CURRENT ISSUE:
Volume 16, Issue 4

Digital Edition

PDF Edition

DISA Contracts Guide PDF

For Email Newsletters you can trust


KMI MEDIA GROUP
WEBSITES

SUBSCRIPTION SERVICES

 

 

Automatic Networking

Attention: open in a new window. PDFPrintE-mail



WIN-T deployment highlights need for management tools that help with network audit, change, configuration and compliance.

by Peter A. Buxbaum

 
Today’s precision munitions are able to destroy targets with pinpoint accuracy. This capability has been developed, not only at the level of the weapons systems, but also on the networks and network applications that are instrumental in sifting through intelligence, acquiring targets and transmitting their locations in a timely fashion to warfighters.

Successful completion of this process requires collaboration of a diverse set of personnel and systems. It is the network that ties all of this together. The theory of network-centric warfare suggests that the connectivity of communications across a network enhances command and control and situational awareness. This connectivity operates on many levels from the highest strategic to the lowest tactical level.

To ensure the reliability of networks, military organizations are finding that it is increasingly necessary to automate the management of their networks to the greatest degree possible. Network change and configuration management include many elements. It can mean ensuring software loaded on the system and hardware plugged into it adhere to rules and policies. It can also mean provisioning bandwidth when and where it is needed and modifying quality of service rules to suit particular situations.

Networks must often be managed and configured on the battlefield itself. A network may have been configured for a field headquarters when a senior officer suddenly and unexpectedly shows up. The infrastructure must be prepared to respond to the needs of that senior officer immediately.

“You can’t take three hours to configure the network to meet his demands,” said Glen Tindal, chief technology officer at Intelliden, a provider of network change and configuration management solutions. “It’s got to be done in five minutes or less, and you must be able to point and click to provide the requirement.

“Network automation software includes a series of capabilities to provision, configure, manage and automate the networking infrastructure via an integrated system,” Tindal explained. “Much of the activity takes place behind the scenes. The user interacts with the system over a personal computer with a point-and-click interface.”

“Organizations make a slew of changes to their network on a regular basis,” added Greg O’Connell, vice president for federal operations at Netcordia, a software company. “These included adding devices and components to the network and making other changes, which can impact network performance. Network administrators need to be able to track these changes and to assess the impact of these changes on the performance of the overall network before making the changes.”

QUALITY OF SERVICE

Automated network management includes other dimensions besides network change and configuration, according to O’Connell. These include the audit and analysis of networks. “We can identify network configuration problems based on a template of how the network is supposed to be configured,” he explained, “and automate the change to bring the network into compliance.”

Network automation software typically includes several features valuable in managing a network. One such feature allows the network to automatically reconfigure itself to changes in the operating system. Another feature allows for network remediation when the software detects an exposure. Network automation software can also act like a cop on the beat, enforcing network policies regarding physical interfaces with hardware and detecting undesirable events.

“These can include detection of someone operating on the network who is doing something out of policy,” said O’Connell. “It can also be designed for compliance support for configuration management controls under FISMA [Federal Information Systems Management Act.]”

Perhaps most important at the tactical level is the modification and reconfiguration of networks by adjusting quality of service parameters and modifying security policies to meet specific situations. Quality of service criteria govern the priority given to particular communications streams, such as voice, data and video, over the network.

Adjusting these priorities to meet exigent needs allows the preferred mode of communication first access to the network. Another major company in the field is HP, which provides software that tracks, regulates and automates configuration and software changes across globally distributed, multivendor networks. The current version, HP Network Automation 7, introduces processpowered automation. When combined with HP Operations Orchestration software, it takes workflow automation to a new level, letting users automate IT workflows beyond traditional network change and configuration management.

WIN-T DEPLOYMENT

Today’s land forces are being called upon to field forces in a variety of different scenarios and geographies, and the Army is challenged to provide ready bandwidth for those forces wherever they may be and whenever they need it. This is the current vision for the Warfighter Information Network-Tactical (WIN-T), the Army’s “tactical intranet.” Netcordia is currently providing the network automation software for WIN-T. The company recently secured a new contract to continue providing technology to WIN-T under a contract with General Dynamics, the WIN-T systems integrator.

Netcordia’s proactive network health assessment tool, called NetMRI, was originally selected in 2005 as part of development of the Joint Network Node-Network (JNN-N). JNN-N, which was initiated to provide interim tactical connectivity to warfighters in Iraq and Afghanistan until further WIN-T capabilities became available, has since been incorporated into WIN-T as Increment 1.

With Increment 1 already up and running, WIN-T is already providing a communications and information infrastructure to U.S. forces in Iraq and Afghanistan. Over 100 NetMRI units have been successfully fielded within WIN-T Increment 1, with dozens of additional units staged for future deployments.

Future WIN-T increments are planned to test and deploy on-the-move network communications capabilities to Future Combat Systems vehicles and to enhance the communications throughput available by exploiting the capabilities of the Wideband Global System of satellites, and eventually the Transformational Satellite (TSAT) constellation, when that system becomes available.

“Netcordia was selected for Increment 1 initially to provide network health assessments at the division level, then to expeditionary signal brigades,” said O’Connell. “There are a lot of details behind ad hoc mobile networking requirements. There are a lot of rapid breakdowns and redeployments of network configurations in a challenging environment involving rapid response and the allocation of network resources on the battlefield.”

NetMRI is a Linux-based software appliance that consists of algorithms embodying more than 200 business rules that are used to assess the network. Netcordia’s NetMRI solution’s primary function is to address authorized and unauthorized network changes. It provides an automated analysis of the network through a system-generated scorecard, which depicts the impact of changes, whether they are occurring real-time or set to impact later performance.

NetMRI is fully automated, which reduces manual intervention into network operations and can be completely functional within 30 minutes of deployment. “NetMRI augments the network staff,” O’Connell said. “Automation helps proactively protect the network. Any one event may not have a great impact, but two or more events occurring at the same time could be catastrophic. We have incorporated these potential ‘gotchas’ on the network based on a holistic view that our engine processes through business rules.”

Built-in intelligence and expert analysis helps an organization automatically meet compliance requirements and detect policy violations, providing proactive alert notifications to the network management team, as well as a solution to fix the problem. Through round-the-clock network scanning, NetMRI proactively detects performance, configuration changes and policy anomalies in real time compared against government best practices. “The Army selected NetMRI among other competing tools for one reason. They liked us for what they called the usability factor,” said O’Connell.

“When you are pushing a large volume of IP-based communications across a network, we are able to collect millions of data points from devices on the network for voice as well as data, and we drive all of those data points through a series of business rules,” O’Connell continued. “That is our secret sauce. The 200- plus business rules designed into the NetMRI appliance generates a scorecard on the health of the network. This is achievable within 30 minutes of deploying the NetMRI device.”

When it comes to the ad hoc mobile networks typical of battlefield conditions, Net- MRI also has the ability to help identifying issues by comparing the network with a network baseline configuration when reconstituted. “The automated best practices include an environmental analysis,” said O’Connell. “This can include the voltage available to network devices as well as temperature control for equipment cooling. These environmental factors come into play when WIN-T is set up in a desert environment.”

Other automated best practices embedded in NetMRI include quality of service rules, performance of local area and wide area network interfaces, device location and tracking, interface and device performance, and tools for network analysis and compliance.

KEEPING SCORE

The scorecard format, which is the output delivered by the NetMRI appliance, reflects network performance as it correlates back to the embedded business rules. “The scorecard is highly configurable because no two networks are the same,” O’Connell said. “A carrier grade environment is not applicable to the tactical battlefield. Each organization can configure the scorecard accordingly, to highlight and focus in on uses more relevant to the environment in which it is operating.”

The NetMRI scorecard measures a number of different variables included in two key components: stability and correctness. The stability component is the more proactive of the two. This includes factors such as ensuring that proper policies are in place that could avert problems before they occur. Correctness measures network operations and the deployment of components and devices against those established policies.

“Each component contains several subcomponents,” said O’Connell. “Users are able to drill down on each of those topics.” At this point, the network automaton services provided to WIN-T help configure networks for communications at the halt, located in a command shelter. “Over the long term, as WIN-T capabilities move along and are deployed at the brigade level to Strykers and humvees, we will also be supporting communications on the move,” said O’Connell.

Netcordia has also been deployed as a standard across all 20 Army divisions, including eight Army National Guard units. The National Security Agency and the Coast Guard also use Netcordia. “We tend to play in two different environments,” said O’Connell. “We have customers that do ad hoc networking, and there are those that operate in a more static environment. WIN-T is the quintessential ad hoc application, in which the network baseline is constantly changing.”

Looking to the future, WIN-T will be providing broadband capacity to the tactical battlefield through the TSAT constellation, once it is deployed beginning around 2014. The TSAT Mission Operations System (TMOS) is expected to provide the network for secure, high-bandwidth connectivity to warfighters across the globe. Lockheed Martin was awarded a $2 billion contract to develop TMOS in 2006.

TMOS will also be deploying network management automation software as part of its architecture, according to Intelliden’s Tindal. “TSAT will be providing warfighters with greater network transmission speeds than in the past,” he said. “TMOS will be generating a unique set of requirements way out of the norm of terrestrial networks. TMOS will require automation to ensure that the satellites will be able to maximize coverage of the battlespace.”

COMMON INTERFACE

TSAT and TMOS illustrate the increasing complexity of network operations, requiring more automated management solutions. “We find that customers across the military, government and industry want more intelligence on their network operations,” said Tindal. “They want a single common interface to the network with a wide variety of features and functions, and a broad application for network reconciliation and remediation, service provisioning and appliance management. They want to be able to derive as much benefit from their infrastructure as possible and automate as much as possible with the fewest touch points into the network.”

The ease of use of today’s network management automation solutions means that users can themselves generate and execute network audits and changes in configuration. This is especially important for systems like WIN-T, Tindal noted, because “you don’t want to have to deploy soldiers to the field who are experts in command syntax and other aspects of the software. They want to be able to point and click and make it all happen quickly.

“It’s all about command and control,” Tindal concluded. “In a network-centric environment, response to infrastructure needs is of paramount importance. Organizations want and need to do this quickly and reliably, and that is what it is all about.” ♦

 

Upcoming Industry Events

What's New

DISA CONTRACTS GUIDE 2011

DISA Contracts Guide 2011

Click Here to Download