Mit 17 4 final web version

PRSRT STDU.S. POSTAGE

PAIDLEBANON JCT., KY

PERMIT # 805

The Voice of Military Communications and Computing

C4 GuideLt. Gen.Mark S.Bowman Director, C4/CyberCIO/J6Joint Staff

Cloud Brokers O Industrial Control Security O Low-Cost SATCOM COMSATCOM Update O Serial to Packet Migration

www.MIT-kmi.com

C4May 2013

Volume 17, Issue 4

Learn more • 877-275-UMUC • military.umuc.edu/cuttingedge

ARM YOURSELF FOR OPPORTUNITYWITH A CYBERSECURITY DEGREE.

© 2

013

Uni

vers

ity

of M

aryl

and

Uni

vers

ity

Col

lege

University of Maryland University College is the nation’s largest public university.

To win the battle in cyberspace, we need more cyber warriors. University

of Maryland University College (UMUC) has answered the call, educating

the next generation of cyber security specialists in the public and private

sectors. Our accessible online degree programs have been recognized

for excellence by NSA and DHS. And many of UMUC’s courses address

industry-standard certifications, including many on the DoD 8570

list. UMUC is affordable, too, with scholarships for those who qualify, interest-free monthly payment plans and

participation in the Yellow Ribbon Program. Because the nation’s battle for cyber security can’t afford to be without you.

AT YOUR SERVICE SINCE 1947

130405_UMUC_8.375x10.875_MIT.indd 1 4/23/13 5:05 PM

Cover / Q&AFeatures

Lieutenant GeneraL Mark S. BowMan

Director, C4/CyberChief Information Officer

Joint Staff, J6/CIO

16

Departments Industry Interview2 editor’S PerSPective3 ProGraM noteS/PeoPLe14 data ByteS26 cotSacoPia27 reSource center

diana GowenSenior Vice President and General ManagerCenturyLink Public Sector

4 SavinG on SatcoMIn SATCOM as well as virtually every other area, driving down costs is the order of day, whether by reducing the initial investment, cutting usage costs or getting more output from current resources. By AdAm BAddeley

8 cLoud BrokeraGeThe Defense Information Systems Agency is joining with the private sector in pondering the mission of cloud service brokers, who bring together the providers and users of cloud computing services.By KAren e. Thuermer

12 GatewayS to the iP worLdAs the military moves to everything over IP, a major issue for network designers has been what to do about the huge existing investment in systems that use earlier generations of networking methodologies.By hArrISOn dOnnelly

20 coMSatcoM center uPdateAn update on the latest news from the Defense Information Systems Agency’s Commercial Satellite Communications (COMSATCOM) Center.

May 2013Volume 17, Issue 4military information technology

23

induStriaL defenSeSpurred by the potential for cyber-attacks on military and civilian infrastructure, the Pentagon is emphasizing the security of industrial control systems.By PeTer BuxBAum

28

Learn more • 877-275-UMUC • military.umuc.edu/cuttingedge

ARM YOURSELF FOR OPPORTUNITYWITH A CYBERSECURITY DEGREE.

© 2

013

Uni

vers

ity

of M

aryl

and

Uni

vers

ity

Col

lege

University of Maryland University College is the nation’s largest public university.

To win the battle in cyberspace, we need more cyber warriors. University

of Maryland University College (UMUC) has answered the call, educating

the next generation of cyber security specialists in the public and private

sectors. Our accessible online degree programs have been recognized

for excellence by NSA and DHS. And many of UMUC’s courses address

industry-standard certifications, including many on the DoD 8570

list. UMUC is affordable, too, with scholarships for those who qualify, interest-free monthly payment plans and

participation in the Yellow Ribbon Program. Because the nation’s battle for cyber security can’t afford to be without you.

AT YOUR SERVICE SINCE 1947

130405_UMUC_8.375x10.875_MIT.indd 1 4/23/13 5:05 PM

This issue’s story on saving money on SATCOM serves as a good complement to a new Government Accountability Office (GAO) report that calls on the Department of Defense to adopt more practices from industry in creating and maintaining the ground networks used to control satellites in orbit.

The report, entitled “Long-Term Planning and Adoption of Commercial Practices Could Improve DoD’s Operations” (GAO-13-315), examined the numerous ground stations, networks and other infrastructure created by the department over the years for communications, surveillance and other satellites. These satellite control networks monitor and manage the condition and orbit of the satellite bus, rather than the sensors or transponders on board.

Despite the overall push for interoperability, even in recent years these satellite control systems have been built as dedicated, standalone networks, which have the advantage of being customized for the specific program, but the drawbacks of inefficiency and duplication. Moreover, the department is showing no signs of moving to a shared network, and current efforts to modernize the Air Force’s system are focusing more on sustainment than on adopting capability-increasing improvements.

In search of a better way, GAO investigators turned to commercial practices, which they said would increase efficiency and cut costs. These included interoperability between systems, automation of routine functions, and greater use of COTS products. Another approach would be creation of a “hybrid” network, in which an operator can supplement its ground network by leasing antenna time on another company’s network.

The report acknowledges, however, that the department faces obstacles in improving control networks, beginning with the lack of a long-term plan and a shortage of reliable data.

It is with regret that I must inform MIT readers of the passing of Adam Baddeley, author of “Saving on SATCOM” and many other articles in KMI Media Group publications over the years. With his in-depth knowledge of communications technologies, as well as a host of other military fields, Adam was a good friend and a true professional, and we will miss him.

Harrison DonnellyedITOr

eDitor’S PerSPectiVe


Editorial

Managing EditorHarrison Donnelly [email protected] Editorial ManagerLaura Davis [email protected] EditorsSean Carmichael [email protected] Hobbes [email protected] Baddeley • Peter Buxbaum Cheryl Gerber • Karen E. Thuermer

art & dEsign

Art DirectorJennifer Owers [email protected] Graphic DesignerJittima Saiwongnuan [email protected] Designers Scott Morris [email protected] Papineau [email protected] Paquette [email protected] Waring [email protected]

advErtising

Account ExecutivesCheri Anderson [email protected] Cooper [email protected]

KMi MEdia groupPublisherKirk Brown [email protected] Executive OfficerJack Kerrigan [email protected] Financial OfficerConstance Kerrigan [email protected] Vice PresidentDavid Leaf [email protected] McKaughan [email protected] Castro [email protected] & Communications ManagerHolly Winzler [email protected] AssistantCasandra Jones [email protected] Show CoordinatorHolly Foster [email protected]

opErations, CirCulation & produCtion

Operations AdministratorBob Lesser [email protected] & Marketing AdministratorDuane Ebanks [email protected] Gill [email protected] SpecialistsRaymer Villanueva [email protected] Walker [email protected]

a proud MEMbEr of

subsCription inforMationMilitary Information Technology

ISSN 1097-1041is published 11 times a year by KMI Media Group.

All Rights Reserved. Reproduction without permission is strictly forbidden.

© Copyright 2013. Military Information Technology is free

to qualified members of the U.S. military, employees of the U.S. government and

non-U.S. foreign service based in the U.S. All others: $65 per year.Foreign: $149 per year.

CorporatE offiCEs

KMI Media Group15800 Crabbs Branch Way, Suite 300

Rockville, MD 20855-2604 USATelephone: (301) 670-5700

Fax: (301) 670-5701Web: www.MIT-kmi.com

Military inforMation tEChnology

Volume 17, Issue 4 • May 2013

www.GIF-kmi.com

Geospatial Intelligence

Forum

www.BCD-kmi.com

June 2012Volume 1, Issue 1

www.BCD-kmi.com

Border Threat Prevention and CBRNE Response

Border Protector

Michael J. Fisher

ChiefU.S. Border PatrolU.S. Customs and Border Protection

Wide Area Aerial Surveillance O Hazmat Disaster ResponseTactical Communications O P-3 Program

Integrated Fixed Towers

Leadership Insight:Robert S. BrayAssistant Administrator for Law EnforcementDirector of the Federal Air Marshal Service Transportation Security Administration

SPECIAL SECTION:

Border & CBRNE Defense

www.MAE-kmi.com

Military AdvancedEducation

www.MIT-kmi.com

Military Information Technology

www.GCT-kmi.com

Ground Combat

Technology

www.MLF-kmi.com

Military Logistics Forum

www.M2VA-kmi.com

Military Medical & Veterans

Affairs Forum

www.MT2-kmi.com

Military Training Technology

www.SOTECH-kmi.com

Special Operations Technology

www.TISR-kmi.com

Tactical ISR Technology

www.CGF-kmi.com

U.S. Coast Guard Forum

KMI MedIa Group LeadershIp MaGazInes and WebsItes

Program noteS Compiled by KmI media Group staff

Tighter Security Sought for Army Mobile DevicesAmid criticism from the Department of Defense inspector general about lax

oversight, Army officials are working to strengthen the security of commercial mobile devices (CMD) used by Army personnel.

In a March report, “Improvements Needed with Tracking and Configuring Army Commercial Mobile Devices,” the IG found that the Army chief informa-tion officer, currently Lieutenant General Susan Lawrence, had not implemented an effective cybersecurity program designed to identify and mitigate risks surrounding CMDs and removable media.

Specifically, the report concluded that the Army CIO had not properly tracked some 14,000 devices used throughout the service, thus leaving networks potentially vulnerable to a variety of intrusions and malware attacks.

IG inspectors visited two Army sites, the U.S. Military Academy and an Army Corps of Engineers (ACE) facility at Vicksburg, Miss., where a total of about 850 devices were assessed. There, they found that the CIO had not:

• Ensured that the commands had used a mobile device management application to configure CMDs to protect data.

• Required that CMDs be adequately sanitized, with the capacity to remotely remove data on devices that had been transferred, lost, stolen or damaged.

• Controlled CMDs used as removable media, and barred users from storing sensitive data on CMDs used as such.

• Required that users receive security training and sign user agreements promising to follow security procedures.

“This occurred because the Army CIO did not develop clear and compre-hensive policy for CMDs purchased under pilot and non-pilot programs,” the report said. “In addition, the Army CIO inappropriately concluded that CMDs were not connecting to Army networks and storing sensitive information, and therefore did not extend current IA requirements to the use of CMDs. Without an effective cybersecurity program specific to CMDs, critical IA controls neces-sary to safeguard the devices were not applied, and the Army increased its risk of cybersecurity attacks and leakage of sensitive data.”

The Army responded strongly to the report, moving immediately to ensure that West Point and the ACE office remedied the issues and revised their controls.

In addition, officials pointed to steps they have taken, including new policies established this year to make clear that no CMDs or other IT equipment can be purchased without approval through the CIO/G-6 process.

In February, the Army published new information assurance and cybersecu-rity requirements that included improved accountability for unit commanders. Under the rules, commanders have to assess their IA posture and weaknesses using standardized tools, and quickly develop a plan of action to address prob-lems. The Army is planning a servicewide IA/cybersecurity awareness program for this fall.

Army officials also pointed to their ongoing efforts as part of a Defense Information Systems Agency (DISA) mobility pilot, which currently includes more than 500 mobile devices issued to the Army. Under the Army’s mobile solu-tions strategy, CMDs will be managed as a DISA enterprise service.

Air Force Colonel Brian M. Killough has been selected for the rank of brigadier general and assigned as director, warfighter systems integra-tion, Office of Information Dominance, and chief infor-mation officer, Office of the Secretary of the Air Force.

The list of Army brigadier generals nominated for

appointment to the rank of major general includes Brigadier General Joseph A. Brendler, who is currently serving as director of archi-tecture, operations, networks and space, Office of the Chief Information Officer/G-6, U.S. Army, and Brigadier General George J. Franz III, who is currently serving as director, current opera-tions, J-33, U.S. Cyber Command.

Army Major General James Chambers (Ret.) has been promoted to president and chief operating officer of McLane Advanced Technologies, a provider of information technology and logistics solutions.

ITT Exelis has named Rich Sorelle corporate vice pres-ident and president of its Electronic Systems division. Joe Rambala assumes the role of vice president and general manager of the division’s integrated elec-tronic warfare systems busi-ness area, a position previously held by Sorelle. In addition, Dave Prater has been named vice presi-dent and general manager for the division’s radar, reconnaissance and undersea systems business, and Mark Adams has been named vice president and general manager of specialty applications for Exelis Electronic Systems.

Compiled by KmI media Group staffPeoPle

Col. Brian M. Killough

Eight Win NETCENTS-2 Deals

The Air Force has awarded a set of contracts worth up to $6.9 billion that will make providing innovative IT products and capabilities covering the full spectrum of operations and missions to its warfighters quicker and easier. The Network Centric Solutions-2 (NETCENTS-2) team awarded the netcentric products contracts in April, with a three-year base ordering period and three 12-month options.

The eight contract awardees are FedStore Corp., Intelligent Decisions, World Wide Technology, CDW Government, Ace Technology Partners, CounterTrade Products, General Dynamics IT and Iron Bow Technologies.

The netcentric products contract provides the Air Force with a full range of innovative, competitively-priced, world-class netcentric IT products to support the full spectrum of netcentric operations and missions. COTS products offered on the contract include: networking equipment, servers/storage peripherals, multimedia hardware, software, identity management/biometric hardware and associated software.

www.MIT-kmi.com MIT 17.4 | 3

In a cost-constraIned world, the complexIty of the

satcom supply chaIn offers opportunItIes and challenges

for cost reductIon.

By adam Baddeley

mIt correspondent

In satellite communications as well as virtually every other area, driving down costs is the order of day for the Department of Defense, whether that is reducing the initial capital invest-ment, cutting usage costs or getting more output from current contracts and resources.

The complexity of the SATCOM sup-ply chain—the space segment, earth stations, terminals and the way in which satellite bandwidth is acquired, leased and operated—offers both multiple challenges and opportunities in decreas-ing costs and increasing value for war-fighters as well as back office functions.

In response, key players in the field are developing and emphasizing offerings designed to provide essential SATCOM capabilities in a cost-constrained envi-ronment. Last fall, for example, Tele-Communication Systems Inc., Northrop Grumman and Lockheed Martin unveiled a program called the Low Cost Terminal solution, which addresses the military’s need for lower-cost technologies and sys-tems to enable protected and secure communications for tactical warfighters in theater.

Another important entry is GNO-MAD, an on-the-move (OTM) SATCOM system from ITT Exelis that addresses

the capabilities gaps for wide-band OTM communications in low-cost offerings, while ensuring that the ability to meet tight battlefield requirements has not been lost.

Rob Semple, manager, business development, explained the genesis of GNOMAD: “We talked to the users in the Army and Marine Corps and found out that what they wanted was something that was small and modular, allowing them to configure it for the mission, and that didn’t require extensive modification on the host platform, so it was easy to re-install if the vehicles broke down. Finally, they wanted a low-profile antenna so the

www.MIT-kmi.com4 | MIT 17.4

vehicles didn’t stick out as a command-and-control vehicle.”

To meet these needs, Semple explained, Exelis went out and found partners to supply and integrate standardized COTS equipment in a low-volume package. “One cost saving is from not having to do extensive integration work, so you are not changing the power requirements. That is a lot of engineering money saved. Nor do you have the high overhead cost of taking that commercial COTS equipment and ‘MILSPEC-ing’ it.

“We looked for best of breed and because of that, you can reach the size, weight and power levels that you previ-ously saw only in bespoke systems,” he continued. “So we are not doing extensive integration to the vehicle platform. There-fore, if the vehicle goes down for automo-tive maintenance, you can go ahead and dismount the system and put it on another vehicle. That saves money.”

Hughes is another company that has been working with DoD and allied militar-ies to showcase the cost-saving capabilities of bandwidth-efficient technologies.

“Commercial companies are con-tinually advancing their technologies to provide cutting-edge solutions at lower costs,” said Rick Lober, vice president and general manager of Hughes Defense and Intelligence Systems Division. “Our glob-ally available SATCOM solutions employ extensive bandwidth-efficient technolo-gies, resulting in greater capacity and throughput while reducing the need for more dedicated bandwidth, which reduces costs for our military partners in this aus-tere budget environment.”

securIty classIfIcatIon

Nevertheless, there are certain things that can’t be repackaged due to security classification or environmental specifics. One example was the installation of GNO-MAD on the M1 Abrams, where a lack of space within the vehicles meant that the modem had to be located outside the vehicles, which necessitated that the modem have MILSPEC protection. The encryption is the GFE KG-175, powered off the GNOMAD itself.

Some analysts have called for cost reductions through doing everything in-house. But Semple argues against this, in

part due to GNOMAD using standard OTM products for which the integration issues are well established.

“What we have with our partners is a great working relationship,” he said. “If we have an idea for something that the cus-tomer wants, then I go back to my teaming partners for a new module. They can go ahead and turn it around in 30-60 days and have the module ready to go.”

An example of this has been the addi-tion of a new antenna to support operation of the Wideband Global SATCOM (WGS) satellite.

A key element of the approach is the absence of an exclusivity agreement for the GNOMAD components, Semple explained. “I talk to our suppliers two or three times a day every day. We have a very good working relationship with partners and we felt that with this particular product, the best way to go was not to try to own everything in-house. It’s a gentleman’s agreement that has stuck well.”

While GNOMAD is an OTM solution today, it won’t be limited to that tomorrow. The changes will be a source of further cost savings as it becomes a system of systems, building a family of products around base components to support all the disadvan-taged users all the way up to a command post battalion and brigade size. To do that, it will use the same component across the product line, cutting down training costs and introducing common logistics.

“Whether it is on the move, manpack, stationary or supporting a command post, the only thing that is going to change across the product line is your antenna,” Semple said. “If the company commander has a GNOMAD in his vehicle and they move to an observation point, they can dismount, grab a Ku-, Ka- or X-band antenna, a couple of mission modules and the modem put them together. Now you can have a wideband SATCOM system, sav-ing money in the long run.”

“Supporting WGS is critical to bridg-ing the forecasted SATCOM gap for the U.S. military,” said Lober, pointing to the Hughes HX system as a proven, global solution to support WGS requirements.

ImprovIng value

XTAR, the first commercial satellite operator providing services in the X-band

frequency, is also supporting government procurement officers and users in helping reduce their costs for SATCOM services.

But the equation is not a simple one, suggests Andrew Ruszkowski, vice presi-dent of global sales and marketing for XTAR. “We believe that the best outcome results from not just focusing on lowering costs, but on controlling costs and creat-ing efficiencies. In other words, improving value for money.

“With this focus, users will minimize the compromises they need to make in creating effective solutions with their lower budgets. As an example, users can focus on getting more throughput out of the same equipment or reduce the amount of capacity needed for achieving the same mission requirement,” he said.

Over the past few years, the availability of X-band space segment has been increas-ing. Systems developers have responded to this trend and have been aggressive in developing new technology that leverages the unique features of the frequency band and the constellation of MILSATCOM and commercial satellites available today.

“While innovation may initially result in some increase in capital expenditures, very quickly these are offset by signifi-cant reductions in recurring costs—from lower BW costs, for example—and often improved performance or capabilities for the user,” Ruszkowski noted.

When users deploy small antennas (for example, 0.45m or less for manpacks), especially for mobile applications, the amount of satellite capacity needed will vary based on whether the frequency is Ku- or X-band. For Ku-band, spread spectrum carriers are often needed to close the links. This typically means more space segment capacity and higher recurring costs.

X-band, on the other hand, is the ideal environment for small and mobile termi-nals, because rarely does a successful link require spread-spectrum technology. As a result, less capacity is needed, and there-fore costs are lower.

Satellite operators—for example, Squire Tech Solutions, a provider of first responder and mobile response network—have offered pooled resources for many years, but some government users have hesitated to use them because of a false perception that they are less secure than dedicated systems. As a result, they haven’t

MIT 17.4 | 5www.MIT-kmi.com

taken advantage of the cost savings offered by shared platforms.

“Recently, there has been a shift in awareness that shared TDMA and managed networks can be as secure as legacy SCPC networks. Over the past seven or eight years, Squire Tech has supplied federal and state operations with high bandwidth solutions, achieving great performance at a fraction of the cost with all the security they demand,” said Michael B. Zalle, vice president, Squire Tech Solutions.

With commercial X-band, this model should be more attractive. This frequency can only be used by government users, so the security concern of sharing resources with an unknown commercial entity does not exist.

space segment

The biggest source of cost, and therefore of potential cost savings, lies with the space segment, according to Tim Shroyer, chief technology officer for General Dynamics SATCOM Technologies.

Terminal costs are almost insignificant in comparison, even for larger earth sta-tion antennas, given the long-term space segment use, he noted. The use of larger antennas, where possible, usually results in increased efficiency and reduced total cost of ownership. If larger antennas cannot be used, then good modem operation is a necessity.

Suppliers like General Dynamics SAT-COM Technologies can help by providing tightly integrated earth stations, with effi-cient antennas, tracking systems, uplink amplifiers, preferably high-efficiency solid-state power amplifiers, and state-of-the-art modems with good performance.

Cheaper terminals rarely provide reduced total cost of ownership, he added, for the space segment reason described above. Decreased earth terminal track-ing performance is even more of a prob-lem because reduced efficiency actually increases costs for transmission much more than any potential reduction in tracking or pointing system cost might achieve.

It makes good sense to use the most cost-effective subsystems in earth sta-tions, such as right-sized solid-state power amplifiers and the right antenna for the job, analysts say. But saving a few dol-lars in subsystem cost, if it also results in decreased efficiency, actually increases the overall cost of ownership.

“Although per satellite unit costs dwarf those of user terminals, our military cus-tomers have increasingly become con-cerned with total ownership costs for space systems,” added Lober. “The total cost to procure terminals, integrate and install the terminals on platforms and then operate those terminals is far greater in terms of total ownership costs than the space seg-ment—and that’s why Hughes is working to reduce costs by designing terminals, modems and networks for affordability, such as ease of integration and open stan-dard waveforms.”

Another consideration, which is becom-ing critical, is the actual uplink antenna radiation pattern. In the commercial SAT-COM world, there have been several cases of low-cost VSAT antennas being offered to the

market that do not meet previous radiation pattern performance standards. When used, many of these antennas caused interference on adjacent satellites, and so had to be oper-ated at lower power levels or completely replaced to ensure acceptable levels of Adja-cent Satellite Interference performance.

l-Band archItecture

Further innovative schemes to reduce the cost of ownership are also being sought, not least in the area of earth terminals. Here, a good architecture that supports cur-rent needs also provides flexibility to meet future link requirements. Today, that means the use of L-Band IF systems.

GD Satcom came up with L-Band IF architecture a few years ago, Shroyer noted,

Electric propulsion (EP) has long held the promise to enable huge cost sav-ings for communication satellites, and that promise is now becoming a reality.

According to Boeing executives, four satellites will be built for the Asia Broad-cast Satellite of Hong Kong and Mexico’s Satmex. These satellites feature a design that uses electric propulsion not only for maintaining position once in geostation-ary orbit (known as station keeping) but also for raising the satellite into geosta-tionary orbit from their launch vehicle drop-off point. The result, Boeing has said, is a 6-kilowatt satellite that, while it would normally would weigh 4,000 kilograms at launch, will weigh around 2,000 kilograms, meaning they can be launched two at a time aboard a launch vehicle.

This new class of satellite does not utilize traditional chemical fueled rock-ets, but instead converts solar power to produce propulsion by ionizing and accelerating an inert xenon gas. These solar-powered EP systems produce pro-pulsion very efficiently, as much as 10 times more efficiently than chemical propulsion systems presently used on spacecraft.

There are two types of ion thrusters that have been used for on-orbit station-keeping: gridded ion and Hall thrusters. Hall thrusters are the preferred electric

thruster technology for orbit-raising, however, due to their higher thrust to power compared to gridded ion thrust-ers.

Recently, the U.S. military experi-enced the advantages of electric propul-sion. After being launched in August 2010, the first Advanced EHF space-craft suffered a serious setback when the spacecraft’s main propulsion subsystem failed. The Lockheed Martin lead team saved the $2 billion military commu-nications satellite by utilizing the Hall thrusters on-board to complete the push to GEO.

There are two U.S. companies that produce Hall thrusters: Buseak Co. and Aerojet, a GenCorp Inc. company. The first U.S. Hall thruster to be operational on-orbit was launched in November 2006 on the Air Force TacSat-2 spacecraft using a Busek Co. BHT-200 thruster.

The Hall thruster that saved AEHF from loss was manufactured by Aerojet under the designation BPT-4000, which stands for Busek-Primex Thruster. Aero-jet manufactures the device under a technology license to Busek Co.

Provided by W. Dan Williams, direc-tor of business development, and Bruce Pote, director of Hall thrusters, for Busek Co. Inc., Natick, Mass..

Spacecraft Savings with Electric Propulsion

6 | MIT 17.4 www.MIT-kmi.com

to replace synthesized up- and down-con-verters with block converters that provide higher reliability at lower cost.

Long term, this pays dividends as well, Shroyer explained. “As future modems are incorporated, the use of L-Band IF modems eliminates all need for more costly and complex synthesized converters. Monitor and control [M&C] systems are another area where significant enhancements are being seen. Modern M&C systems are cost-effective for even small terminals, and can provide features like uplink power control and flexible reconfiguration at no additional expense.

“Higher effective isotropic radiated power and better G/T on modern satellite transponders permit the use of higher orders of modulation on the modem

systems, and this results in better overall efficiency—more bits in the same or less transponder power and bandwidth,” he continued. “It is now fairly easy to see how upgrading to a true state-of-the-art modem can provide pay-back in two months or less, with future space segment savings resulting in continued lower costs per bit.”

Other cost benefits will naturally accrue from the inherent nature of the new SAT-COM systems being used, Shroyer said. “As higher satellite frequency bands are used, like modern Ka-band satellites, higher orders of modulation can be used with adaptive modulation to dynamically fit the most bits possible into the links.” Sophisti-cated VSAT systems take advantage of these adaptive modulation techniques, but there

are many links still on the air that do not incorporate those features.

“The biggest use of satellite transpon-ders all over the world is video. Even DoD transmits a large amount of real-time video from various sources. Modern video compression systems and modula-tion approaches, like DVB-S2, can provide more video with fewer bits and less tran-sponder power and bandwidth. Use of these upgraded technologies is being considered by large video users, but legacy systems are difficult to displace,” he said. O

For more information, contact MIT Editor Harrison Donnelly at [email protected]

or search our online archives for related stories at www.mit-kmi.com.

The Low Cost Terminal (LCT) program developed jointly with TeleCommuni-cation Systems (TCS), Lockheed Martin and Northrop Grumman seeks to produce highly affordable satellite terminals for pro-tected communications on the move and at the halt, addressing the military’s need for lower cost technologies and systems to enable protected and secure communica-tions for tactical warfighters in theater.

The three companies are operating under a collaborative agreement for TCS to manufacture, market and sell LCT products under license from Northrop Grumman and Lockheed Martin.

The LCT solution takes advantage of Northrop Grumman’s and Lockheed Martin’s proven knowledge and engineer-ing experience in protected military sat-ellite communications through Milstar and Advanced Extremely High Frequency (AEHF) anti-jam satellites. In addition, it builds on TCS’ highly secure, deployable satellite communications systems, based on a modular architecture with plug-and-play interfaces and integrated logistics support.

As the next generation of AEHF satel-lites launches, the LCT solution will allow warfighters to quickly and affordably take full advantage of the satellites’ improved capability and expanded capacity.

Developed entirely with company investment, the LCT solution includes

two variants of equipment: a Protected Communica-tions on the Move (P-COTM) terminal and a Protected SIPRNet/NIPRNet Access Point (P-SNAP) terminal for communications at the halt.

Developed jointly by Northrop Grumman and Lockheed Martin, the base-line P-COTM terminal is interoperable with Milstar and AEHF systems currently in orbit. Electronics transmit at 256 Kbps and receive at 1.544 Mbps, with an uplink performance of 256 Kbps in rain or jam-ming environments.

The solution achieves affordability by leveraging existing designs, technology and government and commercial investments while implementing commercial best prac-tices for procurement and production. The hardware and software are extensible to other form factor terminals, such as small, fixed terminals that can be packed in transit cases, shipboard terminals for small deck ships, and low-cost airborne terminals for unmanned aerial vehicles and piloted air-craft.

Developed in collaboration with Northrop Grumman and Lockheed Mar-tin, P-SNAP incorporates both SNAP and P-COTM components. It is significantly smaller and lighter than currently available

protected communication alternatives, and the com-plete system comes pack-aged in three transit cases. Two people can easily set up the system within 30 min-utes.

All three companies are currently operating under the terms of a collabora-tion agreement. Northrop Grumman and Lockheed Martin shared costs equally

in the development of the P-COTM, and TCS funded the P-SNAP development. TCS leads the integration, manufacturing, customer support and marketing/sales of the terminals. All three members contrib-ute to the product line extensions, which could potentially be expanded to include airborne, shipborne and portable configu-rations.

“Given the current budget environment today and in the foreseeable future, the LCT solution is a prime example of how the private sector has utilized their own inde-pendent research and development funds to deliver affordable SATCOM systems to DoD,” said Al Green, vice president, busi-ness development, TCS Government Solu-tions Group. “The LCT employs advanced, production-ready technologies that enable SATCOM further down the chain than what is currently occurring.”

Al Green

Collaboration for Affordability

[email protected]

MIT 17.4 | 7www.MIT-kmi.com

Tabbed since last year as the “enterprise cloud service broker” for the Department of Defense, the Defense Information Systems Agency (DISA) is joining with the private sec-tor in pondering the mission and strategies of these vital intermediaries between providers of cloud computing services and those who need them.

The activity in this field comes as both government and industry increasingly recog-nize that cloud computing and cloud services offer unprecedented opportunities for cost savings, enhanced information sharing and mission effectiveness. As a result, the num-ber, type and capability of cloud computing services are rapidly expanding, and their adop-tion is accelerating.

Setting up cloud services with third-party assistance, or cloud service brokers, is becom-ing increasingly common both within pri-vate industry and the federal government. IT research firm Gartner predicts that within a couple of years, most cloud computing customers will rely on a broker to handle a diverse range of services internally or exter-nally. That’s because the ever-increasing demand for cloud services and their proper delivery requires organizations to have a firm grasp on provisioning, integration, migration, application programming interfaces, support, billing and security among other functions.

Military and other federal agencies have been eyeing the benefits and challenges of cloud computing at least since the Obama administration released its cloud comput-ing strategy in 2011. The report estimated that $20 billion of the federal government’s $80 billion in annual IT spending could be a potential target for migration to cloud com-puting solutions. It also outlined a “Cloud First” initiative to couple with a “Shared First” policy aimed at shifting the government to leveraging technology, procurement, and best practices across the whole government, and building on existing investments rather than re-inventing the wheel.

According to Kevin Jackson, vice presi-dent and general manager at NJVC and a

prominent advocate of cloud computing, the new big-data approach for processing, deliv-ering and consuming information via cloud computing is also revolutionizing the mili-tary and intelligence approach to information technology. “From a policy point of view, the Cloud First, Shared First and data center consolidation directives are dramatically reshaping the military IT environment,” he commented.

The concept of cloud comput-ing in the military is escalating because of its advantages for basic or specialty services, observed Steve Crawford, vice president of market-ing and business development for cloud services broker Jamcracker.

“It’s a much more economic delivery model than buying soft-ware, learning how to operate and support that software yourself, then rolling it out,” he said. “What it means is there are good solutions out there, but you don’t have to pay an arm and a leg for them.”

mIssIon resIlIency

DoD is already rolling out cloud implementations. The Defense Advanced Research Proj-ects Agency (DARPA), for example, has adopted cloud computing tech-nology and provided a sophisticated level of cybersecurity around a virtual cloud platform, according to Joe Brown, president of Accelera, a virtualization solutions provider. “I am very encouraged by their effort. They could not have done this in the old world of computing that focuses on physical infrastructure.”

DARPA has spearheaded an initiative called Mission-oriented Resilient Clouds, which aims to develop cloud services that would continue to operate and support mili-tary functioning despite being hit by a cyber-attack. The effort involves exploring the use of providing redundant hosts, correlating attack information from across the ensemble, and

providing for diversity across the network. This would, in essence, turn the cloud’s net-working capabilities into a security tool.

“The fact there is extensive research going on to support future architectures, with those architectures being the cloud, speaks volumes

as to how much weight cloud computing has in the future,” commented Brown.

Nevertheless, there are many aspects that still need to be considered in DoD’s adoption of those services, according to Julie Mintz, DoD enter-prise cloud service broker project manager at DISA.

One of those aspects will be the ability to inte-grate smoothly multiple clouds and with existing networks, applications and systems operating at different classification lev-els, observed Pat Motola, chief executive officer of BlueSpace Federal. “The DoD computing environ-ment is incredibly com-plex, and will be a hybrid of cloud, legacy and mis-sion specific tactical archi-

tectures operating at different classification levels. Embracing innovative and flexible inte-gration strategies will be key to adoption and achieving the potential of cloud computing within DoD.”

Both DISA and the General Services Administration (GSA) put out requests for information (RFIs) last fall asking for feedback on the role of industry and government in the cloud computing concept, and what it takes to be a cloud service broker.

“There are similarities in the RFIs, but with DISA being more focused on the security aspects of what it takes to run a cloud broker,” commented Crawford.

Greg Mullin

Steve Crawford

By Karen e. thuermer, mIt correspondent

as offIcIal dod cloud servIce BroKer, dIsa Is ponderIng the mIssIon of these vItal IntermedIarIes Between provIders and users.

Cloud Brokerage

[email protected]


A number of companies have responded to the RFI.

“Companies exist today that already provide similar services to commercial customers, so the ques-tion becomes how do you build those lessons learned into the cloud comput-ing services that DISA offers the military,” remarked Greg Mullin, director of public sector for Cloud Sherpas. “Private firms could assist with services that range from assessment and advisory, to on-boarding and exit, from project-based implementation and integration, to ongoing support and enhancement of cloud services.”

One of the companies that responded to the RFI is Lockheed Martin, which has been providing broker-ing services to government customers for several years, including the U.S. Mint and NASA Jet Propulsion Labora-tory. They began developing their Full Life Cycle Cloud Broker process in response to customer requirements to leverage both public and private clouds. A key element of their process is the Cloud Suitability Matrix, which helps users select the appropriate computing environ-ment based on security, privacy, performance and other requirements.

In designating DISA as cloud broker last year, DoD Chief Information Officer Teri M. Takai predicted that having an enterprise cloud broker “will enable the depart-ment to best leverage cloud services to increase secure information sharing and collaboration, enhance mission effectiveness, and decrease costs.

“As the DoD Enterprise Cloud Service Broker, DISA is tasked with making it easier, safer and more productive to navigate, integrate, consume, extend and maintain cloud services, within the department, from other federal and commercial cloud service providers,” Takai wrote.

One of the reasons DISA was designated the official DoD cloud service broker, Mintz suggested, was to gain efficiencies by having a single organization focused on the effort, rather than having duplicative efforts across the department.

“This activity is in line with DISA’s mission of pro-viding, operating and assuring command and control, information sharing capabilities, and a globally accessible enterprise information infrastructure in direct support to joint warfighters, national level leaders, and other mission and coalition partners across the full spectrum of opera-tions,” she stated.

sIngle entry poInt

As cloud service broker, DISA is the single entry point for DoD components’ requests for cloud services.

“DISA has dedicated subject matter experts who are able to work issues on behalf of the department, rather than each organization duplicating effort,” Mintz said. “DoD programs are then able to focus on their unique mission, rather than needing to address broad informa-tion assurance and contracting issues.”

In a multiple cloud service provider environment, it’s natural for DISA to take the lead in helping DoD manage its cloud services IT supply chain, Jackson observed.

“We saw the same thing happen with global tele-communications,” he said. “Private firms will play the same role that they always have by providing the needed technical and operational infrastructure under DoD man-agement.”

For now, DISA is examining what role it will play in cloud computing and as a cloud service broker.

“They are concerned and have accepted the fact that the [current computing environment] will not be able to provide the vast number of services that their customer community will want to consume by themselves at a price point that is reasonable,” Brown said. “They believe they will have to make changes to what they have been in past. Due to the complexities that the agencies would normally have to go through to be able to secure a cloud computing provider, I believe there is a lot of value in this.”

DISA Ready for cloud Broker Mission

The Defense Information Systems Agency has achieved initial operational capability (IOC) in its mission as the cloud broker

for the Department of Defense.Reaching IOC means the agency has the framework in place for

executing this mission. To date, DISA has established a process for gathering and assessing mission partner requirements, evaluation criteria for service

offerings to include recommended contract requirements, criteria for matching mission partner requirements to the appropriate offerings, an enterprise cloud service

catalog, and a cloud security model.Leveraging the cloud security model, DISA has performed cybersecurity assessments

of the two commercial cloud services that have been granted Federal Risk and Authorization Management Program Joint Authorization Board Provisional Authorizations, and continues

to conduct security assessments to expand alternatives for future cloud service offerings.An important element of the cloud broker effort is to facilitate contracting and

acquisition by developing model contract language that supports implementation of the cloud security model and appropriate use of commercial cloud services.

This work is ongoing and will make it easier for mission partners to ensure they have considered all the appropriate areas when they contract for

cloud services. In the coming months, DISA officials plan to evolve and further

automate the cloud service request process, incorporate new offerings into the service catalog, and enhance the

security model in order to further accommodate mission partner requirements.


DISA released its RFI last August, seek-ing industry feedback on available business models and/or deployment solutions to facili-tate the agency’s ability to perform cloud broker functions to achieve IT improvements. The RFI invited industry to submit infor-mation, comments, capabilities and recom-mendations for potential development and implementation of acquisition vehicles and corresponding business models to facilitate the brokerage function.

“By becoming a cloud broker, DISA can validate cloud service providers and the secu-rity model they have, and broker the relation-ship between the user and the cloud service provider. I believe that is the appropriate role for DISA,” Brown said. “They are both a stan-dards and service organization. What better group to introduce computer cloud services?”

“DISA has already introduced pay-for-use business models, which can help lower costs and provide users with more direct control over their costs than traditional IT models,” observed Motola. “Billing systems can be a nightmare. The key with the cloud is to keep these simple. No one wants to get surprised with a bill that looks like a cell phone bill.”

To support the matching of customers’ requests with appropriate offerings, DISA called for a security model with appropriate standards, identification of appropriate terms and conditions, review of the Federal Risk and Authorization Management Program pro-visional authorizations for services of inter-est to DoD customers, and coordination of reporting and incident handling.

servIce aggregator

NJVC’s Jackson defines brokers as inter-mediaries between buyers and sellers of cloud services.

“For example, a buyer may go to a single broker to buy virtual machines from three different providers,” Jackson explained. “The broker’s bulk buying power may also reduce the cost of consuming individual services. If you buy many cloud services, then brokers can make your job a lot easier because you only need to deal with one seller for every-thing you buy.”

Crawford refers to cloud service brokers as being akin to a supermarket. “It used to be that to buy dry goods, you’d go to a dry goods store, or for meat, to a butcher,” he said. “As any market matures, you start to see aggrega-tors come into play.”

Today, cloud services are in that same stage of growth. “You, as the consumer, don’t

have time to go buy services from 15 or so cloud providers,” he commented. “So you go to an aggregator, or a cloud service broker. It’s the same concept.”

As cloud services increase in both quan-tity and complexity, brokers will become increasingly important to enterprises that need to efficiently manage their IT supply chain. In fact, Crawford contends that cloud computing will be the next level for COTS products.

Jackson stressed that a value-added bro-ker may also do more than aggregate and resell services. “They may also offer shared services such as a single sign-on, or pro-vider-to-provider migration services,” he said. “Cloud services brokers are really the systems integrators of the cloud computing age.”

In other words, cloud service brokers are one-stop shops for acquisition, deployment and management of cloud technology.

“Without it, you might need four or five vendors to complete a cloud migration or modernization project,” said Mullin.

“Cloud Sherpas, for example, is an aggre-gator because we have a curated portfolio of offerings built on products like Google Apps, Salesforce and ServiceNow. We also have deep experience in integration and customization for these platforms that has allowed us to be recognized as a two-time Google enterprise partner of the year for Google Apps, a plati-num salesforce.com partner and the first Ser-viceNow partner to reach preferred partner status globally.”

Overall, Mullin maintained, many of the challenges between industry and the military are actually very similar.

“And the military is starting to benefit from technologies that were initially created with consumers in mind,” he said. “Think about how important it is for families to stay in touch with servicemembers on deploy-ment. Have cloud computing and consumer technology like instant messaging and video chat already had an impact on the military? I think so.”

Executives at Cloud Sherpas have found that the first benefit its customers typically find is efficiency in the form of hard dollar cost savings. “Money savings is easy to quan-tify and track, and every dollar saved is a dol-lar that can be put back towards the agency’s mission and warfighter support,” Mullin said.

Being able to use cloud computing strate-gies to be more innovative and agile will have an impact on the military as well.

“Innovation can even trump cost savings because it pays dividends two ways—not only

do you get to take advantage of new features that get released by the cloud provider, but you can also find new ways to communicate and interact together,” Mullin added.

securIty challenges

Despite the federal government’s focus today on budget cuts and cost savings, secu-rity remains the predominant issue within the military when discussing cloud comput-ing and cloud service brokerage.

“We are having many discussions with military organizations that are looking at the cloud. Many are challenged with their security posture,” Brown stated, adding that most look at the cloud as a place to provide commodity-type services to the user commu-nity, such as email and unclassified websites.

“Beyond that, there is not a lot of accep-tance for more sensitive services to be moved there,” he said. “The big challenge for the military is the tendency to want to protect information not only from commercial cus-tomers or other foreign governments, but also from sharing data across various orga-nizational boundaries. The unique nature of their security requirements forces them to move to the extreme—the most secure environment. This eliminates their ability to harness the economic structure that the cloud brings to them.”

But DISA’s position as a cloud service broker may open up an outlet for many DoD organizations to move more sensitive applica-tions and services to cloud service providers outside their firewall, Brown said.

Consequently, he contended, DoD will have to have its own cloud, a DoD community cloud, with the ability to segment user popu-lations onto non-shared, dedicated resources to support security requirements in the short term.

“They have big privacy and security concerns that they cannot overcome eas-ily,” Brown added. “So a community-based cloud—a group of like-minded organizations that have similar constraints around security and the way they do business—would be a perfect way to go.”

New technologies will also be the key to working securely with sensitive data within and across cloud environments. “We are seeing next-generation trusted workstations capable of securely accessing different clas-sification levels on a single display, smart-data initiatives that tag data to provide secure and flexible access, and new multi-domain application architectures that leverage cloud




services,” noted Motola. “These technologies can simplify certification and provide the flexibility to work with sensitive information securely within cloud architectures.”

While Amazon, Google, Salesforce and other cloud computing companies focus on delivering advanced cloud services and tech-nologies, cloud service brokers have come a long way when dealing with barriers to adop-tion of cloud technology. A number of them are working hard to apply cloud services and technologies to the unique DoD mission.

Lockheed Martin, for example, has designed its solution to help DoD meet mis-sion and security requirements. The company uses what it calls Intelligence-Driven Defense and the Cyber Kill Chain to protect the broker service and its customers from the continu-ous, persistent and aggressive threats they face on a daily basis. Company executives say their experience and leadership in cloud security help customers feel more comfort-able moving their critical applications into the cloud.

“The goal is to deliver the economic and operational value of cloud computing to our global military forces,” Jackson said.

Security is always a primary focus, but mission agility is a very close second. It is also important to understand when and where cloud computing is appropriate. “Cloud is not a panacea and should not be used for all things,” he said.

Mullin concurs. “It helps to recognize that these projects aren’t about technology change, but rather about serving the mili-tary’s mission,” he observed. “People may want new tools and capabilities like ‘bring your own device,’ but they also want to know they can stay productive using the tools they have.”

Those in the business can help in answer-ing the questions that arise, he said. “Many of the unique challenges that must be over-come in order for the military to adopt cloud computing, for example compliance with fed-eral or DoD-specific requirements, have been addressed in the past by integrated project teams consisting of private-sector companies, public-sector contractors and government employees.”

InnovatIon on top of InnovatIon

The ranks of companies in the cloud business are growing rapidly. “Jamcracker is based in Silicon Valley, and we see start-ups every day,” commented Crawford. “Ninety percent of all startups happening here are in

cloud computing, with most building their cloud services on top of other cloud services.”

Organizations across the globe are embracing cloud solutions like Google Apps, Salesforce and ServiceNow to streamline IT, reduce costs and to improve the efficiency, effectiveness and mobility of the workforce.

“It means innovation is happening on top of innovation,” Crawford added. “And it means people in government agencies now have the tools to create innovative solutions to government or defense problems, just like we are seeing in industry.”

Agency and department IT infrastruc-tures that have traditionally operated under customized platforms will meld together over time, Jackson predicted.

“Although the [old model] may have been effective in meeting mission needs, this approach is not economically sustainable,” Jackson stated. “Cloud computing represents the initial transitions towards an assembly-line approach for IT. Like when Henry Ford applied standardization and interoperability to the automobile industry, cloud comput-ing will bring standardization and interoper-ability to the IT world. This will reduce cost, improve performance and deliver sustainable efficiency across global IT platforms.”

Crawford is convinced that the world of IT and computing is heading toward a renais-sance. “We will one day look back on how we traditionally think of IT today and think of it as the Stone Age,” he said.

dIfferent perspectIve on cloud BroKers

While cloud brokers contend that they offer ample expertise to assist the Defense Information Systems Agency (DISA) and General Services Administration (GSA) in determining their cloud computing and cloud services needs, Diana Gowen, senior vice president and general manager for Cen-turyLink, sees things differently.

For one, she believes communications and IT companies that have been around for some time and are well established in their relationships with government buyers are well poised to play that role. “We cloud service providers have the ability and tools to help government customers navigate the complexity of cloud services and configure the appropriate service components,” Gowen said.

CenturyLink, for example, has an entire ecosystem capable of performing workload configurations such as disaster recovery, stor-

age, application performance and develop-ment tools. “These are all an inherent part of cloud products,” she noted.

Gowen is also critical about the govern-ment’s potential use of third-party cloud brokers as consultants in its request for information, particularly when some of these same companies might be bidding on the same work. She contends that a new group of cloud brokerage firms have sprung up specifi-cally to play that role.

“Someone looked and thought: Wow, gov-ernment agencies and commercial customers will have a hard time figuring out this cloud stuff,” she remarked. “This is a niche there where we can profit from helping them.”

The more important questions, she sug-gested, are what role should a cloud broker play, and what value do they add?

While acknowledging that cloud brokers may have some value, Gowen argues that the staff within DISA itself has the skill sets to understand cloud computing concepts, since the agency has been running data centers and has been at the forefront of developing cloud-like technologies for some years. “I don’t think they need to hire a cloud broker or a systems integrator to do this work for them,” she said.

From her perspective, DISA and GSA should move forward and put out a request for proposals, so that a cadre of cloud service providers that are already vetted and under contract with GSA are made available to military and civilian agencies as they move forward into cloud computing. Or DISA could opt for its own cadre of cloud service provid-ers, and then it would just need to get the procurement underway, similar to what GSA had already done.

The need for data storage is dramatically increasing, thereby leading to the call for cloud storage, as data that is not mission-critical could be outsourced, she said. “I think DISA understands this. I also think that DISA will work with departments to figure out how to consolidate cloud services at the enterprise level and how agencies can negotiate the best usage rates across the enterprise.”

However, military departments have immediate needs and if DISA doesn’t provide the resources, the military departments will be forced to act on their own, Gowen added. O


As the military continues its slow but steady march toward the world of everything over IP, a major issue for network designers has been what to do about the huge existing investment in equipment and systems that use earlier generations of networking methodologies.

From the automated testing and patching system on a still-flying Cold War communications platform to the telemet-ric systems tracking missile launches, these serial and circuit-based networks are continuing to fulfill their missions, and represent billions of dollars in accumulated capital. Yet they are unable to com-municate directly across the new networks that are transforming military operations, and in particular the fiber optic backbone of the Global Information Grid (GIG) established by the Defense Information Systems Agency (DISA).

In response to this dilemma, a number of com-panies have entered the military market offering gateway systems, developed over the past 15 years to address similar issues facing the telecommu-nications and other industries, that are designed to bridge the gap between serial and circuit-based applications and packet-based IP networks.

With products from companies such as Cornet Technology, Juniper Networks and RT Logic, users can combine serial data and voice streams into IP packets, send them seamlessly and with very little latency over an IP network, and then have the infor-mation translated back at the other end into the legacy application.

Ed Siira, vice president of sales for Cornet Technology, described the dilemma this way: “The problem for the military and government is that they have a huge legacy network that has been built up over many years. It covers every ship, airplane and vehicle, and as much as we might like to, we can’t wave a wand and change it overnight.”

Another major factor, he noted, is that DISA has made a tre-mendous investment in a pure optical network, the GIG-Bandwidth Expansion (BE). Each part of the military pays a percentage as overhead to support the GIG-BE, even if it’s not using the network.

“Today, you often have two networks overlaid on each other—the GIG-BE, a pure optical network, which was costly to develop and deploy, and a legacy T-1/E-1 network connecting to it. The user has to pay for every line used on that network, as well as overhead on the GIG-BE. So agencies using T-1/E-1 lines as well as the GIG-BE, they’re wasting money to the degree that they are not using the GIG-BE,” Siira said.

At the same time, it’s not feasible to convert the legacy applications to IP compatibility, noted Jim Kelly, product line manager for Juniper Networks. “The issue is that they are trying to evolve their networks from legacy TDM [time-division multiplexing] and point-to-point networks, and to figure out how to take that technology and transition those legacy networks to an all IP and MPLS network.

“You can go to every end application and make it IP aware, but that’s really cost-prohibitive,” Kelly continued. “That’s a challenge for any organization, especially one as large as the U.S. military, to be able to go to every end application. They’re able to take this technology and transition to an IP/MPLS network without going to every end device in the world that they manage and making it aware of IP.”

To be sure, the gateways are an explicitly transi-tional type of product, which will no longer be needed once the legacy systems are gone. “This is a product that will eventually reach end of life, as the other

systems migrate eventually to IP and obsolescence takes its toll. But this provides a bridge and lets them not have to touch the end points. They already have the big piece in the middle, the GIG-BE,

Ed Siira

mIlItary looKs to devIces desIgned to BrIdge the gap Between serIal and cIrcuIt-Based applIcatIons and pacKet-Based Ip networKs.

Jim Kelly

By harrIson donnelly

mIt edItor

[email protected]

[email protected]


so they just need these tiny pieces at either end to make the jump,” said Siira.

But the investment is worth it, manufacturers say. “Being able to use an IP access gateway to preserve your current investment and how you do things today, yet still take advantage of an IP network, is a good thing,” said Joe Merritt, director of strategic business develop-ment for RTLogic, a Kratos company.

InteroperaBIlIty testIng

While all addressing the goal of linking serial and circuit-based legacy systems to packet-based IP networks, the gateway products on the market reflect a variety of technological approaches.

Cornet Technology’s entry, the IPGate-AC and IPGate-AC HD family of serial-to-packet transport and migration solutions, has been tested and certified by the DISA Joint Interoperability Test Command (JITC) for both system interoperability and security. By passing JITC testing, Cornet Technology’s IPGate serial-to-packet solutions offer industry technologically advanced appliances that use the latest emulation technology to encapsulate the TDM traffic into packets as it enters the network and restoring them at the exit point suitable for use on military networks.

IPGate-AC solutions fulfill desired feature requests by offering near-continuous operation through total system redundancy, includ-ing controller, power supply and power input. The appliance never has to be turned off to replace or add cards or rebooted to upgrade soft-ware configurations. To satisfy monitoring and testing requirements of the legacy interfaces, the IPGate-AC offers both circuit monitoring and testing along with detailed statistics for the IP portion of the network.

The IPGate-AC also offers any-to-any connectivity anywhere on the network where there is an IPGate-AC appliance through a drag-and-drop approach via IntelView, Cornet Technology’s network management product.

The products are currently being installed on the Air Force E4B-National Airborne Operations Center, an aircraft that provides a highly survivable C3 center to direct U.S. forces, execute emergency war orders and coordinate actions by civil authorities. The IPGates, which take up a third of the space of the previous equipment, offer a modern, highly redundant communication solution that fulfills SWaP requirements by freeing up space for additional equipment, reducing power requirements and weight by going all fiber.

In addition, the Army is planning to use IPGates when it upgrades the infrastructures of seven Standardized Tactical Entry Points SAT-COM antenna sites.

The Navy is deploying IPGate-AC for fixed site applications sup-port Secure Radio Over IP.

The military is paying close attention to the interoperability of these gateways and planning further interoperability testing, according to executives. “The military is looking to see what it can do to create a multi-vendor environment. They want to guarantee that they’re not stuck with a single vendor, because competition means lower costs. They are currently in the early stages of doing interoperability testing between us and others,” Siira said.

Juniper offers the CTP series circuit-to-packet platforms, which enable customers to connect circuit-based applications easily and reliably across the IP network. The products, which range from low-end units designed for the network edge to high-end products for the network core, are designed for government agencies, enterprises and service providers running circuit-based applications.

Kelly summed up the CTP approach this way: “It takes the legacy serial and TDM interfaces, puts the data across an IP network, and manages the connection across the network. In IP, everything is packetized, so what this technology is doing is making sure it acts like a wire across the IP network, so that the end applications that are out there have no idea that they are going across an IP network.

“The challenge is that it’s not just that technology, or the ability to turn the legacy into IP. It’s really about the network itself,” Kelly said. “The thing that is unique about Juniper’s approach is that we don’t just provide the IP routing or switching in the network. Juniper focuses on security, switching and routing, and we’re able to take the legacy traffic across the IP network. We understand IP really well, and to be able to take this legacy traffic and understand it well over an IP network gives us an advantage over our competitors.”

transparent delIvery

RT Logic’s product entry, ioPLEX, powers transparent delivery of critical data circuits and services over packet-switched networks via industry-standard pseudowire emulation end-to-end encapsulation.

That approach has found a home in the missile launch commu-nity, where the Department of Defense, NOAA and NASA share a com-mon problem, Merritt explained.

“Since the early 1960s, as they have deployed systems for satellite launches, communications and other systems that gather telemetry sensor information, for example off of UAVs, they have used the tech-nology that was available at the time. That technology centered around serial and analog interfaces, which served well because it allowed them to handle data and clock,” he said.

“They used the information in the analysis and operation of their terminals, and over a period of decades, they bought billions of dol-lars worth of gear, which is still supporting missions today,” Merritt continued. “As technology has improved and delivered systems beyond TDM, which is what they used at the time for moving data across the network, they then moved to asynchronous transfer mode, and now to an IP-based core.

“They need a way to be able to take advantage of current invest-ments in the network, such as the GIG-BE, and other changes, such as the intelligence community moving to an IP/MPLS backbone, and not have to spend billions more to replace the end terminals,” he said.

The pseudowire standard is used across the DoD range community in collecting telemetry data, as well as for all DoD satellite launches. O

Cornet Technology’s entry, the IPGate-AC and IPGate-AC HD family of serial-to-packet transport and migration solutions, has been tested and certified for both system interoperability and security. [Photo courtesy of Cornet Technology]

For more information, contact MIT Editor Harrison Donnelly at [email protected] or search our online archives

for related stories at www.mit-kmi.com.


Shipboard System Replaces

Peripherals

Sabtech, which designs, manufactures and supports tactical data communica-tions solutions for military and government agencies, has announced that its Shipboard Peripheral Replacement System (SPRS) for the Navy has received its official nomen-clature: OJ-839(V)/U. Giving SPRS an offi-cial nomenclature indicates that the system is unique from systems in the existing U.S. inventory. As part of the Navy’s Aegis midlife extension program, the SPRS will replace existing legacy peripherals for the Shipboard Gridlock System, Gun Weapon System and Vertical Launching System. Sabtech’s SPRS will be installed on 22 Aegis destroyers by fiscal year 2018. SPRS replaces legacy peripheral (data storage) equipment that is difficult and expensive to maintain. It combines the advantages of modern off-the-shelf technology with a robust mechanical design that allows it to meet the environmental specifications required for naval shipboard applications. The SPRS is configured to achieve the right balance of cost and ruggedization. With an intuitive graphical user interface, SPRS operates exactly like the peripheral device being replaced, so no program changes are required on the host computer.

Mobile Device Rollout Separates Personal and Official Data

Good Technology, a provider of secure enterprise mobility, has announced support for the Air Force mobile device rollout, deploying an initial operational capability based on Good for Enterprise, which allows airmen to access their personal applications, while keeping official Air Force data separate and secure using a container approach. With this approach, Air Force personnel can comply with all Department of Defense guidelines for mobile device security, while using the Apple operating system and Android tools to access email, calendar, contacts, documents and certain applications. This step is part of a multi-phased program to ramp up Air Force mobile capabilities, and is focused on delivering approximately 10,000 devices, including smartphones and tablets. During the initial phase, which took place over the past year, Good Technology supported the Air Force Space Command’s mobile solutions for smartphone and tablet program. Official data is encrypted and secured at all times, even when the device is used

for personal applications.

Air Force Seeks Upgrade for Joint Force C2 SystemLockheed Martin is upgrading the command and control system that

allows joint force air component commanders to deploy air assets, execute air tasking orders and synchronize management of air operations. The Air Force selected Lockheed Martin to modernize the air tasking order capabili-ties within the Theater Battle Management Core System (TBMCS). As the “engine of the Air Operations Center,” TBMCS directs flying operations for all airborne assets, including fighters, bombers, tankers, unmanned aerial vehicles, helicopters and cruise missiles. This Air Tasking Order Management System (ATOMS) delivery order was awarded under the Command and Control Applications and Information Services Development contract, a five-year, $249 million, multiple-award indefinite delivery/indefinite quan-tity program. This ATOMS order is valued at $12 million, with a base period of performance through March 2015, followed by three one-year options. Under this contract, Lockheed Martin will update the software that drives air tasking capabilities that combined air component commanders use to plan, organize and direct joint U.S. air operations. An updated command and control air operations applications suite will allow warfighters to perform

mission planning and re-planning quickly and efficiently within a fully net-centric environment, with significant improvement over legacy applications.

Photo courtesy of U.S. Air Force

Web Signature Solution Speeds Document Processing

Carahsoft Technology Corp., a government IT solutions provider, has announced the addition of Adobe EchoSign, a web-based eSignature and web contracting automation solution, to its General Services Administration schedule. A key component of Adobe’s document solutions platform, Adobe EchoSign provides government agencies and the citizens they serve with a simple, secure and compliant option for sending, tracking and signing documents. By reducing the time and costs of having documents signed with traditional methods, such as fax, overnight envelopes or in-person signings, the Adobe EchoSign solution can enable agencies to significantly accelerate digital document processing, improve tracking, and centralize the management of signed agreements through a simple to use cloud service. Adobe EchoSign is integrated seamlessly into the new release of Adobe Acrobat XI, enabling electronic signing and sending of documents directly from the Acrobat interface. EchoSign is additionally integrated with Adobe Reader XI, making the eSignature capabilities available to millions of Reader users.


Data ByteS

Contract Covers Voice, Data, Converged and Telecom Services

The General Services Administration (GSA) has awarded Level 3 Communications a multiple-year competitive contract known as GSA Region 4 Integrated Telecommunications Services II, which allows Level 3 to bid on and provide commu-nications services to all federal agencies and organizations authorized to use GSA sources of supply and services in the region. The fixed price with economic price adjustment contract has a total estimated potential value of up to approximately $285 million, which includes the four-year base term with

six additional option years. Level 3 was named as a provider in all four categories, including voice, data, converged services and other wired telecom services, allowing it to bid on business issued by all federal government agencies and organizations within the Southeast Sunbelt Region, where GSA supports over 2,000 civilian, defense and intelligence federal agencies. The states in GSA Region 4’s Southeast Sunbelt Region are Alabama, Florida, Georgia, Kentucky, Mississippi, North Carolina, South Carolina and Tennessee.

Launch Completes Near-Global X-Band

Coverage

Astrium will soon be able to offer near-global coverage in X-band with the successful entry into service of Skynet 5D and the launch of its hosted payload on Telesat’s Anik G1 satellite. According to company executives, it is now the only oper-ator in the world providing near-global coverage reserved exclusively for government and military usage. Astrium Services has a 15-year contract with Telesat for the exclusive use of the X-Band hosted payload. The Anik G1 satellite launched in April from Baikonur is due to be positioned at 107.3 degrees West. It will provide the first commercial X-band coverage across North and Latin America, with substantial coverage of the Pacific Ocean reaching out to Hawaii and Easter Island. Earlier, Astrium successfully brought its Skynet 5D satellite into service following its launch on an Ariane 5 in December 2012. It has been positioned over the Middle East at 53 degrees East—taking the place of Skynet 5B—becoming Astrium Services’ most active MILSATCOM satellite. Its larger fuel tanks will enable it to be repositioned more frequently to meet operational needs. The Skynet fleet now comprises eight satellites: Skynet 5A, 5B, 5C and 5D, combined with three Skynet 4 satellites (C, E and F) and one NATO IV satellite. The 10 UHF channels on Skynet 5D have already been fully sold to customers that include Harris CapRock and the Netherlands defense ministry.

Programmable Switch Boosts Network Agility Juniper Networks has unveiled three new products designed to boost

business agility and simplify network management. Many enterprises use single purpose legacy infrastructures, built in silos and defined by their loca-tion in the enterprise, that can’t keep pace with rapid changes in compute, storage and application requirements and often inhibit service delivery. In order to maximize delivery and availability of next-generation cloud services, server virtualization and rich media applications, Juniper introduces a new agile, “programmable” network. This will enable network operators to respond to busi-ness changes and monitor and react to how the network meets application service level agreement requirements. The new EX9200 Programmable Switch enables accelerated

response to changing business needs, while its built-in ability to support a virtual WLAN controller, the JunosV Wireless LAN Controller, will deliver high levels of reliability and flexibility across the enterprise to lower capital expense.

The Junos Space Network Director provides a single-pane-of-glass network management solu-tion for wired and wireless LANs and data centers, consolidating multiple management tools to simplify network operations and deliver a comprehensive advanced platform that prepares enter-prises for tomorrow’s applica-tions, services and workload demands.

Cybersecurity Group Receives Air Force License

Kratos Defense & Security Solutions has announced that Kratos SecureInfo, the company’s dedicated business group of cybersecurity experts, has been awarded a license as a Special Agent of the Certifying Authority from Air Force Space Command. Kratos SecureInfo will leverage its satellite and cybersecurity subject matter expertise to provide comprehensive information security assessments in support of space systems. Kratos SecureInfo will serve as an independent and trusted agent, conduct system security assessments, and make certification determination recommendations to the Space Certifying Authority in direct support of program managers and system owners. Recently, Kratos SecureInfo also introduced its new SATCOM Cybersecurity Assessment service, which addresses the increasing threats and unique requirements for the commercial satellite industry. The assessment delivers a detailed view of satellite network prepared-ness along with recommended steps to mitigate risks and ensure compliance with appli-cable regulations, standards and guidelines.


Compiled by KmI media Group staff

Lieutenant General Mark S. Bowman is the director for command, control, communications and computers (C4) /cyber, chief information officer, Joint Staff, J6/CIO, the Penta-gon, Washington, D.C. He develops C4 capabilities; conducts analysis and assessments; provides joint and combined force C4 guidance, and evaluates C4 requirements, plans, programs and strategies for the chairman of the Joint Chiefs of Staff.

Q: In the last year, since the J6 was re-established, what has it been up to and what is on the horizon?

A: Here is what we are doing. In the last year we have been mov-ing forward with the way ahead for the department’s information technology effectiveness of the DoD IT Enterprise Strategy and Roadmap. It has been a huge undertaking. Our partnership with Ms. Teri Takai, DoD chief information officer, for enterprise ser-vice governance and with Lieutenant General Ronnie Hawkins, director, Defense Information Systems Agency [DISA], for enter-prise services has never been stronger.

In order to get started, we broke the problem into pieces. Internal to the J6, we changed how we do business. By being more frugal, we consolidated assets, getting rid of items not being used such as copiers, printers and deactivated unused phone lines. In partnership with DISA, the Joint Staff migrated 100 percent of users to Defense Enterprise Email on NIPRNet by late 2012 and SIPRNet by early 2013. As of March 2013, DISA had more than 1 million customers on NIPRNet enterprise email across DoD. We are also making enterprise collaboration tools

more accessible and shifting the mindset toward the cloud. The Joint Staff has over 4,000 thin client terminals operating on NIPRNet and SIPRNet, and we are on track to migrate about 80 percent of the Joint Staff to thin client by December 2014.

The old way of doing business meant a laptop or hard drive was tucked away in a safe that was seldom opened, and the software was never updated. With thin client, one image per network is “pushed” to devices that are always on the network. This increases network security by reducing the cyber-attack sur-faces and streamlining software updates, in addition to saving on power and environmental heating and cooling. Recently, we had an incident where controlled information was inadvertently sent to an unauthorized thin client. Within five minutes, the situation was fixed when the session was restarted and the information was removed on the thin client. This corrective action would have been significantly more painful six months ago; someone would have taken that user’s computer, it would have been gone for weeks, the hard drive would have been reformatted, and sig-nificant productivity and data would have been lost before the machine would have been returned.

We are also doing what was previously thought to be unthink-able by replacing the Joint Staff Action Processing software. This coordination tool has been cumbersome and not interoperable with other DoD agencies since day one. Some thought it was a

Lieutenant General Mark S. BowmanDirector, C4/Cyber

CIO/J6Joint Staff


C4 GuideDeploying Reliable, Secure, Sustainable and Affordable IT

Q&AQ&A

fool’s errand to change this antiquated and expensive system. Well, you are looking at the fool. We have taken on this task to make it supportive and interoperable for coordination across the Joint Staff and externally with the services, DoD and agencies. We cannot afford to continue to use systems that are proprietary and nearly impossible to maintain.

On the Joint Staff, the J6 runs a pilot program of a new sys-tem, service or device—after we have eaten our own dog food—the chairman and vice chairman are among the early adopters of each of these technologies. This allows the Joint Staff to make the initial investments and use the lessons learned to roll out a better service, system or device. The result enables us to rapidly provide a more mature and effective product so the person at the pointy end of the spear is not the one to figure it out for the first time for the department. These introductions of new technology are the fuel for the larger information technology strategy that allows us to capitalize on the efficiencies of IT and provide sig-nificantly better enabling capabilities to the joint force.

Here is why we are doing what we are doing. Today, the computer is a weapon system along with platforms such as the aircraft carrier or fighter aircraft. There is not one senior leader who does not get and understand the value of information tech-nology. As the capabilities of information technology multiply and proliferate, our advantage narrows. Budget cuts are here, with more on the way. We know the budget will be less, and we are looking for better ways to do business effectively in a cost-constrained environment. However, cutting costs by itself is not a strategy. We have realized efficiencies by reducing unique applications and duplicative infrastructure, and continue to assess what we have in the inventory. We must have capabilities that remain effective and secure while also being affordable. We

will leverage open standards and use COTS solutions as much as possible.

We need 60-80 percent solutions now. If we wait for the 100 percent solution, it will be too late; it will not meet the require-ments, which will have changed by the time of delivery, or we may never see it. The majority of the day-to-day applications used are common across the department. For example, it no longer makes sense to run our own email anymore. DISA has the core competency to operate the common enterprise services, and the technology exists to let the experts do what they do best—and we are letting them do just that. We understand the risks, benefits and trade-offs, and we adapt as we go. We have to continue to find smarter, more efficient ways of doing business effectively.

Q: How will future joint forces, with constrained resources, have more efficient ways of doing business effectively?

A: First, we have an immediate and lasting operational need for a DoD-wide enterprise IT environment that is reliable, secure, sustainable and affordable to achieve national objectives. Our networks and systems have never been more important to DoD than they are today, and our networks and systems have never been attacked more than they are today. Cyberspace is a con-tested domain every day. We must move past our vision of IT as an array of business systems that function like a utility, and begin to assemble, train and operate them as a core war fighting capa-bility. The Joint Information Environment [JIE] is a concrete step toward Joint Force 2020 that achieves information superior-ity by improving mission effectiveness, increasing cybersecurity and realizing IT efficiencies. These goals are accomplished by establishing a shared IT infrastructure, providing common

Understanding the Joint information environment

(Editor’s Note: Following are excerpts from the Joint Information Environment white paper released in January by Chairman of the Joint Chiefs of Staff General Martin E. Dempsey, which is available at http://www.jcs.mil/content/files/2013-03/031813153411_JIE_-_CJCS_White_Paper.pdf.)

Benefits of the Joint information environment will include:

• Mission Effectiveness: improved mission effectiveness that will enable the warfighters to rapidly and dynamically respond to cyber-incidents and events. Optimize effectiveness for the joint force commander and optimize command and control of DoD Global Information Grid operations and defensive cyber-operations.

• IT Efficiencies: improved IT efficiencies that will enable a rapid agile insertion of new technologies. Increased Security: increased security and improved visibility of a jointly shared

• DoD IT network infrastructure through a single security architecture. Provide situational awareness of operational and cybersecurity status of the JIE and optimize security/cyber defensibility of DoD information networks.

the Joint information environment enabling characteristics provide for:

• A transition from network-centric to data-centric solutions. • Rapid delivery and use of integrated cloud services

accessible by all means from anywhere. • An interdependent information environment providing real-

time cyber-situational awareness.

• Scalable platform allowing flexibility and mission partnering.

• Security where needed, resiliency throughout, and appropriate consolidation.


enterprise services, protected by a single security architecture and increased end-to-end visibility and awareness of the network. The chairman is fully supportive of JIE and authored a white paper that describes his vision.

Responsibility for JIE implementation is a collaborative effort. The JIE governance process comprises two major func-tions. The JIE Executive Committee is tri-chaired by the DoD CIO Office, Joint Staff J6, and U.S. Cyber Command J6, with combatant command, military department services, and agency membership participants, and the JIE Planning Coordination Cell [PCC], which is responsible for the planning and implemen-tation of JIE. Combatant command J6s have significant roles in the implementation of JIE. The JIE PCC collaborates regularly with the European Command [EUCOM] and Africa Command J6 staffs in defining operational requirements for supporting JIE Increment 1 implementation in Europe. The JIE PCC is also in preliminary discussions with Pacific Command [PACOM] in preparation for JIE Increment 2 implementation within the Pacific area.

We are also considering aspects of JIE that can be imple-mented globally and near-simultaneously across the force. Why wait if Increment 1 has broader applicability across the force? For example, the combatant commands are already taking steps that posture them to execute JIE. They are consolidating networks, reducing redundancy and reducing parochial applica-tions. These actions are enabling DoD enterprisewide ability to see and defend in cyberspace, and streamlining operations and security functions. The combatant commands’ continued align-ment and synchronization with JIE is benefitting them now, as it is crucial to future war fighting capability of the joint force.

Second, JIE will enable the joint force to operate with allies and partners in our combatant command areas of responsibility via the Mission Partner Environment [MPE]. Although many efforts have attempted to solve the multi-national information sharing problem, MPE breaks the problem into two separately solvable problems. The first problem focused on the time-sensitive and open release characteristics of a mission execution network, while the second problem focused on the not-so-time-sensitive and need for strong data segregation characteristics of a mission planning network. The solutions to be implemented address the problem set in Phase 0 [shaping operations] and Phases 1-5 [deterrence to enabling civil authority].

Segregating mission execution from mission plan-ning allows the integration of today’s imperfect technolo-gies and application of the stringent information assurance capabilities where needed to meet the operational imper-atives to share information and national requirements to protect non-releasable information and technologies. By lim-iting the mission execution networks to a core set of enter-prise services and previously validated C4ISR and mission support applications, it is possible to have a reasonable expecta-tion of mission partner access to a trusted operational network capable of supporting operations on Day 1 of Phase 1.

Additionally, recent collaboration between the Office of the Undersecretary of Defense for Intelligence and the J2, J3 and J6s from PACOM, EUCOM and Central Command has led to the fielding of strategic operations and intelligence information broker capability. This has the potential to support all combat-ant command pre-crisis coordination and a transition to mission

planning, while coalition forces deploy and rapidly federate their pre-configured mission execution networks. Leveraging these capabilities lays the foundation for speeding DoD towards a data-centric environment, reducing the cost and duplication to support legacy applications in separate stovepipes of data, and achieving the operational integration of allies and partners into the JIE. MPE has marginal material integration and transition costs. However, the cost ramifications to realize an enterprise-wide, enduring mission partner operating environment for both material and non-material requirements are almost negligible when compared to the cost to support those same operational requirements with current Combined Enterprise Regional Infor-mation Exchange System and Afghan Mission Network networks.

Third, we have focused on interoperability with the United Kingdom, Australia, Canada, and New Zealand—our FVEY partner nations. We coordinate this effort through collective participation in the Combined Communications and Electronics Board [CCEB]. Currently the CCEB is focusing on improving collaborative services at the National Secret Network level, in an effort named Pegasus. Pegasus connects information technology services resident on national secret networks, such as mail, web, chat, voice and VTC, so that authorized subscribers can collabo-rate from any National Secret workstation. This is a significant improvement over today’s static current capability, which allows FVEY partner access to U.S.-releasable information only at spe-cific standalone Secret-Releasable kiosk workstations. Pegasus is improving security through cross-certification of public key infrastructures, which delivers needed capabilities that improve our ability to share information. I cannot overemphasize the need to sustain our effort in this area.

Q: What issues keep you awake at night?

A: There is increased competition in broader IT enablers such as spectrum, cyber and talent. Spectrum is the enabler of all communications. All military communications systems require spectrum to transmit information. Spectrum is a finite resource and is highly regulated, nationally and internationally. Indus-try demand for spectrum globally has put intense pressure on military spectrum as telecommunications companies seek more access to spectrum for broadband cellular communications. In 2010, a presidential memorandum directed the secretary of commerce to make available 500 MHz of federal and non-federal spectrum over a 10-year period. This would nearly double the amount of commercial spectrum to spur investment, economic growth and job creation, while supporting the growing demand for wireless broadband services. The old way of doing business by vacating federal spectrum is not the only answer to enabling industry use of spectrum. The federal sharing of spectrum with industry may be possible through the use of technology and policy. DoD is exploring the feasibility of sharing in the 1755-1850MHz, 3.5 GHz, and 5 GHz bands.

The President’s Council of Advisors on Science and Technol-ogy [PCAST], an independent council of experts from industry and academia, concluded that the traditional practice of clearing and reallocating spectrum used by federal agencies is not a sus-tainable model for spectrum policy. The PCAST recommended leveraging new technologies, including dynamic access, low power cells, and transmitter/receiver enhancements that enable


sharing—that is, the use of the same spectrum with interference de-conflicted by geographical or temporal separation, or through technology. Spectrum sharing can be accomplished through implementation of new technology as well as governmental policy.

Another area that has captured everyone’s attention right now is cyberspace. Cyber is everywhere. The cyber-threat to the joint force is greater than ever before, and even bigger tomorrow as cyber is evolving at the speed of light. We are in an opposed environment today, and every warfighter with an IT-enabled device is a target for adversaries. With traditional kinetic operations, the physical damage is known immediately. Cyber-incidents go global in nanoseconds, and the virtual damage in the cyber-domain is much more difficult to assess. We have a long-term interest in cyber-defense in order to preserve the joint force’s freedom of action in cyber. Cyber-defense must be built into IT-enabled capabilities from the beginning, along with the ability to upgrade and integrate new capabilities after systems are in operation. Cyber-defense is more than technology, however. It requires growing a robust, capable cyber-force, and it takes time to develop the advanced skill sets needed for this highly technical field to address the threat.

This underscores the fact that people are always our most valuable asset. Today’s IT environment is different from the dawn of computing. Today’s workforce must replace the analog mindset with a digital persona in order to quickly make the right

decision in this environment. The requirement to recruit and retain the best talent is growing. A world-class IT workforce is vital to stay ahead of those who would do us harm.

Q: How is the joint warfighter of the future going to maintain the advantage over potential aggressors?

A: We will remain ever vigilant as we operate and defend our networks. Adversary anti-access and area denial threats, the pro-liferation and availability of information, increasing competition in space and cyber, accelerating rates of change, and narrowing U.S. capability advantage encompass the current and future security environment where we must be able to maintain supe-riority. It used to be true that effectiveness and efficiency were mutually exclusive. That is no longer the case with the technol-ogy that exists today and the capabilities of tomorrow. We are capitalizing on existing investments and infrastructure to take it in a new direction to be effective and efficient. We are looking for the best ideas for the future. In order to implement the best ideas for the future we have a demand for action and a mission to overcome organizational cultural barriers. The enemy is time; there is always a good reason not to do something or wait. The bad guys are already moving faster than we are; we cannot have them ahead of us. The joint force must be able to evolve, shift, adapt and respond dynamically to ensure mission success, and our IT has to do the same. O


(Editor’s Note: Following is an update on the latest news from the Defense Information Systems Agency’s Commercial Satellite Com-munications [COMSATCOM] Center, based on the center’s newsletter, “COMSATCOM Scoop,” available at: www.disa.mil/services/satcom/comsatcom-services/scoop-newsletter).

2012 dod commercIal satcom users’ worKshop

The Department of Defense Commercial SATCOM Users’ Workshop is an annual event co-sponsored by the Satellite Industry Association and U.S. Strategic Command. The 2012 workshop, held in December, brought together DoD and the commercial satellite industry to discuss the following theme: “Innovative Commercial SATCOM Technologies and Business Models in an Austere Budget Environment.”

The Defense Information Systems Agency (DISA) COMSATCOM Center presented six briefings to the group: EMSS/DTCS update; fiscal year 2010 and FY11 annual report; Mobile Subscription Services transi-tion; customer awareness; BGAN RAS Overview; and Future COMSAT-COM Services Acquisition (FCSA) update.

The top five issues relative to the COMSATCOM community affect-ing DoD are:

• Services are highly encouraged to discontinue all inactive Communication Service Authorizations not used in the last five years.

• Blanket purchase agreements will reflect services’ requirements and request for single vendor to manage airtime.

• Transition of services from current contract to GSA Schedule 70 is highly customer dependent.

• FY13 DISA COMSATCOM fee is 2.21 percent; FY13 DITCO fee is 2 percent.

• FCSA leverages the government’s buying power by consolidating DISA and General Services Administration service offerings into one mechanism.

Emerging industry activities include commercial satellite owner/operators preparing for seven new satellite launches over the next three years, industry explaining increased airborne communications on the move, new mission assurance and communications monitoring, and a new medium earth orbit Ka-band constellations.

Emerging activities for DoD include working with Congress on exploring options for authorizing multi-year contracts for information technology services in order to leverage cost benefits, as seen in procur-ing of vehicles or munitions within DoD. This, along with all of the

new potential commercial offerings, should result in increased choices, increased competition and lower costs for DoD.

The workshop was a success in bringing government decision-makers together with commercial satellite operators, service providers, integrators, and manufacturers to foster discussions on future possibili-ties for DoD commercial SATCOM.

For more information on the 2012 conference, visit https://www.dodsatcom.com. For more information on the Satellite Industry Asso-ciation, visit www.sia.org.

emergIng technologIes corner Ku- vs. Ka-BandwIdth—a user perspectIve

While many have likened the comparison of Ku-band and Ka-band to the well-known Blu-ray versus HD DVD or VHS versus Betamax format wars of the past, our situation is not a frequency band duel to the death, and we should not even assume the winner will be one or the other. In this situation, the winner will ultimately be the consumer.

The recent emergence of commercial Ka-band as a serious chal-lenger to commercial Ku-band is not due to a specific advantage one has over another. It is actually tied more closely to the fact that the consumer’s requirements are changing, and thus drawing attention to throughput limitations of existing satellite systems.

For instance, typical existing Ku-band systems were designed with wider spot beams for widely dispersed VSAT networks that primarily focused on simplicity, video teleconferencing and reliability. These lower Ku-band frequencies required smaller margins to overcome rain fade and thus wider spot beams provided regional service at lower costs. On the other hand, wider spot beams limit frequency reutilization.

This, combined with limited throughput, made these Ku-band pay-loads less desirable to modern high-throughput users with an increased focus on mobility. Due to these existing satellite systems, consumers have developed associations with suitability of frequency bands that are not truly characteristic of the frequency band, but rather the satellite business progression.

The new Ka-band systems such as Inmarsat-5 coming onto the market promise to deliver substantially greater throughput than current Ku-band offerings. This fact has led some in the industry to conclude that Ka-band capacity is a superior evolution of Ku-band capacity. However, the reality is that there are high-throughput Ku-band satel-lite systems also being developed that offer similar throughputs with smaller spot beams.

With the investment in both bands, today’s debate to determine whether Ku-band or Ka-band is better continues. One thing is certain:

COMSATCOM Center Update


We will continue to experience more technological advances, and satel-lite manufacturers will continue to launch newer, faster, stronger and more flexible satellites. Who knows what will be “best” tomorrow?

In the next issue, we will compare MILSATCOM Ka and COMSAT-COM Ka capabilities, expectations and hardware comparisons.

host natIon agreements and lIcensIng for mIlItary users of comsatcom: why are they needed?

When a mission partner is planning on using satellite bandwidth or equipment in foreign countries, it is required to follow the laws of the host nation when operating in the commercial spectrum. DoD or U.S. policy does not supersede the laws of the host nation.

The term host nation agreement (HNA) is often used as a blanket term to describe all of the different licenses that may be required of the terminal user, and sometimes the names of individual agreements are used interchangeably. There are five points of reference that DoD COM-SATCOM users need to remember:

• Policy—Memorandum MCEB-M-008-03, dated August 18, 2003, provides DoD spectrum procedural guidance for DoD users with requirements for commercial satellite services utilizing fixed earth terminals outside of the U.S. and its possessions (OUS&P).

• Financial—Fees and financial charges for commercial satellite communications use, operation, licensing and appropriate

spectrum analysis that are required are the responsibility of the user or program manager.

• Equipment Certification—Commercial-leased equipment cannot be certified through DoD channels; therefore, the commercial provider must ensure any equipment certification required for use outside of OUS&P is accomplished. The user must ensure the requirement for equipment certification to include host nation approval is included in the lease contract.

• HNAs—U.S. government entities are obligated to secure HNAs and/or specific transmit licenses for their in-country earth stations prior to commencing operations. Failure to get HNA equates to no protection from interference, possible interception and potential violation of international and local laws. This includes fines of up to $500,000, seizure of equipment and creation of an “international incident.” A key point is that DISA will not release satellite capacity until an HNA is in hand.

• Users need to remember that an HNA does not automatically provide the right to transmit usually there is a requirement for typical licensing procedures. Often the issue is what entity can hold license: the third party vendor, U.S. government or local operator. Fees are associated with this action. A host country may exempt the U.S. government from regulatory fees, although that is not commonly done. Fees range from about $300 a year to $5,000 a month.

ARIZONA . NEW MEXICO PENNSYLVANIA . MARYLAND

Scan to visit our website

www.nova-dine.com

For more information on NOVA’s capabilities please

contact Augie Ponturiero at 717.262.9758

or via email at [email protected]

SHAREPOINT • ITIL • CYBER SECURITY • NETWORK OPS • COMPREHENSIVE DATA CENTER SOLUTIONS

The Navajo Code Talkers of WWII proved communication solutions to be mission critical. Nearly 70 years later, the storied tradition of Navajos providing mission critical solutions to our warfighters lives on through NOVA Corporation, a Navajo Nation Tribally-Owned 8(a) Small Disadvantaged Business. From CENTRIXS ISAF support to DISA DECC and TECC support, NOVA plays just as important a role as our predecessors did many years ago.

• GSA 8(a) STARS II PRIME: GS-06F-1098Z

• EXCELLENT PPIRS/CPARS RATINGS

• CONUS & OCONUS PAST PERFORMANCE

• FINANCIALLY SOLVENT COMPANY

• SOLID PRIME CONTRACT EXPERIENCE


• In Iraq and Afghanistan, for example, no HNA is required for U.S. and NATO military users. In Germany, frequency clearance/assignment comes from a local regulator, while in Australia and New Zealand, no HNA is required for Ku-band (14.0 GHz-14.5 GHz) VSATs.

• Frequency Clearances—Most COMSATCOM users only require a frequency clearance (sometimes called a frequency license), but other international agreements include landing rights and terminal license/certification. Frequency clearances are very important for the COMSATCOM Center mission partner. They are required for operations in most foreign nations and must be included in the service contract and coordinated by the service provider. Service providers typically hire consulting firms that specialize in commercial spectrum HNAs and terminal licensing to secure licensing.

A frequency clearance is very specific and grants the user permission to operate a particular terminal, in a particular location, on a particular satellite, at a particular frequency. If any of these elements change, the frequency clearance must be amended. Time to obtain frequency clear-ances can vary from days to months, depending on the host nation; therefore, it is critical to plan COMSATCOM requirements well in advance to ensure a frequency clearance can be in place prior to the required service start date.

Frequency clearance is beneficial to the host nation as it allows man-agement of the radio frequency spectrum. It is also beneficial to the user as it offers protection from radio frequency interference. Without a valid frequency clearance, the user is potentially in violation of international laws and is subject to fines of up to $500,000 and seizure of equipment.

The COMSATCOM Center has knowledgeable experts to assist in defining your individual COMSATCOM needs. If that includes an inter-national agreement, your COMSATCOM Center representative will work with you to gather all the details needed to obtain the right licenses for your satellite requirements.

Following are definitions of common host nation agreements and licenses:

• Host Nation Agreement—Permission for a foreign government to “use” the resources needed in a country, granted at sole discretion of host country.

• Terminal Licenses/Certifications—These are licenses or certifications for satellite terminals to operate in the host nation. Certification of DoD-owned terminals is accomplished through military channels using a DD Form 1494. Certification of leased terminals must be accomplished through the service contract provider; military channels cannot be used. Terminal licenses/certifications do not grant a right to transmit; a frequency clearance is still required. Satellite service providers may also have terminal certification requirements in addition to the host nation.

• Landing Rights—This is an agreement between the International Telecommunications Union, host nation and satellite owner to land a space-based signal into their nation. This is coordinated when a satellite provider applies for an orbital slot. There is no fee or contracting requirement for landing rights; it is solely the responsibility of the satellite owner.

• Frequency Clearance—This is a license allowing a specific terminal in a specific location to transmit to a specific satellite

on a specific frequency. There is a cost associated with obtaining frequency clearance and it is purchased through the same contract as the bandwidth. Cost and time to obtain frequency clearance varies between countries.

new InformatIon assurance requIrements Improve opsec

In February 2013, the COMSATCOM Center began requiring com-mercial satellite contractors to digitally sign and encrypt all post-award contract related documents exchanged with the government using Medium Assurance External Certificate Authority Public Key Infra-structure (PKI) certificates. These certificates are interoperable with DoD PKI certificates and provide the same level of security. Currently this action only applies to new contract awards; however, the center is working to modify current contracts to include the requirement.

In conjunction with the General Services Administration, DISA is also modifying the GSA Schedule 70 and Custom Solution (CS2 and CS2SB) contract vehicles so that pre-award documentation, such as contractor quote submissions, will be included in the requirement. These measures will bring COMSATCOM acquisitions into compliance with DoD regulations on the use of PKI while improving the opera-tional security protection provided to our customers and their services. Customers can be assured that this will not increase the cost of their services or associated fees, now or in the future.

The COMSATCOM Center is committed to continually improving the security of provided services without impacting the cost and qual-ity afforded to our customers. Questions on the implementation of the vendor PKI requirement can be addressed through your regular COM-SATCOM Center point of contact.

quIcK tIps—avoId payIng twIce for moBIle servIces

Over the past year, the COMSATCOM Center has been facilitating the Mobile Satellite Services (MSS) transition from the legacy Inmarsat contracts to new service- or agency-specific blanket purchase agree-ments being awarded through DISA’s partnership with the General Services Administration. Through the transition process, the COMSAT-COM Center has noticed a trend of old services continuing to be billed after new services are established.

The COMSATCOM Center would like to remind MSS users that as new orders are approved and new SIM cards are received, users must then discontinue the old service or billing will occur for both the old and new services. For any questions or concerns, contact the MSS help desk at 301-225-2600.

satellIte support centers— new name, same mIssIon

The Global Satellite Support Center in Colorado Springs, Colo., and the Regional Satellite Support Center-CONUS have been re-designated as RSSC-West and RSSC-East, respectively. At this time, the mission and personnel have not changed. Please continue using your servicing SSC as you normally would. O

For more information, contact MIT Editor Harrison Donnelly at [email protected] or search our online archives

for related stories at www.mit-kmi.com.


The Stuxnet worm was a game changer when it came to perceptions of the security of industrial control systems (ICS).

The virus, reportedly designed by Ameri-can and Israeli cyber-warriors to attack nuclear facilities in Iran and first identi-fied in 2010, spotlighted the vulnerabilities of supervisory control and data acquisition (SCADA) systems, which monitor and control processes at power plants, oil refineries, water supplies, fuel management systems, pipelines and other infrastructure installations.

Moreover, analysts warn, it also provided a road map for bad actors interested in attack-ing those same industrial control systems.

SCADA vulnerability impacts national security on two fronts. The Depart-ment of Defense, as well as other federal agencies, owns and operates installations—including water and fuel operations—that use SCADA networks. It is also a customer of numerous electric and other utili-ties; compromising those could impact military operations.

More broadly, public utilities and other enterprises that use SCADA represent critical compo-nents of the nation’s infrastructure. A successful attack could result in economic and social catastrophe and could endanger the safety and livelihood of millions of citizens.

DoD is reportedly working on security certification requirements for public utilities with which it does business, to take effect

within the year.

“DoD is the owner and operator of lots of infrastructure parallel to that in the civilian world,” said David McIntosh, vice president for government affairs at Siemens Industry, a maker of SCADA systems. “It runs utilities where DoD personnel work and live. It also runs transportation systems and water treatment facilities and other types of infra-

structure, all of which are characterized as critical and all of which have electronic indus-trial control systems.”

“Before Stuxnet, few in industry took SCADA security seriously,” said Eric Byres, chief tech-nology officer at Tofino Security. “An earlier worm impacted some power companies and oil platforms but wasn’t

designed to do damage. Out comes Stuxnet, and all of a sudden there is a worm meant to destroy an industrial process.”

Stuxnet was directed at a Siemens sys-tem installed at an Iranian nuclear facility at Natanz. The system was not provided by

Siemens, noted McIntosh, but was acquired on a secondary market.

malIcIous malware

Stuxnet was by no means the first attack on critical infrastructure components. In 2001, a disgruntled former employee, using radio frequency communications, hacked into the SCADA system that controlled an Australian sewage treatment plant, releas-ing over 200,000 gallons of raw sewage into nearby waterways. In 2006, a foreign hacker penetrated the security of a water filtering plant in Harrisburg, Pa., over the Internet, planting malicious software that was capable of affecting the plant’s operations.

Late last year, malicious malware known as Shamoon removed and overwrote the information on the hard drives of as many of 55,000 workstations at the oil company Saudi Aramco.

“The good news is that Stuxnet got board-room attention,” said Byres. “The bad news is

Eric Byres

potentIal of cyBer-attacKs on mIlItary and cIvIlIan

Infrastructure underscores the Importance of securIty for

IndustrIal control systems.

By peter BuxBaum

mIt correspondent

Industrial Defense

[email protected]


that it also got the attention of every hacker and terrorist group around the world. After Stuxnet, hackers on the prowl for new targets to exploit shifted their efforts to critical indus-trial infrastructure.”

According to a February 2013 report from NSS Labs, the “increased interest in ICS product security has also resulted in a significant increase in product vulnerability reports. ICS/SCADA vulnerability disclosures increased more than 600 percent since 2010 and almost doubled from 72 in 2011 to 124 in 2012.”

According to reports, a Russian cyber-crime group sells SCADA attack kits on the Internet for $2,500.

“SCADA has gone from being invisible to the center of the bull’s-eye,” said Byres. “There has been a horse race between mak-ers of better malware and better defenses. But the SCADA world is not used to being attacked and they are up against those who have 20 years of hacking experience. This is absolutely a massacre right now. SCADA and ICS applications are sitting ducks.”

One reason this is the case is that SCADA systems are meant to last 20 to 30 years, so that many of those in operation today are quite old. “The older systems were made to be low maintenance and durable,” said McIntosh. “Some of the makers of the very old systems might not even know where they are today and some of the original vendors are out of business by now. The products being sold today are more advanced than just a few years ago when it comes to basic software and hardware cyber-protections. The outdated models cannot be protected with patches, and really need to be replaced.”

One disturbing twist to the issue of SCADA security is that the systems don’t need to be connected to the Internet to be vulner-able, and in fact they are often not connected. Malicious code can be introduced through internal machine-to-machine connections by insiders or by outsiders who physically break into the network in the field.

“The problem is much bigger and much broader than whether or not a system is con-nected to the internet,” said Eyal Udassin, founder and chief technology officer of Israel-based C4 Security. “All you need is a hammer and a laptop to hack into the SCADA network. You don’t have to penetrate firewalls.”

dIspersed vulneraBIlItIes

Because of the way SCADA networks are deployed, people who want to hack into

them have the opportunity to do so in any number of geographically dispersed loca-tions. “The most critical parts of SCADA networks are out in the field,” said Udassin. “Anyone can find an electrical pole with a controller on it. All you have to do is climb the pole and break the lock and you will have access to a connection on a most critical network.

“What we call field-to-field or field-to-control center attacks have nothing to do with the Internet,” he continued. “It has to do with the basic design of a network that must be deployed in the field.”

“SCADA systems don’t need to be con-nected to the Internet and are usually not connected,” said McIntosh. “But that doesn’t mean they are never connected to the Inter-net even when there is no business purpose for that to happen.”

SCADA security is a “subset of cyberse-curity,” he said. “We have been recommend-ing that our customers deploy defenses in depth and run virus scanning for 10 or 12 years now, but many people thought they didn’t have to worry about those things. Now maybe they’ll pay more attention.”

The SCADA defense starting point is “maintaining basic cyber-hygiene,” McIn-tosh continued. “The most important things have nothing to do with hardware and software but in the routines and practices of managers and workers.”

These include periodic changes of passwords, making sure passwords are not left out in the open, training personnel to defend against social engineering schemes, and ensuring that only key personnel have access to sensitive portions of systems.

McIntosh predicted that President Obama’s recent executive order on cyberse-curity and the guidance now being formu-lated by the National Institute of Technology and Standards (NIST) will go a long way toward greater acceptance of these basic practices. “The idea is to make much more widespread the utilization of good practices, not to push the boundaries of the state of the art,” he said. “The ubiquity of the actual use of these well-known baseline cyber-hygiene practices could be a major accomplishment of the NIST process.”

There is already more than one set of standards in place for the security of SCADA systems. The North American Electric Reli-ability Corp. (NERC) is a quasi-governmen-tal organization that has been delegated the duty of regulating the bulk power system as well as companies that operate the main

transmission systems and lines that distribute electricity nationally. DoD participates in NERC working groups.

NERC’s Critical Infrastructure Protec-tion (CIP) program includes 11 standards that cover system reliability and security, including identification of critical assets, security management controls, personnel training, perimeter security, physical secu-rity of cyber-assets, systems security man-agement, response planning, recovery plans, vulnerability assessments, information pro-tection, and sabotage reporting.

“These standards were developed by the industry and are mandatory and enforce-able,” said Brian Harrell, associate director of NERC’s CIP programs. “The CIP standards are focused on both cyber and physical secu-rity. Standards for perimeter security include the deployment of firewalls around cyber-assets so that those on the outside would have extreme difficulty getting in. Physical security of cyber-assets includes protections to make sure that no one can walk into a room, place a bomb, and walk out.”

Under CIP, utilities are required to report discovered vulnerabilities to regulators and to have plans in place to get back up and running in case the worst happens. “The standards represent a baseline of security,” said Harrell. “Our enforcement arm audits companies to make sure that they are in compliance.”

NERC convenes a Critical Infrastructure Protection Committee (CIPC) four times a year in which DoD participates. “Within CIPC we have a cyber-attack task force that tackles threats and vulnerabilities, and pro-vides guidance to operators of infrastructure systems,” Harrell said.

There is also a separate working group dedicated to highlighting potential threats to DoD facilities and to private-sector instal-lations that feed electricity to military bases. “To date there are no boots on the ground or deliverables to report,” said Harrell. “We want to be a resource for each other in case the need ever arises.”

scada standards

There are also standards which have been issued by the International Society for Auto-mation (ISA) and the International Electro-technical Commission (IEC) and released by the American National Standards Institute. ISA/IEC 62443, which covers industrial net-work and system security, contains key con-cepts that are incorporated into the products


offered by Tofino Security to secure older SCADA systems, according to Byres.

“What they say is, ‘Let’s protect the crown jewels,’” said Byres. “There are some compo-nents that will be identified as critical to the whole. Trying to secure entire system end to end with same amount of security will kill any budget.”

ISA/IEC 62443 advocates dividing indus-trial systems into zones—so that an attack on one portion will not bring down the entire system—and protecting the key conduits to the most critical components of a system. “We make a safety firewall that inspects all traffic coming into a zone to make sure it is appropriate traffic,” said Byres. “The firewall creates a whitelist that only allows predefined safe commands to get through.”

C-4’s SCADA security offerings have the non-cyber-attack in mind. “One of our prod-ucts hovers above the control network and has knowledge of which elements within the network are supposed to be communicating with other elements,” explained Udassin. “The control center is allowed to communicate with devices, and some devices are allowed to send instructions to other devices because of the relationship set up in the network. Whenever an anom-aly from these policies appear, our system immediately gen-erates an alert to let the opera-tor know that something fishy is going on and to investigate.”

C4 also provides products that allow for after-the-fact forensics inspections. A sup-posed 2011 cyber-attack from Russia on an Illinois water installation required the util-ity to call in the FBI and the Department of Homeland Security to investigate. It turned out the incident was completely innocent—a utility contractor, on a personal trip to Russia, was checking the system.

“The fact that the government had to be involved showed that the utility itself couldn’t figure out what was happening on its own sys-tem,” said Udassin. “They could have solved the issue in five minutes if they had the capa-bility of inspecting the logs of commands to the water pump, figure out where the suspi-cious commands were coming from, and who had the authority to send those commands. It showed that the ability to do effective foren-sics was a function that was lacking.”

Siemens periodically issues patches for its SCADA systems as vulnerabilities become known. “Whenever we find a vulnerability, we

release a patch,” said Alan Come, a Siemens marketing manager. “We make the information available on our website and leave it to our customers to install the patches when they see fit. Our customers evaluate the patches as they come out to see if it is something they need to do now or wait until their next mainte-nance cycle.”

turnIng the taBles

Future enhancements to SCADA security could come from research already performed by LGS Innovations, a subsidiary of Alcatel-Lucent. One idea explored by LGS is to turn the tables against malicious worms by incorporating some of the more pernicious attributes of that virus in network defenses.

“Some viruses are able to restructure their attack code on the fly to create multiple versions of the same virus that vary in sig-nature but perform identically,” said Kevin Kelly, chief executive officer of LGS Innova-tions. “Once polymorphism is discovered,

system defenses can better detect the malicious code in its various guises.”

LGS’s idea was to deploy polymorphism as part of net-work defenses through a con-cept called software diversity. The idea is that an operat-ing system could morph itself while continuing to operate in order to confuse the attacking code.

“In the case of SCADA, the code that runs all data switching and routing will have different executable code at each node even though they function identically,” said Kelly. “If someone found a vulnerability in the system, they would have a hard time finding it in the code because the code had been rewritten and its structure was differ-ent. None of the variants are identical to the original copy.”

Software diversity is accomplished with the help of patented algorithms.

Another of LGS’s research projects addresses SCADA systems that use GPS for distribution controls. “GPS jamming is occurring in the U.S. all the time,” said Kelly. “It could be accidental or intentional. We just don’t know.”

LGS is researching the development of a capability that would use the cellular

infrastructure to determine when and where the jamming is taking place. The company is currently seeking funding to continue this research.

NERC is currently organizing a security exercise for the bulk power industry to take place in November. “It’s an opportunity for industry, government and academia to come together and work through cyber and physical security scenarios,” said Harrell.

“DoD was highly involved in our 2011 exercise. They participated in many of the planning and coordination calls for that exer-cise and they are doing the same this year. When we test the bulk power system during the exercise, DoD will be a participant try-ing to bring the system back to normal,” he added.

Although Harrell is holding the precise exercise scenario close to the vest, he con-firmed that it will focus on both cyber and physical security issues in the bulk power system, and that it will involve a prolonged outage.

“In our task force work, we have been looking at what the U.S. would look like if a power outage lasts for weeks instead of days,” said Kelly. “During the coming exercise, we will test information sharing mechanisms to see how utility operators communicate with federal regulators and local and state governments to activate policy triggers and initiate conversations to make educated deci-sions.” O



Kevin Kelly


Compiled by KmI media Group staffcotSacoPia commercial off-the-Shelf technology

New Smartphone Powered by Redesigned Mobile Platform

The new BlackBerry Z10 smartphone is now available in the United States. The (all touch) BlackBerry Z10 is the first smartphone powered by BlackBerry 10, the redesigned, re-engineered and re-invented BlackBerry platform that creates a new and unique mobile computing experience. The BlackBerry Z10 smartphone features a 1.5 GHz dual core processor with 2GB of RAM, 16GB of internal storage, and an expandable memory card slot that supports up to 64GB cards. The smartphone also includes the latest enhancements in high-density pixel and screen technology to display clear, sharp and incredibly vivid images. It features a micro HDMI out port for presentations, and advanced sensors to support mobile payments and the exchange of infor-mation with a tap of the smartphone.

Wideband Radio Designed to Meet Army Needs

The Falcon Wideband Team Radio from Harris is the first true non-developmental solution to address requirements of the Army’s Rifleman Radio and NettWarrior programs. The new Falcon RF-330E delivers voice, data and situational awareness to the squad member and is the smallest and lightest soldier radio addressing the requirements of these key programs. The RF-330E is a lightweight, wireless radio for connecting front-line soldiers to the tactical Internet to facilitate command and control. The radio delivers real-time position location information and multiple talk groups while also supporting additional combat applications. The RF-330E is a non-cryptographically controlled item that meets Type-1 Secret and Below information security requirements. The radio hosts the Soldier Radio Waveform, which delivers simultaneous voice, high-speed data and real-time position loca-tion information. Harris developed the RF-330E-TR under its commercial business model in response to the Army’s request for non-developmental Rifleman Radio and NettWarrior solutions.

Cyber Audit Solution Adds Insider Threat Detection FeaturesRaytheon has released SureView Version

6.7 to aid federal agencies in complying with President Obama’s 2012 directive aimed at implementing an insider threat detection program to address national security threats while protecting privacy rights. The latest version of Raytheon’s SureView offers simplified policy creation through a new “policy wizard”

that allows users to specify what information to collect and what information not to collect to protect civil liberties and personal privacy. It also enables integration of collected data in a central place, such as a security information and event management system. The data can then be analyzed with other types of collected data to further improve security policies and

procedures. As a policy-based cyber audit solu-tion, SureView monitors employees’ activities, including classified networks, while safe-guarding privacy and legally protected whistle-blower communications. It provides irrefutable and unambiguous attribution of end-user activity with full context to rapidly discern malicious from benign actions.

Integrated Service Suite Offers Mission-Critical Cloud Computing

TSE Communications has announced the availability of CloudView24 as a real-time integrated cloud infrastruc-ture suite of services from TSE Communications. An integrated suite of services that includes the major elements required for mission-critical cloud computing, CloudView24 is a unique and next-generation offering for organiza-tions with the most demanding performance requirements. TSE’s comprehensive portfolio of solu-tions offers an unprecedented level of integration in the cloud services landscape. The compa-ny’s CloudView24 suite of service

offerings include: data center services hosted in a diverse set of facilities that offer the highest degree of reliability and avail-ability in the industry as well as geographic redundancy; virtual enterprise IT services such as desktop virtualization, disaster recovery and a network and security service architected for cloud scale and performance; wired and wireless broadband and dedicated connections via a private secure network; hosted telephony, communications, and collaboration via Avaya; and a predictive analytics hardware and software platform.

Encryptors Protect Fiber Optic Networks

Technical Communications Corp. has released an interoperable family of DSD 72B-SP SONET/SDH path encryptors, providing global, strategic-level security to prevent interception of all types of commu-nications transmitted over fiber optic networks, while being easy and cost-effective to implement and manage. SDH/SONET headers are transparently processed, allowing the DSD 72B-SP to interoperate with any standard SDH or SONET network element such as multiplexors. Individual path virtual container data payloads are encrypted, leaving the path overhead unencrypted for unrestricted network switching of each VC with no plaintext exposure of the path-encrypted data payload. The DSD 72B-SP secure network is centrally deployed, configured and managed by

TCC’s advanced online KEYNET Optical Manager. Network

policies are supported, and automated key manage-ment, logs, alerts and polls provide trusted secure communications.


advErtisErs indExBlueSpace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27www.bluespace.comBusek . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27www.busek.comCapitol College . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27www.capitol-college.edu/mitCarahsoft . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C4http://events.carahsoft.com/event-detail/2474/mitCornet Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19www.cornet.com/ipgate-whitepaperNOVA. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21www.nova-dine.comUniversity of Maryland University College . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . C2http://military.umuc.edu/cuttingedge

The

adve

rtis

ers

inde

x is

pro

vide

d as

a s

ervi

ce to

our

read

ers.

KM

I can

not b

e he

ld re

spon

sibl

e fo

r dis

crep

anci

es d

ue to

last

-min

ute

chan

ges

or a

ltera

tions

.

CalEndarJune 25-27, 2013USCYBERCOM SymposiumBaltimore, Md.www.afcea.org

October 29, 2013SAP NS2 Solutions SummitFalls Church, Va.www.sapns2.com

mit reSoUrce center

A LEADER IN CYBERSECURITY EDUCATION SINCE 2001

Capitol College offers affordable, live, online master’s and doctorate programs in information assurance.

www.capitol-college.edu/mit


June 2013, Volume 17, Issue 5next ISSUE

Insertion Order Deadline: May 24, 2013 • Ad Materials Deadline: May 31, 2013

FEAturES• Cross Domain• Big-Data Analysis• JTRS Bears Fruit• SATCOM Cybersecurity

BonuS DiStriButionAFCEA International Cyber Symposium

Baltimore, Md., June 25-27, 2013

Cover and In-Depth Interview withBruCE t. BEnnEttDirectorSatellite Communications, Teleport and ServicesDISA


Q: What types of products and services are you offering to military and other government customers?

A: CenturyLink Public Sector offers a full spectrum of communications and informa-tion technology services, with a focus on two areas in particular. First, we are a lead-ing provider of secure data communications to the Department of Defense and federal government. With our global fiber network and international assets, we’re able to offer a complete array of data services, from dedi-cated private lines and advanced multi-pro-tocol label switched networks to high-speed Internet services.

Second, with our acquisition of Sav-vis, we own and operate more than 50 data centers worldwide. Through these centers, we’re able to offer seamlessly, globally and within a secure platform a wide range of services, from infrastructure as a service to fully managed security and cloud products. CenturyLink also provides dedicated federal data centers that meet DoD’s unique require-ments and are not typically found in the commercial space.

Q: What unique benefits does your company provide its customers in comparison with other companies in your field?

A: CenturyLink is the third largest telecom-munications company in the U.S. and is a global leader in cloud infrastructure and hosted IT solutions for enterprise customers. Our 230,000 miles of fiber-optic backbone and $18 billion in annual revenue make us a very strong competitor capable of bring-ing every facet of information technology solutions to our customers. We’re also a customer-focused organization that moves quickly to address customer needs as well as to adopt new technologies that benefit our customers.

One of the significant benefits we offer is our focus on secure data communications, especially with our contracts supporting the backbone of the Defense Information Systems Network [DISN] and the Defense Research and Engineering Network [DREN]. We are in

the initial phases of installing DREN III for DoD’s High Performance Computing Program. This advanced network will soon evolve to a backbone with speeds of 100 giga-bits per second.

CenturyLink is also working with DoD and the Department of Homeland Security on enhanced cybersecurity services and is one of only two companies authorized to provide these services to approved critical infrastructure sectors such as the defense industrial base, the banking and finance com-munity, and the oil, gas and energy indus-tries. The company will also soon be offering federal civilian agencies Internet Prevention Security Services.

Q: What are some of the most significant programs your company is currently working on with the military?

A: We are a major provider of data network-ing solutions to the Defense Information Systems Agency through a wide variety of contracts including DREN III, DISN Access Transmission Services and Networx. DREN III uses an all-Ethernet design with the latest routing and switching technologies and pro-tocols, which allows for secure collaboration across DoD with researchers and scientists around the globe. DREN III will also help DoD meet its requirements for supporting both the mobile workforce and the warfighter as they use next-generation applications.

Navy Reserve Forces Command, using WiFi equipment and Internet protocols pro-vided by CenturyLink, won a 2012 Depart-ment of the Navy Information Management/Information Technology Excellence Award.

The innovative project, which saved the Navy more than $2 million a year, was the first DoD-approved, wide-scale deployment of commercial WiFi to operational sites for the purpose of completing mission-related and readiness-related tasks. Currently, Cen-turyLink provides Internet service at more than 180 Navy Reserve Operational Support Centers around the country. This same WiFi solution was later adopted by the Navy’s Recruiting Command as well and is now in place at almost 500 Navy Recruiting offices from Maine to California.

Q: How are you working to strengthen the security of your solutions?

A: CenturyLink continually develops secu-rity solutions based on both known and unknown threats. Our solutions begin with a defense-in-depth design and carrier-grade network infrastructure that includes the use of firewalls, encryption devices, intrusion detection and proactive distributed denial of service mitigation. In addition, our network operations centers continuously monitor network health, availability, data integrity and security. A continuity of operations plan mitigates network failures through annual planning exercises that leverage diverse and redundant paths. Regular testing of our secu-rity boundaries and response mechanisms as well as implementing best practices also help ensure our services are secure and available when needed.

Q: Are you currently developing new products and services relevant to military and government customers that you hope to bring to the market in the future?

A: We believe the investments we’re making in cloud computing and the core infrastruc-ture supporting DREN—advanced routing and switching techniques, protocols, cloud services and storage capabilities in our secure data centers—are the most relevant right now. CenturyLink’s value includes our ability to enable an increased level of connectedness while ensuring confidentiality, integrity and availability of data on a global basis. O

Diana GowenSenior Vice President and General Manager

CenturyLink Public Sector

inDUStry interVieW military information technology The Navy’s shift to the Pacific inspires our twelfth title and website...

OUR INAUGURAL ISSUEwill support the Navy with the latest program developments in air and sea for Congress, the executive branch, other services and industry.

Contact Nikki James at [email protected] or 301-670-5700 to participate in the inaugural issue!

JUNECover Q&A:

Rear Adm. Thomas Moore, PEO Aircraft Carriers

Special Section:

Carrier Onboard Delivery Replacement

Features:

Ship Self-Defense

Riverine Patrol Craft

Precision Guided Munitions

Program Spotlight:

Presidential Helicopter

AUGUSTCover Q&A:

Rear Adm. Donald Gaddis, PEO Tactical Air Programs

Special Section:

Mine Warfare

Features:

Airborne ISR

Vibration Control

Ship Life Cycle Management

Program Spotlight:

LCS

OCTOBERCover Q&A:

Rear Adm. David Lewis, PEO Ships

Special Section:

USV/UUV Systems and Launch and Recovery Technologies

Features:

Biofuels

Maritime ISR Capabilities

Asia Focus

Program Spotlight:

F-35

DECEMBERCover Q&A:

Rear Adm. Paul Grosklags, PEO Air ASW, Assault and Special Mission Programs

Special Section:

Shipboard Fire Alarms and Control Systems

Features:

Modeling & Simulation in Ship Design

Fleet At-Sea Replenishment

Corrosion Control

Program Spotlight:

DDG1000

OUR 12 TH TITLE

COMING IN JUNE!


The Navy’s shift to the Pacific inspires our twelfth title and website...

OUR INAUGURAL ISSUEwill support the Navy with the latest program developments in air and sea for Congress, the executive branch, other services and industry.

Contact Nikki James at [email protected] or 301-670-5700 to participate in the inaugural issue!

JUNECover Q&A:

Rear Adm. Thomas Moore, PEO Aircraft Carriers

Special Section:

Carrier Onboard Delivery Replacement

Features:

Ship Self-Defense

Riverine Patrol Craft

Precision Guided Munitions

Program Spotlight:

Presidential Helicopter

AUGUSTCover Q&A:

Rear Adm. Donald Gaddis, PEO Tactical Air Programs

Special Section:

Mine Warfare

Features:

Airborne ISR

Vibration Control

Ship Life Cycle Management

Program Spotlight:

LCS

OCTOBERCover Q&A:

Rear Adm. David Lewis, PEO Ships

Special Section:

USV/UUV Systems and Launch and Recovery Technologies

Features:

Biofuels

Maritime ISR Capabilities

Asia Focus

Program Spotlight:

F-35

DECEMBERCover Q&A:

Rear Adm. Paul Grosklags, PEO Air ASW, Assault and Special Mission Programs

Special Section:

Shipboard Fire Alarms and Control Systems

Features:

Modeling & Simulation in Ship Design

Fleet At-Sea Replenishment

Corrosion Control

Program Spotlight:

DDG1000

OUR 12 TH TITLE

COMING IN JUNE!

Adobe, the Adobe logo, Connect, and Illustrator are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. All other trademarks are the property of their respective owners.

© 2013 Adobe Systems Incorporated. All rights reserved. Printed in the USA. 04/13

Original Photo Credit: Sgt. Ashley M. Outler, 28th Public Affairs Detachment from www.army.mil/media/ Posterized by Adobe Illustrator® for illustrative effect.

DCO for Large Meetings

Leverage DCO for your All Hands, Conferences, and large virtual Meetings!Benefits of using DCO:

•Interactiverecordings

•Robustaudienceparticipationthroughchat,statusicons,polls

•DCOmobileappsfortabletsandphones

•AvailabletoguestswithoutCACsoncommercialnetworks

•24/7helpdesksupportforyourbigevent

Join our webinar, BEST PRACTICES FOR USING DCO FOR LARGE MEETINGS, on June 26 to discover how easy it is to use DCO for your next large event.

What we will cover:

• Pre-event planning • Setting up the DCO room • Using the helpdesk

• Running the event • Recording the session for event support

See how other DoD organizations have used DCO for their large events!

Register Today >> http://events.carahsoft.com/event-detail/2474/mit/

Powered by Adobe® Connect™

@DCOGroup

/DefenseConnectOnline

https://www2.dco.dod.mil/

ADO_Ad_DCO_for_Lrg_Meetings.indd 1 4/30/13 7:40 AM

Documents

Mit 17 4 final web version