CENTRIXS – ISAF Applications (Part 1) – NATO use of CENTRIXS-GCTF/CNFC network as Mission Secret for maritime coalition operations (e.g. Horn of Africa (HOA))

• 
  ISAF is already a robust architecture, but service management is still an issue. As ISAF is a NATO operation, NCSA needs to be involved and the community needs to resist the urge to impose U.S. solutions.
  
• 
  In CENTRIXS-ISAF (CXI) Phase 1, there were two network interconnections: Kabul and Kandahar. Physical connectivity is on the base without firewalls. Before doing the changeover on October 1 2009, there was significant testing with a stand-alone IP stack.
  
• 
  Secure VoIP was already available to existing users in Phase 0, but all CXI phones were still located on the IS side of the GW. The gateway is using a SIP trunk. Call manager conversion happens on the CENTRIXS- ISAF side of the gateway. There are two different numbering authorities (USCENTCOM/NCSA).
  
• 
  There needs to be an in-theatre helpdesk/POC. There are several layers of U.S. organizations, and a delay in incident resolution. There are multiple functional area systems between NATO secret, ISAF secret, and U.S. systems.
  
• 
  As we move into C2 systems, ideally we use a web service for accessing other countries’ information. Eventually we will use the service bus architecture, beginning with the PASS server; this will be addressed later on. Federated databases will be used wherever possible. U.S. units will not have been trained in some of these things, so training will be needed.
  
• 
  The problem in ISAF domain is Regional Command South (RC(S)) CIS delivery. There are many networks but no common ISAF and U.S. coalition network. The commander owns the network and is responsible for the network, especially if it is an operational network.
  
• 
  USCENTCOM is identifying applications for information exchange on the Afghan Mission Network. Engineers come in with the solutions, and we made them analyze the information requirements. Without the U.S. use of AMN, there is a high risk of split C2 in RC(S).
  
• 
  Core services have active directory as a foundation. Extended core services will need identity management (CAC identified login).
  
  • 
    CENTRIXS-GCTF / CNFC is a different COI; it is a COI running over a VPN and using GCTF as bearer.
    
• 
  The NATO Coalition Naval Forces CENTCOM (CNFC) requirement will have a different approach than CXI. CENTRIXS GCTF/CNFC is the only mission classified network currently available for anti-piracy operations. NATO is not currently connected to CENTRIXS-GCTF, CNFC subdomain (though there are GCTF PoPs at HQs). This results in lower situational awareness, although an unclassified COP is in development. NATO is not part of CNFC as a whole, yet.
  

• 
  Right now there are two gateways in CXI, but there will be more. This requirement is based on traffic, and there will be additional NIP but in Bagram and Herat, but the NATO gateways have to be funded. The additional NIP Lights will handle local traffic only. The U.S. and NATO have to provide each other with visibility to the network. The challenge is that we have different management tools. BGP routing load sharing doesn’t yet work the way we want it to.
  
• 
  The coalition network providing Collaboration at Sea (CAS) functional services is mainly managed by USEUCOM and is better called CMFP (Cooperative Maritime Forces Pacific).
  
• 
  DISA is in the process of taking ownership of the T&E supporting the CNFC pilot.
  
• 
  U.S. NSA is working on a PKI token pilot for use within CXI.
  
• 
  Evaluated options included gateways between NS and MS NATO systems and CENTRIXS. The maritime community is using different core and functional area services.
  
• 
  There is a lack of J2/J3 participation within the CXI community, and this needs to be addressed.
  
• 
  USCENTCOM and NATO systems information is listed within a spreadsheet and will be made available to the audience. The full definitions from the JC8s are included.
  

• 
  The option selected was to extend CNFC; NATO needs to be part of CNFC COI.
  
• 
  USCENTCOM will offer access to their SIPR portal to all interested attendees. A portal is being built on CENTRIXS-ISAF to make sure everyone has all of this information.
  

• 
  Provided a program overview of MNIS and a status on several initiatives impacting the NATO community.
  
• 
  An ISAF test environment is being set up on CFBLNet to perform interoperability test amounts C2 and other applications targeted for operational use on the CENTRIXS-ISAF Network.
  
• 
  DISA has established support enterprise services at DECC Pacific in support of the ISAF mission in Afghanistan. The architecture between DISA computing centers and forward deployed areas was presented. The Pacific center was placed on line in Aug 2009 and the Columbus OH center will be placed on line in March 2010.
  
• 
  CCER was described as an aggressive technological program attempting to address requirements to converge our multiple coalition networks into a single unifying environment. With the shutdown of the CENTRIXS-MCFI network, attention is shifting to first consolidate Pacific interest networks to include Cooperative Maritime Forces Pacific (CMFP), Combined Maritime Forces Central (CMFC), ad SOUTHCOM's Multi-Lateral Enduring Contingency (MLEC).
  
• 
  Throughout the presentation, emphasis was placed on the work being done on CETRIXS-ISAF and more support and effort should be directed to it. With CENTRIXS-ISAF we are in essence setting a standard practice on network architecture and operations that will likely carry into all future work to include CCER.
  

• 
  The key to CENTRIXS is that it supports the Iraqi AOR and in general is based on the COCOM’s mission and region. It resides in DISA to support multiple COCOMs. The U.S. has about 100 CENTRIXS networks, most of them bilateral – the U.S. can’t replicate services across these networks and still think they are portable.
  
• 
  CCER has done revalidation of IOC requirements. Initial cross domain services include email, file storage and transfer, and chat. GCTF and MCFI have been replaced with maritime networks.
  
• 
  PASS and DDS is an application to support data exchange coming out of stovepiped architectures and moving towards web services. It is a data agnostic (SOAP and XML) publication/subscription mechanism running over http(s). U.S. integration solutions include CIDNE, JADOCS, C2PC, and others. The U.S. integration solutions are integrating with the C2 interoperability bus, using the MIP architecture. TS3 will be part of DDS.
  
• 
  The NATO side of the CENTRIXS-ISAF domain does not have an equivalent of the U.S. PASS server, and based Crisis Urgent Response (CUR) 355, NATO will be creating an ISAF interoperability bus, which will also simplify the process of Nations beyond the U.S. bringing capabilities.
  
• 
  This ISAF C4ISR Adaptability and Integration Capability (“bus”) will act as middleware and will match the PASS server. Functionally, the bus will include basic SOA enterprise services, including integration, guaranteed messaging, publish and subscribe metadata registry and data transformation services.
  
  • 
    This will grow in the future to provide a more robust SOA foundation.
    

• 
  The CUR 355 bus will use a concept of capabilities and service profiles as a starting point for developing. Fielding of the system will take 12-18 months, but will be phased and delivered 6 months at a time.
  

• 
  Integrated Command and Control (ICC) is an operational NATO system. ICC interface solutions include formatted messages, and import/export in XML format. JCHAT is web based chat which is supported by the XMPP chat standard.
  
• 
  Mission data has been exchanged through ICC using common models, and RSS is an important part of this. Experimentation has occurred using JTS and JTT, and targets were successfully exchanged using web services between the U.S. and NATO.
  
• 
  Web service interfaces need to be well defined; use common models as much as possible. QoS is critical; use compression techniques to minimize bandwidth. SOA presents challenges; quality of service, security, changes in software development, and the emerging support technologies.
  
• 
  Future interoperability will use enterprise service buses. Interoperability is essential, and experiments can’t be done in the field. COI models are crucial to achieving interoperability. Topics for future study within the ICC community are ESBs and COI data models.
  
• 
  USJFCOM J9 began working on cross domain chat solutions in 2004 and the JCTD started in 2008. It will transition to DISA by the end of FY10. CDCIE chat is ready for fielding; it supports over 20 language pairs.
  
• 
  CDCIE has used several different translation engines; almost any one will work if it’s http or TCP/IP. Most major languages are supported. USJFCOM has just completing CDCIE Chat 2.0; this is the one that will be transferred to DISA for their support.
  
• 
  TransVerse Whiteboard is another feature of 2.0, as is the CG web chat client. USJFCOM J9 has done several exercises including Empire Challenge, Trident Warrior and CWID09. USJFCOM is in the midst of certification in preparation for transition to DISA.
  
• 
  NATO deploys transponders either on the DCS system via Direct Connect, via ISAF, and via web service. We have visualization capability ahead of time.
  
• 
  GCCS-J capabilities were demonstrated at CWID events. Capabilities are planned to deploy within ISAF. There are limited interoperability testing opportunities. We did validate JPASS-C interoperability, and established a way ahead for the FFT shared environment.
  
• 
  GCCS-J can transmit and display NATO ATO/ACOs provided by ACCS and ICC.
  

• 
  Interoperability experimentation between TBMCS and ICC using SOA. Some possible trials and demonstrations at NATO CWIX-10.
  
• 
  NC3A and U.S. agreed to support interoperability testing and trials between NATO ICC and U.S. GCCS-J. NIRIS (NC3A’s TDL exchange software) shall also participate in this trial as it can support TDL exchange between these two systems. A possible testing activity is proposed by GCCS-J for 2010 at January at Ramstein to test the interfaces with the newer versions of the both systems. This will be coordinated later by the respective POCs.
  

• 
  Interoperability Experimentation and Validation Capability (IETV) is supported by the NC3 board and helps you quickly validate systems from a given baseline. It has been used in SFCE and CWID 09. Proposals for 2010 include TN-1174 Evolution, SFCE, and CWIX. Networked communications capabilities are reviewed, including NATO General Purpose Segment Communication System (NGCS) infrastructure, CFBLNet, and National Defense Network.
  
• 
  A pilot on Distributed Networking Battle Labs (DNBL) for JISR is being done. Participants are manly industry, along with NC3A. Different infrastructures are being tested. NATO’s federation of battle labs is depicted in the briefing. The federation will be a key enabler to increase C4ISR capability assurance.
  
• 
  The U.S. DoD has an integrated testing policy, which is focused on getting requirements right. Testers need to be involved early in the development process. You want to get the requirements right from the beginning. A “laundry list” of opportunities for integrated testing is included.
  
• 
  Within the testing community, it is important to build a culture of mutual trust and cooperation. If problems are worked early, they shouldn’t hold things up. Integrated testing is critical to combine engineering and operational expertise. This accelerates deployment of mission capability.
  
• 
  The JITC has been testing since 1988, and fully support combining data from any testing venue. Requirements definition is the most significant issue. It is important to get the testers on board early. If fielding is delayed, the first thing that gets cut is testing.
  

• 
  NGCS is a transport layer, the backbone of the network. It’s not really used for the testing piece; it’s used for exercises and training.
  
• 
  ICECAP needs to be a subject of future discussion.
  
• 
  In order to make sure that people get the assets they need to fight the war, the JITC is trying to map the testing environment.
  
• 
  The UK has done outstanding work in joint coalition TTPs.
  
• 
  Commanders say what products they want, but not how they want to communicate with the other guy. You need to get into a training environment so you can figure that out.
  

• 
  The concept of federated ISAF application validation and testing is an important one and must be further pursued.
  
• 
  NC3A will follow up with U.S. POC to share further details in the IETV function.
  

AATT Authorization and Attribute Tiger team

ACCS Air Command and Control System

ACO Allied Command for Operations

ACP Allied Communication Publication

ACT Allied Command for Transformation

AES Advanced Encryption Standard

AFG Afghanistan

AIFS Allied Information Flow System

AJP Allied Joint Publication

AMN Afghani Mission Network

AOR Area of Responsibility

APAN All Partners Access Network

ATO Air Tasking Order

BCT Brigade Combat Team

BLUF Bottom Line Up Front

C2 Command and Control

C2PC Command & Control for the PC

C3 (NATO) Consultation, Command and Control

C3 (U.S.) Communications, Command and Control

C3I Command, Control, Communications, and Intelligence

C4ISR Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance

C&A Certification & Accreditation

CAC Common Access Card

CAS Collaboration at Sea

CAT Capability Area Team

CCER CENTRIXS Cross Enclave Requirement

CCK Command Center Kabul

CDCIE Cross Domain Collaborative Information Environment

CDS Cross Domain Solution

CDES Cross Domain Enterprise Services

CE Combined Endeavor

CENTRIXS Combined Enterprise Regional Information Exchange System

CES Core Enterprise Services

CESWG Core Enterprise Services Working Group

CFBLNet Combined Federated Battle Networks

CG U.S. Coast Guard

CIAT Coalition Information Assurance Teams

CIDNE Combined Information Data Network Exchange

CIO Chief Information Officer

CIS Computer Information System

CMFC Combined Maritime Forces Central

CMFP Cooperative Maritime Forces Pacific

CNFC Coalition Naval Forces CENTCOM

COCOM Combatant Command

COA Course of Action

COI Community of Interest

CONOPS Concept of Operations

COOP Continuity of Operations

COP Common Operational Picture

COTS Commercial off the Shelf

CSD Coalition Shared Data

CTO Chief Technology Officer

CUR Crisis Urgent Response

CWID Coalition Warrior Interoperability Demonstration

CWIX Coalition Warrior Interoperability Exercise

CXI CENTRIXS-ISAF

DCO U.S. Defense Connect Online

DDS Defense Dissemination System

DECC Defense Enterprise Computing Center

DICE Department of Defense Interoperability Communications Exercise

DISA Defense Information Systems Agency

DLOS Direct Line of Sight

DMS Defense Messaging System

DMSWG Defense Messaging System Working Group

DNBL Distributed Networked Battle Labs

DoD Department of Defense

DSN Defense Switched Network

DTCS Distributed Tactical Communications System

DUSD Deputy Under Secretary of Defense

ESB Enterprise Service Bus

ESERB Enterprise Services Engineering Review Board

FFT Friendly Force Tracking

FFRDC Federally Funded Research and Development Center

FOC Full Operational Capability

FOC+ Full Operational Capability Plus

GCCS-J Global Command and Control System - Joint

GCTF Global Counter-Terrorism Task Force

GIG Global Information Grid

GTRI Georgia Tech Research Institute

GW Gateway

HARMONIE Humanitarian Assistance Information Environment

HTML HyperText Markup Language

HOA Horn of Africa

IA Information Assurance

ICC Integrated Command and Control

ICECAP International Security Assistance Force Command, Control,

Communications and Computers Enabled Capability

ICP Integrated Capabilities Plan

IdM Identity Management

IEG Information Exchange Gateway

IETV Interoperability Experimentation and Validation Capability

IIAP International Information Assurance Program

IJC HQ @ KAIA ISAF Joint Command Headquarters at Kabul International Airport

IOC Initial Operating Capability

IP Internet Protocol

IRC Internet Relay Chat

ISAF International Security Assistance Force

ISAF-Secret ISAF Mission Secret

IS ISAF Mission Secret

ISIP Information Sharing Implementation Plan

iSMART Interoperable Systems Management and Requirements Transformation Process

ISSC Information Services Subcommittee

IST Information Systems Technology

IT Information Technology

IVSN Initial Voice Switched Network

JADOCS Joint Automated Deep Operations Coordination System

JCCC Joint Command and Control Center

JCHAT Joint CHAT

JCTD Joint Capability Technology Demonstrations

JISR Joint Intelligence Surveillance and Reconnaissance

JITC Joint Interoperability Test Command

JNCC Joint Network Operations Control Center

JREAP Joint Range Extension Applications Protocol

JS Joint Staff

JTEN Joint Training and Experimentation Network (US Joint Forces

Command)

JTS Joint Training System

JTT Joint Tactical Terminal

JUICE Joint User Interoperability Communications Exercise

KAF Kandahar Airfield

MAJIIC Multi-sensor Aerospace-ground Joint ISR Interoperability

Coalition

MCFI Multinational Coalition Forces Iraq

Mil-OSS Military Open Source Software Working Group

MILSTD Military Standard

MIP Multinational Interoperability Program

MLEC Multi-Lateral Enduring Contingency

MNIS Multi-National Information Sharing

MOD Ministry of Defense

MOU Memorandum of Understanding

MSC Multi Service SOA Consortium

MTF Message Text Format

NATO North Atlantic Treaty Organization

NC3A NATO Consultation, Command and Control Agency

NC3B NATO Consultation, Command and Control Board

NCES Net Centric Enterprise Services

NetOps Network Operations

NGCS NATO General Purpose Segment Communication System

NCI NATO Communications Infrastructure

NCSA NATO CIS Services Agency

NDSIG NATO Data Strategy Implementation Guidance

NEC Network Enabled Capabilities

NGO Non-governmental Organization

NHQC3 NATO Headquarters C3 Staff

NII (NATO) Networking and Information Infrastructure

NIP Network Integration Points

NMC NATO Military Committee

NMRR NATO Metadata Registry and Repository

NNEC NATO Network Enabled Capabilities

NRF NATO Response Force

NIRIS Networked Interoperable Real-time Information Services

NS NATO Secret

NSA NATO Standardization Agency

NSRAG NATO Security Risk Assessment Group

NSWAN NATO Secret WAN

NSWCDL Naval Surface Warfare Center Dahlgren Laboratory

NTDES NATO Tactical Data Enterprise Services

NW NATO WAN

O&M Operations & Maintenance

OAN Operational Area Network

OANT Online Analyzer for Network TDLs

OASD (NII) Office of the Assistant Secretary for Defense for Networks &
Information Integration

OIF Operation Iraqi Freedom

OMLT Operational Mentor and Liaison Team

ONIR Overhead Non-Imaging Infrared

OSD Office of the Secretary of Defense

OTG OTH Targeting Gold

OTH Over the Horizon

PASS Publish and Subscribe System

PKI Public Key Infrastructure

PLI Physical Location Information

PMBC Program Manager Battle Command

POC Point of Contact

PoP Point of Presence

PRT Provincial Reconstruction Team

PSR Project Submission Requirement

QoS Quality of Service

RC Regional Command

RC(S) Regional Command South

RTO Research and Technology Organization

SATCOM Satellite Communications

SMC Service Management Control

SFCE Steadfast Cathode

SHAPE Supreme Headquarters Allied Powers Europe

SMTP Simple Mail Transfer Protocol

SOA Service Oriented Architecture

SOAP Simple Object Access Protocol

STANAG Standardization Agreement

TBMCS Theatre Battle Management Core Systems

TDES Tactical Data Enterprise Services

TDL Tactical Data Link

TDLITS Tactical Data Link Interoperability Testing Syndicate

T&E Testing and Evaluation

TEM Technical Exchange Meeting

TIES TITO Information Exchange Service

TITO TDL-in, TDL-out

TISC Transnational Information Sharing Coalition

TF Task Force

TNC Theater NETOPS Center

TS3 Time Sensitive Support System

TTP Tactics, Techniques, and Procedures

UC&C Unified Command & Control

UNIS U.S. – NATO Information Sharing

USCENTCOM United States Central Command

USDC3FO United States Defense C3 Field Office

USEUCOM United States European Command

USJFCOM United States Joint Forces Command

USPACOM United States Pacific Command

USSOUTHCOM United States Southern Command

VMF Variable Message Format

VoSIP Voice Over Secure Internet Protocol

VPN Virtual Private Network

VTC Video Teleconferencing

WAN Wide Area Network

XML Extensible Markup Language

XMPP Extensible Messaging and Presence Protocol

xTDL XML Tool Definition Language