Upload
vudan
View
220
Download
2
Embed Size (px)
Citation preview
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
LandWarNet 2011
Session 5Cyber Interoperability / Information
Assurance Efforts and Lessons Learned
24 Aug 2011 – 1615-1730CTSF Technical Director
1Session 5, Track 6 (C4ISR ME)2011-08-24 //Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Transforming Cyber Capabilities through System of Systems Interoperability and Integration Efforts
•Afghanistan Mission Network (AMN) / Coalition Interoperability Assurance and Validation (CIAV) Working Group (WG)
•Air Ground Integrated Layer Exploration (AGILE) Fire Exercise
•Joint On-demand Interoperability Network (JOIN) / Joint Users Interoperability Communications Exercise (JUICE)
•Host Based Security System (HBSS) Pilot
•Questions
Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts 2
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Session 5, Track 6 (C4ISR ME)
CPOF
TIGR
Corps
DIV
BCT
BN
CO
PLT
SQD/SLDR
117 G
7800W117 G
7800W
WIN-TV-SAT
(CSS)
WIN-T
WIN-T
WIN-T
DTCS
V-SAT
(CSS)
V-SAT
(CSS)
Trojan
Spirit
GBS
SNAP
Iridium
L-BandKU
SNAP
GBSTrojan
Spirit
Trojan
Spirit
GBS BFT
BFT
BFT
BFT
BFT
BFT
117 G GRRIP
Inmarsat
DCGS-A
AFATDS
SINCGARS EPLRS
EPLRS
EPLRS
EPLRS
EPLRS
BCS GCCS-A
CIDNE
National / International BFT NOC
BCS 3SVR
BCS 3
BATs/Hide
CPOF
DCGS-A
AFATDS
BCS GCCS-A
CIDNE
BCS 3
CPOF
DCGS-A
ADAM
AFATDS
BCS
BCS 3
CPOF
DCGS-A
AFATDS
BCS
BCS 3
TIGR
TIGR
TIGR
Transport Layer LandWarNet Applications COTs Applications
WNWSINCGARS
SINCGARS
SINCGARS
WNW
SRW
SRW
FBCB2
FBCB2
FBCB2
FBCB2
FBCB2
FBCB2
FBCB2
DCGS-A
FOS
FOS
FOS BFT
CPOF
CPOF
VOIP Chat
Web
VTC
FMV
VOIP Chat
Web
VTC
FMV
VOIP Chat
Web
VTC
FMV
VOIP Chat
Web
VTC
FMV
Chat
Web Email
Chat
Web Email
Chat
MS Office
MS Office
MS Office
MS Office
MS Office
MS Office
VOIP
Representative of multiple air/ground platforms
Data
Initialization
Security
HBSS
HBSS
GBS
ADAM
ADAM
32001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
AMN faces many of the same interoperability challenges as current
force LWN/BC:
• Many individual Systems (Program Managers (PMs))
• Geographically distributed operations across theaters (CONUS/OCONUS)
• Foreign Military Sales - technical information/data exchange issues
• Increasing number of systems that must interoperate
• Complex network architecture
• Increasing complexity of software and number of interfaces
• Limited Coalition-wide SoS engineering and access to SoS Integration
Environments
• Loosely defined requirements and standards
• Loosely defined overarching SoS Architecture
• Lack of adequate documentation
• Requirement for rapid delivery in response to operational Warfighter
requests
• Increased security due to emerging threats
• Language and cultural differences
Session 5, Track 6 (C4ISR ME) 42001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
CTSF is part of the CIAV Working Group focused on mission-based interoperability and integration for the Afghanistan Mission Network (AMN)
Interoperability at the Command and Control and battle management layer (EN, Apps and Services) are among the predominant challenges facing the AMN
CIAV Key Goals:
• Validate Coalition Tactics, Techniques, & Procedures
• Streamline integration of current and new information exchange processes
• Provide feedback loop to training
Session 5, Track 6 (C4ISR ME) 52001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Issue: United Kingdom (UK) received reports from Afghanistan on the validity of UK ground track data on a Regional Command (RC) COP via CPOF
Cause: UK believes the issue is a result of delays within the current architecture flow of UK ground track data to CPOF
Action:
•UK asked the CIAV WG to support a series of alternative data flow tests to assess their viability of timely track data to CPOF; and no negative impacts to the AMN architecture
•With PMs’ onsite technical support, CTSF quickly reconfigured to support UK’s efforts
Outcome: UK is currently assessing the test data to validate one of the COAs that resolves the issue
Session 5, Track 6 (C4ISR ME) 62001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Session 5, Track 6 (C4ISR ME) 7
CTE2Coalition Test & Evaluation
Environment Representative
of AMN
AMN
CFBLNet
Evaluate and resolve existing
operational issues
2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Develop and validate improved Joint Fires mission TTPs
Explores joint system interoperability procedures and
information exchange requirements within and between
space, air, and ground domains to execute operationally
realistic missions
Examines Joint Fires/airspace integration and integrated
air picture planning, operations, and management
Interoperability analysis based upon mission threads
Air Force asked CTSF to join AGILE Fire events because
of its System-of-Systems (SoS) interoperability expertise,
lab scalability, and distributed-site networking capability
Session 5, Track 6 (C4ISR ME) 82001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Warfighter Problem:
Solution:
Objectives:
• Determine if systems used in the JAGIC are effective in the execution of Joint Fires and Airspace Command and Control
• Determine if JAGIC systems provide a complete, timely, and accurate air-ground COP
Currently there is no single C2 authority facilitating integration of air-ground operations at the tactical level
• Develop modular and scalable C2 cell
• Incorporate TACP personnel with the ground element
• Increased shared situational awareness and C2
EMT
AF4
Joint Air Request Net
(JARN) Operator
Air force
A5
ADA
Controller
Army
AF1
SAD
Air
Force
A1
FSCOORD
Army
A2
FSO
Army
AFATDS
TAIS
TBMCS Client
ADSI
w/TACVIEW
TACP-CASS
PASS Server
FAAD-C2
GCCS-A / C2PC CPOF
AMDWS
JADOCS
Server
JADOCS
&TBMCS
Client
NUTTCP
MDV,
Chat &
VoIP
MDV,
Chat &
VoIP
AF2
Airspace
Manager
Air Force
MCS
InterTEC
Collaborative
Tool Suite
JADOCS &
TBMCS
Client
A6
Airspace
Manager
Army
MDV,
Chat &
VoIP
MDV,
Chat &
VoIP
MDV,
Chat &
VoIP
MDV,
Chat &
VoIP
A3
FSNCO
Army
AF3
Procedural
Controller
Air Force
MDV,
Chat &
VoIP
A4
Air Defense
Manager
Army
MDV,
Chat &
VoIP
9Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
JAGIC concept shortens Joint Fires decision-making process
JAGIC approved for implementation in OEF
Validated first-ever Joint Air Ground Integration Cell (JAGIC) at Div Main
Validated co-located systems provide a more timely and accurate air-ground COP
Developed improved Surface Fires and JCAS TTPs , and Joint Fires doctrine
Integrated VoIP and Joint Chat tools for Pilot-to-TOC comms
Session 5, Track 6 (C4ISR ME) 102001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
LandWarNet 2011
Session 5: Joint On-demand Interoperability
Network (JOIN)
Joint Users Interoperability
Communications Exercise (JUICE)
Software Engineering Center
11Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
JUICE Purpose
• Building on the theme of Cyber Initiatives such as CTSF Agile Fires
• Joint and Coalition exercise focusing on Joint Interoperability and development and validation of TTP’s
• Focus on operational gaps and issues that have been indentified throughout the year by COCOM’s Services and agencies
• Synergizes technical, test, operational and acquisition communities
• Align JOIN in support Commander’s intent with BRAC
12
"JUICE provides a uniquely important exercise environment allowing our
joint service members access to the latest technology and experts,
providing training on state-of-the-art capabilities that can be deployed in
support of our CONUS/OCONUS missions in addition to DoD support to
our state and federal agencies” COL Christopher A. Hegarty
Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
JUICE 11: Employed Air Force Cyber Team to ensure Network Integrity
• Stood up Net Defense at three different locations of the JUICE network
• Incorporated as part of the JNCC reporting and Battle Rhythm
• HBSS Testing to assess policy pushes in a Tactical Environment
Instituted stringent IA policy at each participating site• Required submissions of IA scans, ATO/IATO and consent to monitor for
each site
• Configured S/W settings to allow retina servers to pass scan results
UC Tactical Pilot• Implement PKI authentication
Employed computer network defense concepts/devices (KG-250) to protect network systems
13Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Expeditionary Communications (Recommended at Fort Bragg Haiti AAR/J6 summit)
• Assess small expeditionary communications packages
“small enough to get in and big enough to win the battle”
• Validate JNN to Teleport connection TTP
• Training for non-standard connection (214th Fires Bde)
Deployed Joint Task Force Initial communications Suite (42nd CBCS)
• Provide initial JTF communications package
• Trained on Joint Network Control Center, Power and HAMAT
Fires Mission (Fort Sill Create multi-layered Fires Control )
• Brigade/Battalion/Battery fire echelons replicated with AFATDS
• Forward Observer cell at APG using Mark VII Laser Rangefinder
• JUICE fires mission fired x23 155mm rounds at APG
• Successful coalition call for live fire from US (APG) and Med-EVAC via Radio over IP from Norway and Sweden
14Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Tactical Unified Capabilities Pilot• Phase II of Tactical UC pilot to access tactical connection
to new DISN EoIP GIG II backbone• Validate Service individual system operational capability and document
to JTTP site• Review and modify SAR/GAR process and develop TTP
Coalition Interoperability Communications Exercise (C-ICE)• Execute voice and data comms including call for fire, NBC and MedEvac
using Joint Variable Message Format• Utilize NATO STANAG 4637 and Standard Interoperability Points for
multinational to US C2 connectivity with Radio over IP (RoIP), US, UK, CA, Sweden and Norway
Edgewood Chemical Biological Center (ECBC)
• Examine uses of tactical radio systems, such as SINCGARS and EPLRS to route NBC warning and reporting message traffic
• Explore automated NBC sensor data distribution through various echelons of the command structure
• Built Collaboration between C4ISR community and ECBC15Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
16
Quonset Point, RI
JISCC
Picatinny, NJ
ARDEC
Fort Gordon, GA
NSC-R
Robins AFB, GA
AFFOR HQ:
5 Combat Comms Group
MacDill AFB, FL
DISA CONEX CONUS
ARFOR:
Air Management Cell
Fort Bliss, TX
AFFOR:
3 Combat Comms Group
Tinker AFB, OK
Fort Huachuca, AZ
Joint Interoperability
Test Command (JITC)
Portland, MA
AFFOR:
265 CCB
AFFOR:
269 CCB
Springfield, OH
Fort Hood, TXARFOR:
4ID Fires Support
46 Test SQ
Fires Air Component
Eglin AFB, FL
USARPAC:
PACOM mobile Command and Control
(C2) evaluation
Fort Shafter, HI
Savannah, GA
117 CBCS
Aberdeen Proving Grounds, MD
JTF HQ
JNCC
Software Engineering Center (SEC)
Executive Agent, Theater Joint Tactical Networks
SEC C2SD and COMM WIN-T, Tactical Comms Test Bed
CERDEC: CryptoMod, Satellite & Terrestrial Comms Division
214TH Fires BDE FWD
National Guard Bureau (JISCC MI )
281st Combat Communications Group (J-6)
Industry: LGS, EADS, iDirect, L-3 NARDIA, LGS Innovations,
REDCOM, Solar Stik, SYS Tech, Telcordia, Ultra DNE and VIASAT
ARFOR HQ:
214 Fires BDE
Software Engineering Center
(SEC FSCD)
Fort Sill, OK
STRATCOM:
JUICE Supporting Combatant Command
Offutt AFB Omaha, NE
MARFOR:
Marine Corps Tactical Systems
Support Activity
Camp Pendleton, CA
Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
JOIN provides a persistent operational Cyberspace in which the Warfighter can validate and train prior to deployment
• JOIN provides an operational network to access and validate equipment and systems
• JOIN provides an operational environment to train and develop TTP’s
JOIN is based on the Operational Area Network (OAN)
• Database of the core tactical systems that the Service’s use and systems they access in the field today
• Maintained by the TJTN and housed on the TJTN Joint Collaboration TTP site (CJCSM 6231)
JOIN is a CyberSpace based on A Network-of-Networks
• Consisting of SIPR, NIPR, DREN, Commercial Internet, etc.
• Tactical and Strategic systems available locally or remotely
17Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts 18
JOIN Testing Throughout the Year: PKI
• Provided backbone network to authenticate network and web servers, sign and encrypt email, and perform certificate validation
HBSS - Security Data and Log Management (SDLM) Test
•Provided backbone network in support of PEO-C3T to further define requirements, architectures, and solutions for the flow of security event data in the Tactical and Strategic Army
•Participants: Cyber Integration, PEO C3T, ACERT, RCERT, AGNOSC, TRADOC, Other Army Security Event Stakeholders
Integrated SATCOM GIG Operations Management (ISOM)
• The objective of the ISOM JCTD is to develop a scalable Situational Awareness (SA) of Wideband MILSATCOM links and Policy Based Management (PBM) system that enables Dynamic reallocation and provisioning of MILSATCOM IP resources
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Develop and Validate TTP’s
• Equipment validation in an operational cyberspace prior to deployment
• Train on equipment in a similar operational network prior to deployment
• Ex: USMC Afghanistan pre-deployment validation, 1st CBCS AFRICOM system validation
Support Acquisition Community
• Provides Joint Services, PMs and other DoD agencies the capability to assess their systems in a joint environment, on demand
• Maintain an on demand Joint Tactical Force communications infrastructure utilizing existing joint equipment
Federate the C4ISR Campus and community
• A coalition of the willing seamlessly connecting labs-to-labs for enterprise level activities
• Maintain persistent connections to outside agencies and organizations in support of tactical and acquisition community
19Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Maintain and provide access to on demand communications capability minimizing start-up and technical requirements
Reduces travel requirements for pre-certification testing and interoperability by providing resources and networks for R&D throughout the year “on demand”
Provides an existing technical staff, experienced engineers, IT and IA staff, “the whole package, one stop shopping”
Maintains “collaborative relationships” with other key activities critical to R&D activities
Bottom Line: JOIN supports Joint Interoperability, saves time and dollars
20Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
21
APG 6003
A2-309 DCGS SIL/LAB
APG 6006
B5-333DCGS-A
APG 6007
FBCB2 NOC
APG 6010
TSIL/WIN-T/
Crypto Mod
APG 3090
JSEC
APG 311
NEC, DCO
APG 6009 Annex/Yard
SEC Legacy SwitchesEdgewood PG
ECBC
Eglin AFB
Bold Quest
Fort Hood
JUICE Fires mission
Fort Hood
CTSF
Fort Sill
JUICE Fires Mission
Fort Bliss
JUICE Fires Mission
Regional HubPM WIN-T
Fort Monmouth
XTAR, X, C, Ku, Ka, WGS, GBS
Global Information Grid
DREN, DSN, VoSIP, SIPRNET,
NIPRNET, JWICS, DVS
APG 6002
D5-132 ANCDS
SIPRNET NIPRNET X Band 30 MB
DSN (Voice) DREN KU Band 10 MB
Commercial (Voice) Internet XTAR 6 MB
Idirect Sat hub Linkway Sat Hub (WIN-T)
Quad Band Sat
Total Connectivity
APG 6009
WIN-T/C2SD
APG 120
PEO-I, Fires, Coalition
Fort Leavenworth\
TSIL Mission
Taunton, MA
General Dynamics
Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
LandWarNet 2011
Session 5: HBSS Test Observations from
the CTSF
PEO C3T TMD
22Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
CTSF Testing
23
Dates Event
18 April – 6 May SWB2 HBSS Pilot
9 May – 20 May Data Analysis / Data Reduction
23 May – 3 June Assessment Report
3 June – 30 June SWB 2 AIC Testing with HBSS Installed
30 June Final Policy Release
Objective To execute a pre-defined set of mission threads and conduct policy tuning to define an initial HBSS policy baseline for the Software Block 2 system of systems June 30 Software release
Participant Role
CTSF Test and Evaluation Test Lead
PEO C3T ASA (ALT) HBSS Technical Lead
USAISEC / McAfee HBSS SME
PM Participants Engineering Support
Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Date Delivery/Event
5 January 2011 • HQDA G-3/5/7 mandates ASA(ALT) fielding of HBSS
14 February – 25 March • HBSS architecture comparison test in Fort Gordon, GA
• Compared alternatives for ePO server placement in the tactical environment
29 March – 18 April • HBSS in theatre site survey completed
18 March • Land War Net General Office Steering Committee approves HBSS Architecture decision
18 April – 6 May • Initial SWB 2 HBSS Assessment to gain leadership concurrence on an initial rollout of HBSS to SWB 2 systems
• Initial set of global policies developed for ASA(ALT) POR SWB 2 Systems
27 May – 18 June • Preliminary testing on select program of record systems in Iraq
8 June – 29 June • Software Block 2 final system checkout for fielding
30 June • Program of record fielding released to SIF Portal
24Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
HBSS Baseline Component: HBSS Component Role:
ePO Centralized Manager/Reporter
McAfee Agent (MA) Software Management Agent on Hosts
Policy Auditor (PA) (installation only) Reports Software Patching Statistics of the Host
Rogue System Detection (RSD) (not utilized)
Identifies Systems on the Network not Running HBSS
Asset Baseline Monitor (ABM) Detects System Level Data Changes
Host Intrusion Prevention System (HIPS) Blocks Malicious Activity at the Host
Anti-Spyware (ASE) Anti-Spyware
Anti-Virus (AVE) Anti-Virus
Device Manager (Host Data Loss Prevention)
Blocks USB Enabled Devices
25Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
SWB2 Systems
Under Test
26
Program Executive Office (PEO)
Systems
Command Control and
Communications Tactical (C3T)
Army Field Artillery Tactical Data System (AFATDS), AFATDS Effects Management Tool (EMT), Battle Command Server (B Server),
Maneuver Control System Gateway (MCS GW), MCS Workstation, Battle Command Supply Support System (BCS3), Command Post of the Future (CPOF), Global Command and Control System – Army (GCCS-A),
Joint Capabilities Release (JCR), Joint Automated Deep Operations Coordination System (JADOCS), Warfighter Information Network –
Tactical Increment 1 (WIN-T INC 1)
Missiles and Space (M&S)
Air Defense Systems Integrator (ADSI), Air and Missile Defense Workstation (AMDWS), Forward Area Air Defense Command and
Control (FAAD C2)
Intelligence, Electronics Warfare & Sensors (IEW&S)
Distributed Common Ground System – Army (DCGS-A), Instrument Set, Reconnaissance and Surveying (ENFIRE), Integrated Meteorological
System (IMETS)
Aviation Tactical Airspace Integration System (TAIS), Aviation Mission Planning System (AMPS)
Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Army Acquisition
Systems MAC I MAC II MAC III N/A
HBSS Compliant 54 2 27 17 8
HBSS Potentially Compatible
140 52 63 4 21
HBSS Not Compatible 235 50 96 41 48
Totals 429 104 186 62 77
27
There are 455 Information Systems entered into the APMS database assigned to the PEOs, ~ 429 are in the open category in the APMS tracking system
Each open PoR (429) in APMS was reviewed to determine if HBSS is compatible (~140) based upon the Army Cyber Command (ARCYBER) criteria, ~54 PoRs are compliant
Data provided by ASA(ALT) SOSE
Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
Army Acquisition
SystemsPEO C3T
PEO IEWS PEO EIS
PEO AVN
OtherPEOs
Potentially Compatible 140 70 35 1 10 24
SWB II Test 57 34 19 0 1 3
CS 11/12 Candidates 10 7 0 0 1 2
Additional Test Candidates 73 29 16 1 8 19
FY 13 + Systems 38 19 4 1 1 13
Waiver Candidates 34 5 7 0 16 6
Unknown Test Event 16 5 5 0 0 6
28
Of the (~140) compatible systems, (~57) were tested during SWB II, and additional (~10) are identified for CS 11/12, (~38) are identified as CS 13/14 or beyond, (~34) have been identified by PM offices as needing a waiver, leaving (~16) systems that need to determine an appropriate test venue
Data provided by ASA(ALT) SOSESession 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
29
June 30, 2011
Feb 17, 2012
Worldwide fielding estimated one
year past policy release date.
Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
TBD: Pending
ARCYBER Direction
Global Policies created for June 30 release
• Allowed for consistency• Allows easier administration• Achieved FRAGO 13 Minimum
Protection Model Lessons Learned
• Recommend System SpecificPolicies and Secure Site Protection be released gradually
• Effective Policy Tuning is time consuming• Importance of Policy Configuration Management• Module Conflicts (Symantec and Anti-Virus)• CPU Load on older hardware• Intermittent agent to server communication issues• Additional Policy Tuning in live environment required for end-state implementation• Effective HBSS Management and Policy Tuning can ONLY be done by the system owner
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
30
Permanently integrates HBBS into CTSF testing
•90 day maintenance releases planned by CTSF Team
• Integration of HBSS in to ongoing AIC planned
Detailed PM policy configuration management process for distribution and management
•PM policy changes from CTSF testing to operational ePO servers
Additional policy tuning with each release
•September 30 Release targeting HIPS Block Low
•Future releases targeting FRAGO 13 Secure Site (individual system policies required)
•Develop core full-time technical competency with HBSS
Allow sufficient burn-in time for simulated mission threads
Continue policy tuning in the fieldSession 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
31
Phase 1:
Policy Release Date:
Jun 30, 2011
• Software Block 2 Release (Global Policy)
• Includes client modules only: HIPS, MA, VSE, ABM, PA (installation only), and
DLP.
• Uses existing ePO server architecture
• FRAGO 13 Minimum Protection + Firewall (moderate)
Phase 2a:
Policy Release Date:
Sep 30, 2011
• Software Block 2 and CS 11-12 Release (Global Policy)
• Includes client modules only: HIPS, MA, VSE, ABM, PA (installation only), and
DLP
• Uses existing ePO server architecture
• FRAGO 13 Protected Site + IPS Block Low + Firewall (moderate)
Phase 2b:
Policy Release Date: 17
Feb, 2012
• Software Block 2 and CS 11-12 Release (Global Policy)
• Includes client modules only: HIPS, MA, VSE, ABM, PA, and DLP
• Adds PA Benchmarks, naming standard, and domain integration
• FRAGO 13 Protected Site + IPS Block Low + Firewall (moderate) + PA
benchmarks
Phase 3:
Release Date:
Estimated Mar – Apr
2011
• ePO Server Rollout to Division Level with optional Brigade implementation
• Rollout schedule is TBD at this time.
Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts
• Worldwide fielding estimated one year past policy release date.
• Train the trainer for embedded Digital Systems Engineers (DSE)
• Over the shoulder training for ePO administrators as required
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
32Session 5, Track 6 (C4ISR ME)2011-08-24 //Current Interoperability/IA Efforts
CECOM C4ISR ME provides worldwide connectivity over multiple networks to efficiently and effectively access geographically dispersed Cyber Transformation expertise to design, develop, and instantiate an integrated and interoperable enterprise networks consisting of transport, systems, platforms, and applications.
These networks facilitate Army, Joint and Coalition Cyber Transformation while at war via events and exercises such as AGILE Fires, Coalition Interoperability Assurance and Validation, and JUICE
CECOM C4ISR ME secures the Army’s enterprise networks with the deployment of state-of-the-art tools such as HBSS
LANDWARNET 2011UNCLASSIFIED
UNCLASSIFIED
TRANSFORMING CYBER WHILE AT WAR
33Session 5, Track 6 (C4ISR ME)2001-08-24//Current Interoperability/IA Efforts