The Defense Department's move to Internet Protocol convergence has been well underway for several years, spurred, in part, by technologies that removed barriers to riding unified communication services over a common IP platform.
Advances in silicon and transport technologies have basically eroded barriers that hampered IP hardware from being a ubiquitous platform upon which packet-based services meeting the needs of any mission or application could run, said William Lemons, director of federal systems engineering at Juniper Networks. Now the promise of using one common platform upon which to deliver unified communications services exists, he said.
As a result, the DoD is pushing forward with efforts to implement unified capabilities to DoD components by fiscal 2016. Also described as the DoD's move to everything over IP, UC includes a broad set of voice-, video- and data-sharing capabilities that promise to foster joint collaboration among the military services, combatant commands and defense agencies.
These IP-based solutions will enable DoD users to better collaborate via instant messaging, chat and Web-based conferencing, among other applications, according to officials with the Defense Information Systems Agency (DISA), the preferred DoD UC transport provider for Internet and commercial satellite connections used for voice, video and/or data services.
The most complex networks in the world
However, the most complex networks in the world are those that support the DoD in its global missions. Moving to the next-generation network that will allow for a more collaborative environment across the DoD enterprise will require the deployment of a more agile, open and self-programmable network infrastructure, according to industry experts working with DoD agencies.
Prompted by the widespread adoption of mobile devices and rise in Internet-enabled applications, commercial businesses were the first to make the transition to everything over IP. DoD and federal agencies have unique use cases, however, that required purpose-built systems that provide predictable and reliable services, such as asynchronous transfer mode technology for caustic, big-rate traffic or circuit-prioritization technology to give the DoD the ability to override circuits to deliver high-priority, mission-critical traffic, Lemons said.
The challenge is how to move legacy-based systems to an IP-enabled environment in a cost-effective way. Some technologies help to bridge that gap. For instance, circuit emulation services over IP allow legacy transport traffic to be provisioned over the top of an IP services layer, Lemons said.
"It is going to take a lot of money to modernize the DoD network infrastructure," said Anthony Robbins, vice president of federal with Brocade. "So modernization of those networks has got to get at a few things that drive down costs," he said.
Robbins recommended four initiatives that are consistent with DoD's strategy to transition to everything over IP. They include:
- Simplify the network. Currently, most government networks are too complex.
- Move to open standards. Part of the complexity in current networks is the result of a vast array of proprietary systems and protocols from various vendors.
- Move to a more software-defined network that is based more on automation and self-provisioning.
- Adopt alternative acquisition strategies such as network-as-a service.
Today's DoD network is hardware-centric and relies a lot on people; the network of tomorrow will be software-centric and rely less on people interaction, Robbins said. The No. 1 cost of the DoD network today is people or labor costs, and the major source of issues on the network are people. So the IP-enabled network of the future has to take into account how automation, capability, capacity, provisioning and security can be built into the software. "That is where savings will come relative to the network of the future," Robbins said.
Network function virtualization will play a major role in the future, he noted. NFV is a network architecture concept that proposes using IT virtualization-related technologies to virtualize entire classes of network node functions into building blocks that may be connected, or chained, to create communication services.
The latest advances in security technologies also allow organizations to operate and manage highly sensitive communications and data over the same IP network as less sensitive communications and data via techniques such as secure communities of interest, said Nicholas Evans, vice president and general manager of applied innovations at Unisys. These techniques effectively hide the communications and data so they are only visible to those in the specific community.
"From a DoD perspective, moving everything to IP enables them to shrink the attack surface by removing many of the legacy system dependencies and focus resources on protecting more consolidated information architecture," Evans said.
DoD Enterprise Classified Travel Kit Gateway
For its part, the DoD continues to roll out IP-based technology that extends across the enterprise. For instance, The DoD Enterprise Classified Travel Kit Gateway (DECTK-GW) provides DoD users with a portable, classified voice, video and data reach-back capability through any Internet connection anywhere in the world.
Initially available as a specialized service to select users, DECTK-GW is now operationally ready and available to users DoD-wide. They can make classified voice calls through DISA's Enterprise Classified Voice over Internet Protocol service and access the Secret IP Router Network (SIPRNet) through any Internet connection.
An authorized person can use the kit by connecting to the Defense Enterprise Computing Center-hosted DECTK infrastructure through a hard connection to any Ethernet port, the built-in wireless broadband router, or a USB modem air card. Then, the user is required to authenticate using a Crypto Ignition Key and a username/password for voice or SIPRNet hard token for data.
There are two kits currently approved to operate with DECTK-GW: the Executive Voice Kit, an 18-pound kit that allows users to make classified calls or access the SIPRNet, and the Executive Communications Kit, a 12-pound kit that allows for concurrent classified voice and data use.
A third kit, the Secure Flyaway Kit, is currently undergoing testing and is expected to be available by the fourth quarter of fiscal year 2015. The 19-pound SFK permits concurrent voice, video and data use and enables access to multiple classified and unclassified domains.
All three kits use High Assurance Internet Protocol Encryptor devices to provide defense-in-depth protection to the Defense Information Systems Network and the kit itself.
