Скачать презентацию Developments in the NII — communication services December Скачать презентацию Developments in the NII — communication services December

09e3c0e84f83aab36527fd1cc4a726a5.ppt

  • Количество слайдов: 36

Developments in the NII - communication services December , 2009 UNIS - TEM Dec Developments in the NII - communication services December , 2009 UNIS - TEM Dec 2009 Rob van Engelshoven Rob. van. [email protected] 3 a. nato. int NATO UNCLASSIFIED

Overview ● NCI Architecture • DCIS TA, NGCS TA, ISAF ● NCI subsystems • Overview ● NCI Architecture • DCIS TA, NGCS TA, ISAF ● NCI subsystems • Voice service, Protected Core, Qo. S, SLM ● DCIS, Satellite and ground systems ● Federation ● Recommendations NATO UNCLASSIFIED 2

Overview ● NCI Architecture • DCIS TA, NGCS TA, ISAF ● NCI subsystems • Overview ● NCI Architecture • DCIS TA, NGCS TA, ISAF ● NCI subsystems • Voice service, Protected Core, Qo. S, SLM ● DCIS, Satellite and ground systems ● Federation ● Recommendations NATO UNCLASSIFIED 3

Aspects of the new NCI architecture ● ● ● ● Service catalogue Converged IP Aspects of the new NCI architecture ● ● ● ● Service catalogue Converged IP network IPv 4/6 Qo. S control architecture Move to a Protected Core (Pcore) MPLS in the NATO Pcore Service Level Management Architectures : NCRA Ed 1 and SGRA Ed 2 NATO UNCLASSIFIED 4

Operations & CIS infrastructure NATO Business processes (OAA) SLA Networking and Information Infrastructure (NII) Operations & CIS infrastructure NATO Business processes (OAA) SLA Networking and Information Infrastructure (NII) NATO UNCLASSIFIED 5

NII in the NNEC CIS stack (subset DOTMPLFI) Users & Missions Information Integration Service NII in the NNEC CIS stack (subset DOTMPLFI) Users & Missions Information Integration Service Management Control Information Assurance Community of Interest Communications NATO UNCLASSIFIED 6

Service Catalogue (2010) - main services ● Customer facing services : • (secure) voice Service Catalogue (2010) - main services ● Customer facing services : • (secure) voice • Audio conference • (secure) VTC • Telefax • Service Desk • IP-data service • Circuit emulation (TDM over IP) • L 2 point-to-point • WAN access for user domain • Wired Pcore interconnect • Satcom OTA Pcore interconnect • Radio OTA Pcore interconnect NATO UNCLASSIFIED 7

NCI architecture ● Core : transport system - Protected Core Network (PCN) ● Access NCI architecture ● Core : transport system - Protected Core Network (PCN) ● Access to the Core ● Eo. IP & Circuit emulation subsystem ● Qo. S control system ● Service Level Management ● (Secure) voice/VTC system ● Secure IP subsystem ● NU/NR IP subsystem ● User system access ● Other subsystems…. See NGCS TA ● DCIS ● SATCOM NATO UNCLASSIFIED 9

Relationship between Ref. Architectures NATO UNCLASSIFIED 10 Relationship between Ref. Architectures NATO UNCLASSIFIED 10

NATO Communication Infrastructure NATO UNCLASSIFIED 11 NATO Communication Infrastructure NATO UNCLASSIFIED 11

NATO Communication Infrastructure NATO UNCLASSIFIED 12 NATO Communication Infrastructure NATO UNCLASSIFIED 12

Intra Nodal Perspective NATO UNCLASSIFIED 13 Intra Nodal Perspective NATO UNCLASSIFIED 13

Overview ● NCI Architecture • DCIS TA, NGCS TA, ISAF ● NCI subsystems • Overview ● NCI Architecture • DCIS TA, NGCS TA, ISAF ● NCI subsystems • Voice service, Protected Core, Qo. S, SLM ● DCIS, Satellite and ground systems ● Federation ● Recommendations NATO UNCLASSIFIED 14

The Protected Core Segment ● Protected Core segments can be federated to form a The Protected Core Segment ● Protected Core segments can be federated to form a Protected Core (Pcore) ● Reference to PCN briefings NATO UNCLASSIFIED 15

NCI : Interconnection of security domains Protected Core Network IP Qo. S : • NCI : Interconnection of security domains Protected Core Network IP Qo. S : • Real-time data • Near-real time data • Interactive • Bulk transfer • Best Effort • Critical system data Network Protocol Discontinuity NATO UNCLASSIFIED 16

High availability WAN NATO UNCLASSIFIED 17 High availability WAN NATO UNCLASSIFIED 17

NATO’s Satcom Protected Core Segment (PCS – terminals view) NATO UNCLASSIFIED 18 NATO’s Satcom Protected Core Segment (PCS – terminals view) NATO UNCLASSIFIED 18

NATO’s Satcom Protected Core Segment (PCS – router view) NATO UNCLASSIFIED 19 NATO’s Satcom Protected Core Segment (PCS – router view) NATO UNCLASSIFIED 19

Protected Core Node LP : Link Protection NATO UNCLASSIFIED 20 Protected Core Node LP : Link Protection NATO UNCLASSIFIED 20

Interface with nations NATO UNCLASSIFIED 35 Interface with nations NATO UNCLASSIFIED 35

Key Service Interoperability Points NATO UNCLASSIFIED 36 Key Service Interoperability Points NATO UNCLASSIFIED 36

PNG 1 - Scenario 1 (2010) NATO UNCLASSIFIED 37 PNG 1 - Scenario 1 (2010) NATO UNCLASSIFIED 37

Service Management scenario 1 (2010) NATO UNCLASSIFIED 38 Service Management scenario 1 (2010) NATO UNCLASSIFIED 38

SATCOM NATO UNCLASSIFIED 47 SATCOM NATO UNCLASSIFIED 47

Deployable CIS (DCIS) ● Based on NCI networking principles • Service catalogue • Qo. Deployable CIS (DCIS) ● Based on NCI networking principles • Service catalogue • Qo. S control architecture • Service level management (central - stand-alone) ● Transportable - 5 days notice to move ● Configuration templates ● BC protected ● In support of NATO NRF (DJSE concept) • Large and very small nodes (ORLT) ● SATCOM reach back and in-theatre connectivity • Tier 1, Tier 2, Tier 3 and Tier 4; NATO UNCLASSIFIED 48

Interface roadmap opportunity NATO UNCLASSIFIED 49 Interface roadmap opportunity NATO UNCLASSIFIED 49

Guidance to nations ● Interfaces • SIOP 1, 2, 3, 4, 5 ● Service Guidance to nations ● Interfaces • SIOP 1, 2, 3, 4, 5 ● Service catalogue • Definitions, KPI, KQI ● Service Performance targets • Reference circuits ● Management requirements • B-2 -B interface, Content, definitions ● Trust relationships • Protected Core Network (PCN) ● Policies and Concept of employment (Conemp) • Cost share, process ● Roadmap NATO UNCLASSIFIED 50

Conclusions • Service Oriented Approach • service definitions • Service delivery Points • Service Conclusions • Service Oriented Approach • service definitions • Service delivery Points • Service Level Agreements • Service Level Management • Slow migration to IP-convergence • Limited support in IP-crypto - NINE ISPEC 2 • Limited NATO SLM • Limited Qo. S control • Push uniform & automated control • Qo. S enabled IP • SLM - SLA • MPLS NATO UNCLASSIFIED 51

Conclusions (cont'd) • Required developments • Cross security domain management • Guidance Package for Conclusions (cont'd) • Required developments • Cross security domain management • Guidance Package for nations about federation of communications ● Essential to build a trust relationship NATO UNCLASSIFIED 52

Roadmap NA TO NATO UNCLASSIFIED 53 Roadmap NA TO NATO UNCLASSIFIED 53

Questions? NATO UNCLASSIFIED 54 Questions? NATO UNCLASSIFIED 54

Back-up slides NATO UNCLASSIFIED 55 Back-up slides NATO UNCLASSIFIED 55

PNG 1 - scenario 2 NATO UNCLASSIFIED 56 PNG 1 - scenario 2 NATO UNCLASSIFIED 56

PNG 1 - scenario 3 NATO UNCLASSIFIED 57 PNG 1 - scenario 3 NATO UNCLASSIFIED 57

SIOP 1, SIOP 2 ● ● ● 1000 BASE-SX ethernet L 2 802. 1 SIOP 1, SIOP 2 ● ● ● 1000 BASE-SX ethernet L 2 802. 1 Q (VLAN) L 2 802. 1 X • PKI authority • Certificate based authentication • 802. 1 X port based auth. (EAP-TLS) ● Management • SLA template • SLA management (KPIs) • Performance/fault reporting per VPN • Policing/shaping NATO UNCLASSIFIED 58

SIOP 5 ● IPv 4 address harmonization ● 802. 1 X may avoid the SIOP 5 ● IPv 4 address harmonization ● 802. 1 X may avoid the BPD, to be verified NATO UNCLASSIFIED 59