MG John Morrison has been the commanding general of the Network Enterprise Technology Command (NETCOM) since April 2014. Prior to that he spent two years as CG of the 7th Signal Command (Theater). Responsible for operating and defending the Army's networks, the Fort Huachuca, Arizona-based command is deeply involved in network modernization efforts with both the Defense Information Systems Agency and the Air Force, and is playing a key role in establishment of a joint global network.

Morrison spoke with C4ISR & Networks Editor Barry Rosenberg about network modernization, standardization and visibility, Joint Regional Security Stacks operation and the hack at the Office of Personnel Management.

C4ISRNET: With support of the war fighter a given, what's at the top of your to-do list?

MG JOHN MORRISON: [Besides] operational support, which is always job one, the other thing we are working on is network modernization, though it is really more than that. It is network modernization and standardizing our technical, operational capabilities and procedures across the entire Army network.

C4ISRNET: So how would you characterize the status of the network now in regard to standardization?

MORRISON: If you look at the history of the Army network, it is only over the last few years that we've worked toward an enterprise approach, and [begun] pushing an Army global network. What you had in the past were individual stovepiped networks that were plugged together at the top. Each one of those stovepipes grew up differently, were built differently, and some of the operations, maintenance and defense capabilities were implemented differently.

Until you break down those stovepipes, it is very hard in an interconnected world to operate, maintain and defend globally. So the standardization piece is absolutely critical — it is not just about standardizing tool sets or technical implementations; it is really also about standardizing the way that we operate.

C4ISRNET: And the network management piece?

MORRISON: This is different than anything we've done before. This is not an Army network or an Air Force network; this is a single, inherently joint network being built end to end. And it is absolutely critical for everybody to understand that.

It is doing two things for us. It is enhancing security, no doubt, due to Joint Regional Security Stacks and the way it is architected. But it is also increasing capacity all the way to the user. And when you look at the installation modernization effort, which is pretty significant, it is really a different acquisition model than we have used in the past. What happened previously is that we would throw requirements to the acquisition community and then they would build that network at the installation level using contractor support and everybody else. And it was very slow and costly. I can think of one installation where we tried to modernize it for well over five years.

The model that we put in place now is bulk buys and the integrated team approach where we work with our acquisition teammates. So you have the acquisition professionals and the operators. We engineer each installation network together, and then we use our own manpower to go out and install it.

As a result, just to give you an anecdote, at Fort Sam Houston it was programmed to take up to three years to modernize that installation. We got it done in about six months. And since then, we've done 10 more installations over the past 12 to 15 months.

C4ISRNET: What's your road map going forward for additional installation modernizations?

MORRISON: It's all about available funding. What we have planned to do during the course of the next year is to knock out most of our force projection platforms and begin doing some of our [Training and Doctrine Command] and Army Material Command installations. As a matter of fact, we've already done some of each.

C4ISRNET: Are you satisfied with the progress you're seeing to develop enterprise systems that would allow the military services to interconnect in a better way? I'm thinking about the Navy, which has opted out of the network modernization efforts now underway between the Army and Air Force, as well as the first iteration of the Joint Regional Security Stacks (JRSS).

MORRISON: We have shown tremendous progress here over the last year or so. The modernization effort that we have undertaken was really was just a broad concept 18 to 24 months ago. And now you look at it and we have our first installation completely behind Joint Regional Security Stacks and on a new architecture. That is pretty fast in the world of acquisition inside the Department of Defense.

And we are, quite frankly, moving at speed in that direction. I suspect this coming year you will see a significant amount of installations that have fallen to the new architecture.

And when you look at the new architecture, it is not just the Joint Regional Security Stacks, it is a holistic end-to-end architecture that also includes multiprotocol label switching, and the installation-level modernization that we're doing.

We're doing three things at our installations. The first one I have a foot stomp on is that we're building a single, inherently joint network. And we are very closely linked with the Air Force and our DISA teammates as we build and execute this network. And it is a team sport between the three organizations, and the game plan is for the Navy and Marine Corps to join the effort at the 2.0 version sometime in the FY18 time frame.

So it is a single, inherently joint network. But it is also different in the fact that it is not going to be theater based. It is literally going to be a global network that is delivered to theaters. That is a significantly different way than we have approached it in the past. And we are going to have to work very closely with Joint Force Headquarters–Department of Defense Information Networks, DISA, the combatant commands and all the services because it's going to require a different kind of C2 concept than we've had in the past.

C4ISRNET: So the global nature of this is because of the JRSS will be based in various parts of the world?

MORRISON: Yes, and they're all going to be architected the same, same standard implementations, and then managed from a global framework. That's not to say that there won't be some theater unique nuances; that is always going to exist. But that will be at the margins as opposed to where it is at today, where it is almost all theater unique. And then it plugs into a larger, global enterprise.

C4ISRNET: Who will be responsible, and who will actually manage that global network of JRSS?

MORRISON: So that's an interesting question and it is a two-part answer. From an operations and maintenance standpoint, even though a lot of this equipment and kit has been procured by the services, the day-to-day operations and maintenance of it will be performed by the Defense Information Systems Agency.

It is going to take all parties to run a joint network. And so we have established what we are calling the Joint Management Construct that will allow DISA to do what they need to do from a joint perspective, but it will also allow the services to do what they need to do from a service perspective, particularly on the installations. And so it is something that we have been rehearsing at Joint Base San Antonio. It looks pretty positive so far, and we continue to document those [tactics, techniques, procedures] so that as we start to accelerate the migration of installations onto this new architecture we've got the base operational construct already in place. And then we can adjust from there as we learn more.

C4ISRNET: Back to the modernization piece, there's also talk about integration between strategic and tactical networks. What's that all about?

MORRISON: So I always talk about network modernization and standardization, but one of the other things working within the command is strategic and tactical network integration. When you take a look at the operations that we're supporting today, split-based ops between home station and forward deployed units has become the norm.

[That requires] small, very capable C2 nodes moving forward, but with reach back for intelligence, for mission command systems, and even in some cases for day-to-day business systems. So that's forcing the convergence between strategic and tactical networks.

When you take a look at deployed formations, they tie back into our regional hub nodes. We're working to have our regional cyber centers provide that higher-level operation and defensive visibility to deployed formations. Because quite frankly, in many cases, these deployed formations are taking forward very little network operations capabilities. They are relying on that higher-level piece to really do the maintenance and defense of the network. It is something that we will continue to work hard, and it is definitely driving the collapse of the two networks.

C4ISRNET: What are your thoughts on the stolen personnel data from the Office of Personnel Management systems? Do you think that DoD cybersecurity systems would have identified the hack faster than did OPM's systems?

MORRISON: I don't want to try and compare the DoD network to OPM's network because I don't know enough about that network. But what I will say is that, especially inside the Army, there's a growing recognition that we have to have processes that allow us to roll in new technologies that will allow us to operate, maintain and defend our networks in a much more streamlined and rapid fashion. I have to tie it back to visibility. Having end-to-end visibility of the network — not in silos, not in stovepipes — is absolutely critical. So as we bring capabilities on board they've got to be integrated. And then we've got to have the proper infrastructure that allows us to tap into the ubiquitous data that will be flowing off of our networks so that we can understand and see threats as they are coming. And if they do happen to get inside the wire, we can rapidly adjust and eradicate whatever threat might be there.

C4ISRNET: Staying with the subject of network visibility, is there a special way you look at and address insider threats as opposed to outsider threats from nation-states, terror groups and hackers?

MORRISON: Visibility is not just seeing what's on the network, it's also seeing who's on the network, and who is doing what on the network. We're supporting several Army efforts; we are not the lead for them but we are in support, addressing insider threat and how to mitigate that risk. [We are looking at] things like tracking privileges and making sure that we have got their role management clearly identified. Then we know who they are and we're able to track things. But it also comes down to identity management, so when somebody gets onto the network, you know who's doing what.

Share:
More In Videos