Program Executive Office PEO C4I and Space PMW 160 CANES Overview to FCC team

Delores Washburn (TD) Nick Freije (CHENG) Mike Davis (SCN / NR)

PEO C4I & SPACE

FY-06 C4I Fleet Top Ten (PMW 160 Perspective)

R 041359Z OCT 05 COMSECONDFLT

1. 2. 3. 4. 5. 6. 7. 8.

Coalition communications (CENTRIXS/ISNS/CANES) Reliable SATCOM Standards (NETWORK Rationalization) Lack of adequate data throughput (ADNS) Computer network defense (CND) Common Operational Picture Real-time collaboration (CENTRIXS/ISNS/CANES) Streamlined process to support emergent ops (ISNS/CANES/CENTRIXS/JCDX) 9. Next generation knowledge management (ISNS/CANES/JCDX) 10. Incorporate wireless technology (ISNS/CANES) PMW 160 Programs Are Relevant To Critical Warfighter Needs
1

PEO C4I & Space Leads The Future For Afloat Networks
Key Initiatives / Future Programs
Increased Availability (.95 to .99 Ao) Secure, standards-based and certified Wireless LAN solution ADNS Increment III
All IP environment with Increased Bandwidth and Availability

Cross Domain Solutions

Decreases Space Utilization / Increases Interoperability

End to End Network Management Integrating specialty LANs across platforms to include:
HM&E Control IC / Voice Integration

Service Oriented Architecture

Detailed cost comparison between platform unique and POR networks necessary Arriving At The TSCEI C4I Solution In Step With (Not Ahead Of) Available Technology

SCA Road Map

(Ship Communications Auto - Notional)
FY06 FY07 FY08 FY09 FY10 FY11 FY12 FY13 FY14 ONDJFMAMJJASOND J FMAMJ J ASOND J FMAMJ J ASOND J FMAMJ J ASOND J FMAMJ J ASOND J FMAMJ J ASOND J FMAMJ J ASOND J FMAMJ J ASOND J FMAMJ J AS LAUNCHES Wideband SATCOM EBEM WGS GBS IP CWSP Shore GNOC/RNOSC NOC2NOC Failover NMS (Monitor) NMS (Management) NMS (Automated) Crypto Modernization Tactical Switching

WGS (X/Ka)

AHEF (Q)

TSAT

ECRNOC Closure
I

IORNOC Closure
I

Homeporting

Networks CANES ISNS INC I CENTRIX Shore SCI Shore CENTRIXS INC I SCI Network SubLAN TL/Router

ADNS Increment I Proteon AS Increment II Increment IIa Increment III Red and Cypher Text Core

Consolidated Afloat Networks and Enterprise Services (CANES) Roadmap

Legacy Voice SCI LAN

CBS / WPNS

GENSER LAN (GCCS-M)

ISNS

CANES
HM&E

UNCLAS LAN (NTCSS)

SVDS CENTRIXS

Networks + ADNS + Services FY-08 FY-13 SCI ADNS As Capabilities Become Available, PMW 160 GENSER ADNS ADNS Delivers At Reduced Cost And Risk
EMS
Decreased training cost Decreased manpower Decreased complexity

ADNS
Decreased cost Decreased vulnerabilities

Decreased interoperability issues

Consolidated Afloat Computing Environment

COI Services & Applications Enterprise Services Management
5
Business Mission Area Military Personnel Financial Management Logistics Warfighting Mission Area Command and Control Navigation Weapon Systems HM&E Intelligence Mission Area ISR

Mission Assurance (IA / CND)

Basic Information Services

Operating Systems Email Office Productivity Software / Patch Delivery Browser

Enterprise Infrastructure Services

Mediation / Orchestration Service Registration / Discovery Time Messaging / Middleware User Assistance / Interface (portal)

Other Enterprise Services

Resource Management Collaboration Security Application Hosting Information Discovery Storage

Network Infrastructure

(i.e. LAN)

Long Haul Communication Infrastructure

(i.e. WAN)

Enterprise Network Implementation

Path to the Future through FORCEnet

PMW160 Next Gen Products

Service Oriented Architecture

Mission Planning Service C2 Service ISR Service DCGS-N Service Others

Information Assurance

identity messaging messaging

E2E Engineering E2E Engineering

Core Enterprise Services

orchestration registration discovery

CENTRIX INC I ISNS INC II CDS CND INC I Crypto Mod

mediation discovery

MLS/Distributed Computing Servers/Clients

Routing and Switching Subsystem

Connectivity

ADNS INC III

6 What Technology Gap Prevents Us From Achieving This Today?

Network Management

CANES Compose 4.X

Intelligent, Automated Business Rules

mediation authentication

Todays Generic Architecture Integrated Shipboard Network System (ISNS)

Services Internal to the System

E-Mail Web Browsing Network Management Account Management Directory Services Print Services File Transfer File Compression Chat Office Automation Security Video TELCON

LAN Drops

GCCS-M Unix Server, Etc

Backbone Switch Backbone Switch Edge Switch

ADNS

INE

Enclave Router

Dual Homed Backbone Switch(es) w/UPS

Expanded Edge Switch (concentrators) Router Inline Network Encryptor (INE)

To RF Off Ship

ISNS Server Racks

Architecture is duplicative for GENSER/SECRET & UNCLAS Enclaves

A Certified, OPEVALed Shipboard Network Architecture Already Exists

New Desired Networks Capabilities

Keep intruders off the network and prevent network attacks Higher availability or survivability Ability to recover from disasters and network attacks Minimize requirements to administrate the network Cross Domain Solutions and coalition interoperability Core network services for ubiquitous information access Reduced weight, space and power Improved network access and data rate New Enterprise Services
Wireless mobility Software management Identity management

CANES Final End Goal Network Design

Collapsed Multi security level network

Phone

UNCLAS & Secret Wireless UNCLAS SCI

UnclassSCI servers

Cryptainers Data Storage

SAN
Cryptainers Data Storage

Unclass - SCI clients** Clients include PDA and vice type devices

Requires CDS SOA solutions be available and accredited

FY08 FY09 FY10 FY11 FY12 Target CDS Technology

Thin Clients Managed PCs Multi-Level Thin Clients

CENTRIXS/SIPR CENTRIXS/SIPR/SCI NIPR/CENTRIXS/SIPR/SCI

Multi-Level Servers and CENTRIXS/SIPR NAS CENTRIXS/SIPR/SCI NIPR/CENTRIXS/SIPR/SCI

MLTC NetTop (1.3) Integrity PC/HAP Trusted Services Engine/ NetTop Server TSE/JCDX TSE/NetTop server

When technology would be (is) mature and certified Technology not available or accredited for desired security levels

Accredited solution which enables single multi level security network is not available until FY12
9

Proposed CANES Increment 2 Design

UNCLAS Wireless

Data SAN Data Data SAN SECRET / S/REL SECRET Servers

UNCLAS PC

UNCLAS Servers

Phone

Multilevel Clients

Data

MLTC Secret Data PC S/REL Data SAN S/REL Servers

Data

Data

SCI

Data SAN SCI Servers

Data

PC

10

CANES
Increases War Fighter Network Capabilities

Availably & Survivability

Manning

Core Enterprise Services

Availability Security

.99 Ao Mission critical Automated IAV

Training

Common
equipment Common configuration

Duplicative Ships
Networks

SLA guarantees Single upgrades vice

individual upgrades

Single Points of Failure

Redundant server
design

patching Detecting intruders Managing rogue access

Administrators

Automated software
installs Automated reconfiguration and network monitoring

Shipboard Equipment
Installed

Scalable network
design

SINGLE Set Of COMBAT SURVIVABLE, Secure Shipboard Network Services For ALL Platforms

11

Proposed CANES Increment I

Replaces ISNS Increment two
Navy & Marine Embarkable shipboard wireless
Workstation mobility

Automated, higher reliable, faster servers backup & restore

Disk-Disk data backup

Application Service Provider (Application Hosting)

Replaces current server farms to host services and/or applications for other programs/projects, provides Blade flexibility Also referred to as "Advanced Server Concepts"

S/W Mgmt (COTS Patch Management)

Software Distribution License management Inventory management

Increased Security S/W

Limit permissions based on group policies look for unauthorized code
12

CANES
ISNS INC One Plus Wireless Disk to Disk Data Backup ASP (Application Hosting)
Replaces current Server Farms to host services and/or applications for other programs/projects, provides Blade Flexibility Also Referred to as "Advanced Server Concepts"

S/W Mgmt (COTS Patch Management)

Need to Determine where this fits in w/COMPOSE Roadmap

Increased Security S/W

Need to Determine where this fits in w/COMPOSE Roadmap Ability to Lock Down Desktops, look for unauthorized code

Honorable Mention Increased Survivability, EMIO Wireless, SOA

Not Under Review - Significant RDT&E and/or OPN to implement

CVN78 CANES 7300 Updated To Reflect Inc TWO

13

CANES Analysis Addressed

PR09 / POM10 issues for SCI and SUBLAN Affects on FY06 and FY07 Avoid NT EOL, WIN 2K EOL (Jun 2010) XP EOL (~Dec 2011) Avoid hardware obsolescence ATM, 100MB, and Legacy GIG-E
All ATM Ships get upgrade to Gig-E by FY11

Server/PC Client Refresh Support for currently fielded systems cannot be ignored
14

Portfolio Approach
1. NNWC, PEO C4I & Space and OPNAV Triad prioritized list of capabilities 2. Cost each capability 3. Platform cost base on fielding plan 4. Identify sources of funding within the SCA programs 5. Trade off capability, platform and sources of funding Capability Cost
Balanced Portfolio

Sources of Funding

Platform Cost
15

Triad Priority 1 Capabilities

* Capabilities within priority are not ranked any particular order

16

Triad Priority 2 and 3 Capabilities

* Capabilities within priority are not ranked any particular order

17

CANES Increment Details

Three increments for CANES based on affordability of the network portfolio 1. CANES Increment I
Required because we cannot wait until FY11 to add new fleet network capability Increased capabilities on Secret and Unclassified enclaves only IOC FY09 FOC: Cut over to Increment II, therefore do not reach a true FOC of Inc I

2. CANES Increment II
Covers all security level Provides funded priority one capabilities IOC FY11 FOC FY18 IOC FY14 or beyond Program plan still in development Same design as shown as end goal
18

3. CANES Increment III

Summary
PMW 160 is designing and implementing next generation networks
Common afloat networks (CANES) Shipboard wireless connectivity

CANES End-State - Full Service Provider for C4ISR Wireless capability is a key component of CANES
Initial analysis recommends a mix of wired and wireless Further technical and cost analyses required

Look forward to closer working relationships with ALL PMWs to quantify and define YOUR future requirements
19

Parking lot

20

WLAN Architecture
(Notional architecture)

21

Extended Maritime Intercept Operation (EMIO) Wireless Reach Back

OPERATIONAL NEED
COMSECONDFLT 041359Z OCT 05 - Numbered Fleet Top Ten IT Requirements - Requirement #10 COMUSNAVCENT 011219Z OCT 05 Maritime Security Operations End Game Enablers (Classified msg) USS INGRAHAM 241756Z JUN 05 - Lessons Learned JTFEX 05-4 VBSS Biometrics (Classified msg) IDS-MD CDD (Draft) N767 Program Sponsor Investment buys:
Capability to wirelessly extend the Shipboard Network and integrate MIO collected data through one data pipe into ISNS into a single scalable extensible solution Integration of multiple types of collection hardware solutions and various data types

IMPACT IF NOT ADDRESSED

Plan B Delay start to FY08 using ISNS POM funding Maintain Status Quo

PROPOSED SOLUTION
Technical Readiness Level: TRL 7+ FORCEnet Integrated Baseline Category 4 New program born compliant Wireless policies and standards are in place and are sufficiently mature NETWARCOM has approved wireless waivers when DoD and Navy policies have been followed Testing and accreditation will be performed to meet all military requirements, interoperability, and system certification. Multiple MIO collected data types will be transmitted via the Wireless EMIO Reach Back solution Integrated into ISNS on the Arliegh Burke class (DDG-51)

BUSINESS CASE
Acceleration of a technology to meet an emergent need High return on investment: Improved capability exportable to other Services where wireless transmission of data is required to accomplish similar requirements Solution will be based on integration of mature COTS standards and equipment Supports Force Protection during EMIO Operations: Current operation is extremely dangerous. Maintaining status quo extends overall EMIO timeline by 2 years and exposes boarding teams to increased risk during operations when RHiB is taken off station and used to ferry data between the team and the Host Ship.

22

Service Oriented and Event Driven Environment

MA / COI Users
Afloat Ashore Warfighter Business Intelligence

Enabling Services
Security
Identity Management

Enterprise Services
Collaboration Content Delivery Application Hosting Storage Discovery
Enterprise Catalogue Federated Search

Messaging & Presence

COI Services
GCCS-M NTCSS Navy ERP
AGEIS

Machine-to-Machine

Mediation
Metadata

DPAS AIS

Alerting Discovery
Service, People & Device

User Assistance (Portal)

Tactical Disadvantaged Users

Enterprise Service Management Real-Time Services

23

ADNS Provides
Pre Increment I
1988-1997
IP over RF

Increment I
1997-2004

Increment II
2004-2008

Increment III
Future

Transition from Proteon to Cisco Routers

Increment I Capabilities plus:

Increment II Capabilities plus:

Shipboard IP Network

Integrated Transport of Multiple Security Over Single SATCOM Path

Traffic Distribution Over Multiple SATCOM Paths

Cipher Text Routing & IPv4/IPv6

Router Architecture IP EOC II

Dynamic Fail-over Between Links USMC Amphibious Network Support Network Management & Monitor
AN/USQ-144B(V)2/4 AN/USQ-144C(V)2/3/4 AN/USQ-144D(V)1/2/3/4 AN/USQ-144E(V)2/4 AN/USQ-144F(V)2 AN/USQ-144G(V)2/4 AN/USQ-144(V)5

Flexible Bandwidth Guarantee Application Prioritization Application Level Monitoring

AN/USQ-144D(V)1 AN/USQ-144H(V)2/4 AN/USQ-144J(V)2/4

25 / 50 Mbps Fully Connected Converged IP

TBD

24

Multiple Serial or Network Channels

Multiple Input Sources

Multiple Input Security Levels

SI GCCS-M

Multiple Output Security Levels Radiant Mercury

IPL STONE GHOST

JWICS IPL

OTH-Gold COP NITF Imagery RHR TRE/TRAP Automated Guarding & Sanitization Content Validation TRE TAB S&W Oilstock Plots Wrangler Messages AIS
Serial
Network

NITF Imagery

Rel GCCS OTH-Gold COP SEW-D TRE TAB S&W GENSER GCCS-M OTH-Gold COP Oilstock Plots Messages TDP SIPRNE T

Addressees e
Network

Releasabl

NSANE T

Digital Signature Validation

UNCLASS

25 RHR = Reliable Human Review

Logical System Diagram (Afloat)

Legend
Backbone Boundary Acquisition

Wireless Nodes Telephones

Wireless Devices PCs

Wireless Nodes PCs PCs

Wireless Devices

Peripherals

Peripherals

A D N S
Copernicus INMARSAT
SBU(Unclas)
GENSER SCI Coalition Top Secret HM&E C/S Others

PPL/SSIL/QPL
NT Server Network Management Workstations

Products
Network Storage VOIP HM&E Networks
ICAN SWAN

NT Server Web Apps E-mail

NT Server Web Apps E-mail Network Storage

NT Server Web Apps E-mail Network Storage

UNIX Server

VTC Embarkable Networks

Combat Systems Networks

ACDS AWS

Voice Networks
PVCS SATCC

NAVAIR Networks
ISIS CASS

Modems
WINSALTS RADCOM

Other TELCOM

Non-Shipboard Networks

26

Notional Network and Computer Architecture Vision (from Open Architecture brief)
Non-real-time External e.g. IT21 Tactical Displays Tactical links Embedded & legacy e.g sig pro

R Administrative unclassified K Layer 2/3 switch/router

Link broker

Security gateway

R F e d e r a t e d Primary real-time computing High security enclave Interconnect domains

High avail. switched Std. LAN Noncritical

I n t e g r a t e d

S t o r a g e

Unique domains e.g. HM&E sensors Security domains

Unclassified System high Limited access

Routed link

KG / TAC LANE

27