) David Lawford Mee – Business Development Manager EMEAR Edwin Tromp – Vertical Solutions Architect EMEAR
Predicting the Future “This ‘telephone’ has too many shortcomings to be seriously considered as a means of communication. The device is inherently of no value to us.” — Western Union internal memo, 1876 “I think there is a world market for maybe five computers.” — Thomas Watson, chairman of IBM, 1943 “Computers in the future may weigh no more than 1.5 tons.” – Popular Mechanics, 1949 “640K ought to be enough for anybody.” – Bill Gates, 1981
GLOBAL INTEGRATORS
TECHNOLOGY ARCHITECTURES
VERTICAL TEAM
ACCOUNT TEAM
National Security &
Defence
Cisco National Security & Defence Resources
Why Cisco ?
§ Strong partnerships in National Security & Defence § Global Investment in Networking Skills: Networking
Academy Programme (Military Signals Schools) § Cyber Security – Managed Threat Defence § Ecosystem partners – Military COTS § Best in class Architectures § Global Service coverage
New Realities for Global Defence
• Defence spending growth concentrated in Emerging countries • Declining emphasis on general-purpose forces • Rise of special operations forces • Cyber as a military operational domain – C4 to C5 $
Source: Deloitte Global Defense Outlook 2013 Report: Balancing security and prosperity
The 2013–2017 period will be characterized by declining defence budgets in the higher-income states—while the lower-income countries continue to grow defence spending and become more active in weapons R&D and trade.
C4ISR – Major Drivers / Trends
$1Trillion over next 10yrs
Interoperable
Agile
Information Sharing
`EoIP Connected/IoE
Open
Scalable
Data Analytics
Global Technology R&D Focus
• Explosion of mobile devices, new breed of apps, high user expectations MOBILE
• New consumption models (ITaaS), increasing spend from Lines of Business (outside IT) CLOUD
• Managing Sensor networks, Machine to Machine, Big Data Analytics IoE/IoT
• Managed Threat Defence & Incident Response Cyber
Cisco an IT Company: Enterprise to Mobile
Fixed Mobile Transportable Expendable
Fire Sensor
Motion Sensor
Water Sensor
Network Relay
Pressure Sensor
Existing Enterprise Requirements Emerging/Expanding Enterprise Requirements
The Internet of Everything Networked Connection of People, Process, Data, Things
Delivering the right information to the right person (or machine) at the right time
Process
Physical devices and objects connected to the Internet and each other for intelligent decision making
Things
Connecting people in more relevant, valuable ways
People
Leveraging data into more useful information
for decision making
Data IoE
Process Innovation
People Impact
New Data Flows
New Things Connected
IoE Impact: Connected Defence $1.5 Trillion Value at Stake
• Command centers • Air/Sea/Land Platforms,
Logistics.
• ISR improvements
• Next Generation Situational awareness, Medical, Air Traffic
• Combat personnel safety, “Golden Hour”
• Force-multiplier effect — fourfold effectiveness
Value Impact $$
Provides real-time situational awareness to combat personnel in theatre by connecting Deployed HQ, Vehicles, Unmanned Platforms and Warfighters.
Cisco Internet of Things (IoT) Portfolio
IE 2000 IE 3000 IE 3010
819 M2M ISR Series
CGR 2010 CGS 2520
Process Manufacturing
Discrete Manufacturing Transportation Defence &
Government Utilities &
Connected Energy Plant-wide Ethernet, Intelligent Transportation, Smart Cities, S&C Refinery,
Smart Connected Vehicle, Smart Grid.
Industrial Applications: BYOD, Physical Security, Remote Expert, Management
Collaboration
Data Center/Virtualization
Ruggedized Wireless AP
1550 Series
ESR 5915 ESR 5940 ESS 2020
ESR5921 & C5930
IP Cameras, Video Surveillance Mgr.,
IPICS
ASA, ISE, SIO,
Industrial Signatures
Oil & Gas Mining
TAC
TIC
AL
DE
PLO
YE
D
STR
ATE
GIC
Trusted Network Platform Secure DC/Cloud DWDM / Optical Collaboration Satellite Ground Stations Cyber Security Smart Buildings/Barracks Critical National Infrastructure
C4 Communications Deployable DC/Cloud Beyond Line of Sight PMB/LTE 4G Wireless Full Motion Video Military Air Traffic
IoT Embedded: - Vehicles - Ships - Aircraft - Soldiers Next Gen IP Radio
CYBER SECURITY
Breaking the Silos: Strategic, Deployed & Tactical Domains
SINGLE INFORMATION ENVIRONMENT
Unified Battlespace Concept
Smart & Connected Ships
Solutions
Next Generation Military Grade Networking Architecture
Unified Battlespace Framework
Command Centre Communications
Defence Data Centre/Cloud & Networking
Cisco Mobile Ready Net
BYOMD Remote Expert
NSD Vertical Solution
Documents
Thought Leadership
Cisco Technology Architectures
Virtualisation | Data Centre
Enterprise Networks
Collaboration
UC + Video
Network Services
Cyber | Security
Data Centre/Cloud
Mobility
Cisco‘s Specialist
Technologies
Operational Outcomes
Business & Solutions-Based
Architectures
Integrating Tactical Networks
Connecting Commanders, Staff & Systems
Connecting Sensors & Platforms
Deployed (Joint) Fixed (Strategic) Mobile (Tactical) PINs PINs
Integration opportunity with Turkish C4ISR Industry
16
ASELSAN AYESAŞ EHSİM ESDAŞ GATE HTR MİKES NETAŞ SAVRONİK SELEX TUBITAK-UEKAE Vestel YALTES YÜKSEK TEKNOLOJİ YÜKSEL SAVUNMA VENDEKA SAVUNMA
C TECH HAVELSAN KOÇ SİSTEM KALETRON Meteksan Savunma MİLSOFT STM
Partner solutions and integration – “Cisco inside”
Quad Radio Features: • Scalable dynamic self configuring L2 routing • High throughput routing • Mobile operation, suitable for vehicular deployments • RAR (DLEP) compliant • Box product or raw product for integration
§ MTD combines Cisco’s OpenSOC with commercial components such as security intelligence feeds, proprietary algorithms and cloud-based correlation, plus 24x7 service and an on-site hardware platform
Cyber Security: Cisco Managed Threat Defence
Cloud analytics Enhanced analytics
algorithms
Security intelligence feeds 24x7 remote monitoring
and support
OpenSOC
MTD Hardware Platform
Hardware footprint (40U) § 14 Hadoop Data Nodes (UCS C240 M3)
§ 3 Cluster Control Nodes (UCS C220 M3)
§ 2 ESX Hypervisor Hosts (UCS C220 M3)
§ 1 PCAP Processor (UCS C220 M3 with
Napatech NIC)
§ 2 SourceFire threat alert processors
§ 1 Anue network traffic splitter
§ 1 Router
§ 1 48 Port 10GE Switch
Software Stack § OpenSOC
§ Hortonworks Data���
Platform 2. x
§ ElasticSearch
§ MySQL
§ Hive, HBase, Storm, Kafka
etc.
Foundation of Trust
Lifecycle / Security Baseline Secure Process
Process Policy Technology
Information Assurance (IA) Secure Standards Product Security Technology
Common Modules & Features
FIPS / USGv6
DoD IA
• TCG
ISO 27034
Development: Trustworthy Systems Architecture
• Securing Ever-Changing Infrastructure – Differentiation with best in class technology, methodology, and expertise • Ensuring Technical Process Consistency - Continual improvement to address evolving threats • Protecting Revenue & Brand- Verification, Compliance, Anti-Counterfeit
• NGE & Common Crypto • Secure Cloud Connection
• Secure Storage
• Run Time Integrity
• Trust Anchor • Secure Boot
• Entropy
• Immutable Identity
• Image Signing
Company, Platoon, and Squad size elements
• Operation: Open field, woods, mountainous, urban and austere environments
• Uses: intrapaltoon communications among dismounted elements with a central mobile access point for voice, video and data
• Type: Wireless CNR & MANET in a multi radio environment
• CNR for platoon, with vehicular backhaul Deployed resources
Battalion, Company or Platoon size elements
• Operation: Used in vehicles, small tents, airborne and sea platforms
• Uses: Intranet for tactical information, Blue Force tracking, weapon and vehicle information systems and voice, video and data
• Type: Wired and wireless communication in the platform
• Combat Net Radios for intercommunications, and to higher HQ
Division/Brigade/Battalion size elements
• Operation: World Wide missions Deployed Enterprise Operational Command Center - Hard Sites (Buildings),Tents, Shelters & Containers
• Uses: forward deployed High & Low side IT Backhaul to support: Data Center, HR, Logistics, Healthcare, Morale and Welfare Networks.
• Type: Wired Networks using Copper and Fiber backbone
• Triple Play Backhaul to HQ
IOT Operational Domains Deployed
Also known as “Fixed Location Communications on the Halt”
Mobile Also known as “Communications
on the Move and Halt”
Dismount Also known as “Communications
on the Move and Pause”
Area of Innovation
Single Information Environment
Network Centric Operations –
Effective Communications
Return On Investment (ROI)
Virtual IOS, Applications, and
Services
Multi-Layer Security (IP Sec and Next Gen Crypto (Suite B))
SWAP3-C and Reduce Complexity
Reach Back and Interoperability
RAR - Wireless Mesh MANET Networking (RFC 5578, DLEP)
Easy to Deploy – Plug N Play
Situational Awareness
Support Multiple Desperate RF
Networks
Ad hoc interaction
Choosing the Right Technology
Back Haul to Command Post or
Higher HQ
Sensors Mounted and Dismounted
Coalition & NATO Operations
Alternative Power Sources
Converged Services - Voice, Video, Data Quality of Service
Dynamic, Flexible and Redundant
Business Challenges Technical Challenges
MANET & AdHoc Capability
Mission flexibility
SDN
C2
Domain Business and Technical Challenges
XXX
Garrison/Corps Operation Center Division/Task Force
CP
X I R F I
XX Brigade CP
CJSOTF CP
Division/Task Force CP
Battalion CP
II Company
I Platoon & Squad
The future Deployed systems: Next generation of Deployed level communication systems will be required in different form factors 1. ‘As we know it’ TITAAN, DCIS, NEXIUM by Thales, TAC/IP by AIRBUS (flexible) 2. Standard 19” in containers (long term mission) 3. Small form factor, beach head, first deployment, ‘in and out’ missions Next generation needs to be flexible and changeable during mission 1. Open 2. Standardized 3. SW based LTE as new open and multi functional bearer services 1. Operational communication in and around CP 2. LOS communication for vehicles 3. Wellfare Edge between CLOUD and FOG services 1. Delivering HYBRID cloud services for logistics, Health care and HRM 2. Control Centre for FOG services
Tactical Mobile: 1. Huge offering from the market: STI ECOpartners
1. DTECH 2. PARVUS (now Curtiss Wright) 3. KLAS teleco 4. MILDEF, 5. DRS/SELEX
2. Radio bearers improments 1. Strong oartnership with Premium Radio Vendor: Persistent Systems and new radio
vendors emerge now fast 2. SatCom will deliver higher bandwaith due to big demand of visual information 3. LTE capabilities on small form factor
3. Core of the FOG services 1. Autonomous FOGLETS 2. Intermitted connected 3. Collecting and distribute IoT data
Dismount soldier communication: 1. Fast emerging communication domain that moves to IP 2. Increasing opportunities for Cisco to deliver solutions 3. Sender or source for IoT services
Complex LOS and BLOS communications model 1. Highly dynamic movements 2. Short medium and long distance communicartions are combined and used in parallel 3. Needs collaboration with SatCom services to optimize the transmission services Emerging LE domain 1. Cheap and effective alternative for CNR’s 2. Introduction of the smarthone in the combat domain
Edge of FOG services 1. Collecting close to the sources all data 2. Make information of data 3. Dynamic sharing between the different high mobile groups
Dismounted
Tactical Communications – Operational View
CommandPost
Mobile
IOx Application Management Application Store
IOS
Linux Distributed Apps
IOx SDK
Hardened Edge Platforms: Embedded Storage & Compute
Cisco 5921 ESR Concept
IOS
Linux
BSP
HW
3rd party App.
3rd Party App.
Part
ner r
espo
nsib
ility
Cis
co re
spon
sibi
lity
Optional
Premium Mobile Broadband (PMB) Definition
A Premium Mobile Broadband (PMB) network is a 3G or LTE wireless network serving a single enterprise at defined locations.
• Several industrial verticals are requesting managed PMB services from commercial service providers
• The PMB solution objective is to: Offer high bandwidth data services with specific features for vertical markets Support highly available mobile services with different scale Allow for multi-access technologies where applicable Leverage commercially available networks, solutions and products
Resilience in Mobile Communication and the Professional Mobile Radio Problem Statement
Tetra and P25 handle Critical Voice but do not
provide future proof broadband
4G LTE provide a future proof framework but
commercial architectures are irrelevant to Safety
and Defence
Command Post (CP)
PMB Tactical use cases
LTE antenna
Cisco router with SRE Hosting EPC
2-20 Km
Small formfactor Cell
PCRF
Legacy RAN Transport
UTRAN/ E-UTRAN
Legacy Safety Radio
Commercial 3G/4G
3G/LTE Or
SGSN/SGW
Tetra Switch
Macro Femto
Dedicated E-UTRAN
Local EPC
ESPO Core
MPC (3G<E)
SP or PS&S WiFi Commercial WiFi /
Private WiFi*
HSS
Data Agg [ISG/iWAG]
VoIP GW ”IMS”
Cisco 8xx ESR 59xx
Premium Mobile Broadband Architecture Common Solution Framework for Mobile Broadband in Private Deployments, Public Safety & Defence
Command Post (CP)
IPICS PSS App’s
Tactical EPC
Mobile CPEs
Small Cells
LTE/3G Packet Core
Mobile Backend and Apps
MVNO & Overlay
Unified Transport
SeGW
§ Multiple verticals considering next generation private network or asking premium mobile broadband services from commercial service providers
§ Compared to previous generation (mostly proprietary), objective is to: § Leverage commercially available solutions/products (Terminals, Radio, Core) § Introduce new advanced high bandwidth services (e.g. video) in addition to the existing ones (critical voice, PTT, etc.) § Possibly reuse of commercial networks via dedicated roaming agreements § Leverage app development ecosystem for creation & distribution of customized apps
§ Different verticals/segments with different requirements leveraging the Safety investments
PMB is relevant for multiple industries
Public Safety
Utilities Private Maritime Transport Military
NATO HQ – Data Centre - Lago Patria, Italy Customer Challenges § Major Reformation § Too many Stove Pipe-Environment – slow to
provision initiatives § Consolidate organization – move to Enterprise
model
Goals: § New Organization – NATO Communications &
Information Agency (NCIA) § Stream-line IT initiatives by 2014 (20% savings)
Solution § Cisco UCS - V-Block Environment § Virtualization/Cloud Services § Looking at CIAC – Cisco Intelligent Automation for
Cloud § Routing/Switching/IP Telephony
NATO Computer Incident Response Capability (NCIRC)
§ The NCIRC is responsible for protecting NATO’s own networks by providing centralised and round-the-clock cyber defence support to the various NATO sites – HQs or HQs deployed for operations or exercises
§ Rapid Reaction Team @ Nato able to address Cyber Attacks on it’s member states
§ Finnmeccanica (Selex ES), Northrup Grummen, Cisco & Sourcefire delivered NCIRC security architecture
UK – Defence Information Infrastructure (DII)
Connectivity (LAN/WAN) Data Centre Security
Fixed Sites Deployed Sites: *Maritime *Army Deployed
300,000 users, 150,000 terminals 20,000 Network Devices 2,000 MOD Locations
Outcome : *Better Communications *Improved ways of working *Value for Money
HERKULES
§ Largest Public Private Partnership in Europe (Siemens, IBM)
§ €7.4 BN contract over 10 years § End to end Administrative & Logistics
Communications (Voice, Data, Video) for German Armed Forces including Business Applications
§ TelePresence Systems located in three major HQ sites, and several mid and lower TP systems for smaller sites
§ Reduced travel costs and man-hours away from home. Improvement in productivity in all areas due efficient communications and operational effectiveness
Balard – French Pentagon § 10,000 “decision making” staff from all French MoD Entities (HQ, DGA, Ministry,…)
§ 30 years outsourcing contract (Private Public Partnership)
§ Project overall budget : €3,5 B, ICT Budget €730 M.
§ Project won by Bouygues / Thales consortium – Feb 2011
§ Thales in charge of IT : Build a global IT infrastructure for a campus (Cisco switching, routing, telephony, security, video)
High Level Design – Cisco resilient Architecture
Naval%Ships%Internal%Communications%&%Distribution%Systems%Architecture% %
©"2013%Cisco%Systems,%Inc.%All%rights%reserved.%This%document%is%Cisco%Public%Information% Page%3%of 20
2."PROPOSED"APPROACH"AND"CAPABILITY"OUTLINE"%2.1"What"is"a"Smart"&"Connected"Ships"Architecture??"%The%Smart%&%Connected%Ships%Architecture%establishes%a%converged%internal%communications%infrastructure%to%enable%maritime%forces%to%communicate%and%collaborate%more%efficiently%through%flexible,%IP%standardsJbased%interfaces%that%interoperate%with%required%systems,%devices,%and%applications.%This%is%shown%at%Figure%1%with%an%outline%of%the%Smart%&%Connected%Ships%Architecture%that%incorporates%the%following%subsystems%and%functions%as%part%of%rationalised%and%standardised%infrastructure:%
• Single%IP%backbone%incorporating%a%certified%red/black%separation%of%classified%networks%(UNCLAS,%PROTECTED,%SECRET);%
• Selective%use%of%wireless%infrastructure%to%extend%mobility%and%user%functionality,%inclusive%of%amenitiesJbased%systems;%
• Unified%Communications%(UC)%platform%incorporating%a%full%suite%of%voice,%video%and%data%services%on%secure,%mobile%or%fixed%user%endJpoints;%
• Integration%of%legacy%voice%and%radioJbased%systems%(PABX,%Tactical%Intercom,%Flight%Deck%Communications,%Voice%Recording),%as%well%as%inclusion%of%legacy%video%capabilities%(CCTV)%within%the%multiJmedia%UC%environment;%
• Incorporation%of%entertainment%and%training%systems%as%part%of%the%core%network%and%distribution%system;%and%
• Consolidated%communications%network%system%management.%
%"
Figure"1"–"Outline"of"the"Smart"&"Connected"Ships"Architecture""
Cisco Campus Switching, Routing Telephony, Video, Security & Design Services
FALCON Project UK Army Tactical WAN & VoIP
Terrestrial HCLOS radio wide area
Cisco Embedded Mobile Access Routers
Theatre Deployable Video Communications
§ Provide rugged, portable, and lightweight on-base communications that can be up-and-running immediately upon arrival at any site
§ Tandberg components enable quick launch of video for tactical and crisis situations
§ Cisco Telepresence VTC standard for all USAF Air Operations Centers
§ US Southern Command – Haiti
§ USAF Special Operations Command – deployed ops
§ Iraq, Afghanistan, NATO
Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 46
Network Emergency Response Vehicle
Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 47
TacOps Delivery Platforms § Network Emergency Response Vehicle
(NERV) – NIMS Type II Mobile Communications
Center. – Large scale network services core – “Respond locally, communicate globally”
§ Mobile Communicator Vehicle (MC2/MCV) NIMS Type IV (with satellite, VoIP) MCC – Medium scale network services core
§ Emergency Communications Kit (ECK) – Rapidly deployable communications
capability
Closing thoughts
§ The boundary between Strategic and Operational domains is getting blurred.
§ End users want the same services and experiences everywhere.
§ Wireless services will replace wired services (LTE/WiFi/Radio).
§ Network Intelligent services will reach the edge of the operational domain: public safety, military and sensors
§ The vehicle & the individual will become intelligent sensors. § Cyber Security will continue to be a Defensive & Offensive
business
Don’t forget to activate your Cisco Live Virtual account for access to all session material, communities, and on-demand and live activities throughout the year. Activate your account at the Cisco booth in the World of Solutions or visit www.ciscolive.com.
Complete Your Online Session Evaluation
§ Give us your feedback and you could win fabulous prizes. Winners announced daily.
§ Receive 20 Passport points for each session evaluation you complete.
§ Complete your session evaluation online now (open a browser through our wireless network to access our portal) or visit one of the Internet stations throughout the Convention Center.
Note: This slide is now a Layout choice
50
Top Related