Net Centric Enterprise Systems

1
Net Centric Enterprise Systems

• Dr. Mark A. Archer
• May 12, 2003

2
RD Experience

• Extensive experience developing systems to meet
  COCOM Requirements.
• System Requirements Assessment, Design,
  Development, Testing and Accreditation
• Exercise Support and Field testing
• Operational Deployment and Support
• Flexible, Fast-paced, Iterative Development Cycle
• Integration and extension of COTS components
• Experienced in net-centric and web services
  focused development
• Experienced in spiral development and
  incremental field delivery
• Deep understanding of COCOM and Theatre
  Requirements

3
Net Centric Enterprise Systems (NCES)

• Key Features According to DoD
• Broadband reach-back
• Service Based
• Task Post Process Use (TPPU) make raw data
  immediately via standard interface
• Uncertainties
• What the core enterprise services are
• Overall architecture

4
NCES Limitations

• Centralized vs. distributed services
• Big Metal approach has shown little ROI
  (Especially in the gvt.). Takes a long time and
  is expensive to re-engineer legacy systems
• Small, distributed wrappers that post data
  from legacy systems has shown much better ROI.
• Metadata management
• Access Control Need for Role based Access
  Control
• Limited Bandwidth at the edge

5
Net Centric System Development

• Current Systems - Baseline Reference
  Implementation- Service Engine
• Field Operational with ATO
• Process of Code and Design Reuse well understood
  and characterized
• Core components COTS
• FY 04 Reference Implementation Effort
• Designed for maximum re-use
• Optimised as design pattern for accessing legacy
  applications via standard Net Centric data
  services
• Potential for low cost integration of legacy
  applications into a Net Centric environment

6
Transitioning RD toReal World Operations

• Network Traffic Analysis System (NTAS)
  LocalView/TheaterView - Real Time Performance
  based Network Management for USFK, PACOM, SOCOM
• RemoteView One stop shopping for voice and data
  network performance reports for the entire
  CENTCOM AOR
• NETWARS Interfaces Communications Planning and
  Assessments for COCOMS (JFCOM, JCSE, NORTHCOM,
  PACOM, USFK), the Services, and Major DoD
  Programs (JNMS, TCA, JTRS)

7
Network Traffic Analysis System

• Designed from the ground up as a distributed Net
  Centric data collection system. Currently
  operational with ATO.
• Set of infrastructure services including a
  standard database, web access, web services, and
  internal APIs
• Integrated from COTS components and standard
  libraries
• Secure Remote Management (SSH)

• Collector Agents
• C or Perl Modules that collect data from
  Network Elements (using SNMP, RMON2, NetFlow) or
  Flat Files (NetFlow Collector)
• Separate programs posting data to NTAS
  infrastructures

• Database
• Re-usable Procedure Library for data moderating

• Data Posting
• Secure SOAP/XML interface for exporting data to
  other systems
• SSL enabled Java Applets viewable from Standard
  Web Browsers

User Appli- cation
Remote Management
Network Elements
8
NTAS LocalView TheaterView
GCCS-K
Status Pulls

• Real-time performance monitoring
• Based on USFK Requirements
• Distributed Net-Centric data collection

9
Sample NTAS Capabilities
10
NTAS System Architecture
Netflow, SNMP
SOAP, SSL
SNMP
SNMP
SOAP, SSL
HTTP, HTTPs, SOAP, SSL
HTTP, HTTPs, SOAP, SSL
Netflow, SNMP
Netflow, SNMP
11
Recent Warfighter Support

• USCENTCOM
• Operation Iraqi Freedom theater instrumentation
• Theater network visualization (RemoteView)
• USSOCOM
• Collecting Configuration, Performance and Traffic
  information on critical SIPRNET and SCAMPI
  circuits for HQSOCOM and SOCCENT
• USPACOM
• SOCPAC traffic collection and analytical support
  for mission circuits
• Provided TCCC real-time traffic monitoring
  capability of operational theater ITSDN/Teleport
  circuit
• CFC/USFK
• Supported exercises RSOI and UFL
• Provided NTAS real-time network performance
  monitoring for MARFORPAC and all GCCS-K circuits

12
Customer Testimonials

• USCENTCOM
• For the first time detailed theater-wide
  performance information is available to
  communicators across Southwest Asia, from my
  headquarters to the TCCC forward and the
  component commands in the Persian Gulf. This
  capability is being used daily to solve problems
  in the field and keep senior communicators
  informed. The TIS team has made a major
  contribution to Operation Enduring Freedom and
  the War Against Terrorism.  DENNIS C.
  MORAN Brigadier General, US
  Army Director of Command and
  Control Communications and Computer
  Systems United States Central Command
• SOCCENT the support we got and continue to
  receive from your folks at DISA/TIS office is
  outstanding. We used the network performance
  analysis charts extensively. We were proactive
  and able to anticipate network problems during
  the entire conflict. This technology and
  support is worth enhancing to support future
  conflicts and other communication services.
  SOCCENT J6 LTC Santiago in e-mail to MG
  Bryan
• SOCPACThis is a great tool and exactly what we
  need to manage our critical circuits. The
  greatest thing since sliced bread Timothy
  A. Manning, Lt Col, USAF SOCPAC / J6

13
Customer Testimonials (Ctd)

• CFC/UCFKThe results using LocalView were
  extremely beneficial.  Of note, it allowed us to
  go back to the component participants, before we
  even completed the exercise, and clearly show
  them, with real time system telemetry, how their
  limited exercise circuits were killing us with
  chokepoints.  As a result, we are now able to
  specify minimal bandwidth requirements that the
  components must meet for future exercises and
  operations. Colonel David A.
  Adams USFK J6 Assistant Chief of
  Staff, C4 Systems It LocalView is
  enhancing our situational awareness accuracy and
  timeliness as well as influencing our situational
  understanding and ability to appropriately
  leverage KIG (TIG) resources also facilitating
  our obligation to accurately advise the
  warfighter on the KIG's ability to support
  operations. COL Theodore M Mayer
  Chief, J6 Operations United States
  Forces Korea
• MARFORPAC Thanks to everyone that supported us
  over in Korea! NTAS was a hit at the 3-star
  level. LtGen Gregson loved it! I must get it into
  our architecture permanently now. 
• This system is GREAT STUFF!!! Would like to see
  it replace HP OPENVIEW as the network manager in
  JNMS.
• Maj Eric L. Litchfield, USMC USMARFO
  RPAC

14
The Future of the Web

• Massively distributed data sources
• Convergence voice, video, data, www over IP
• Every electronic device providing data web
  services
• Security
• Strong certification (e.g. PKI w/biometrics)
• Encrypted data lots more VPNs, etc
• Break up of applications and systems
• Separate data source from applications w/ TPPU
• Capability Packages different for each Community
  of Interest (COI)

15
RISE Development

• Reference Implementation Service Engine (RISE) by
  is being developed for the Defense Information
  Systems Agency based on Dr. Archers concept and
  architecture
• Exemplar of Net Centric Service Engine
• Distributed, secure, remotely manageable
• Generic wrapper for legacy systems
• Designed to reduce the cost/time for integrating
  legacy systems into NCES, i.e. making their data
  available as service
• Maximize code re-use, isolate application
  specific business logic into standard data
  element package
• Core system accredited and available in a take
  away reference system implementation.

16
RISE Requirements

• Monitor its own performance
•  Provide a simple html web interface for viewing
  its data. These should include Top level
  traffic light chart (a la NTAS Circuit status and
  24 hour service status), and detailed performance
  views of specific servers.
•  Web based configuration
•  Secure remote management, troubleshooting and
  upgrades/patches.
•   Provide data subscription services

17
RISE Data Sources

• Direct queries/ subscriptions to existing
  interfaces on other systems (e.g. SNMP)
• Putting wrappers around existing agents on host
  servers or clients to
• Parse the data into standard format (e.g. XML)
• Provide data subscription service

18
Collection Agent Requirements

• Directly query existing agents that have known
  API via a standard network protocol (e.g. SNMP,
  Web Services) to include
• SNMP based performance queries for local systems
  with existing SNMP agents
• DCTS specific COTS agent(s) if already in use
  by the DCTS Program office
• Generic SNMP 3 compliant agent that runs local on
  a server, and provides secure data transmission
  (via a commonly open port) to an authorized
  subscribers.
• Provide host/client wrappers for existing agents
  to provide secure subscriber interfaces via JXTA
  and Web Services protocols to include
• SNMP Proxy agent that provides secure interface
  to existing SNMP
• Secure wrapper for existing collector agents
  (e.g. Nagios Plugins, Big Brother Clients)

19
RISE Architecture
Recipients
Peering Content Directory
Target Host
RISE
Existing SNMP Agent
SNMP Query Module
SNMP Data Type
JXTA
Iniator
Subscription Mgr
Oracle 9i
Data Aggregator
SNMP3 Query Module
SNMP 3 Data Type
Responder
MetaData Mgr
JXTA
SNMP Data Type
Query Mgr
SOAP
COTS Specific Data Type
Apache
Presentation Mgr
Plugin Data Type
XSLT
Red Hat 9.0
Web Client
20
RISE Peering Architecture
JXTA Peer Cloud
Peering Content Directory
Data Type Provider
Peering Content Directory
Aggregator
COI Application
RISE
Web Client
Collector Agent
21
Summary

• Experienced at inserting state-of-the-art
  technology to meet real world operational
  requirements.
• Skilled at applying Net Centric principles to
  complex integration problems

22
(No Transcript)