Operate and Assure – In a Contested Battlespace

Always On - Preparing for the Next Engagement
Operate and Assure – In a Contested Battlespace

By Warren Suss

The Defense Information Systems Agency is committed to providing the leadership and operational structure to ensure the DISA enterprise is dependable, reliable, available, secure, and protected to fully support military forces across the full spectrum of operations and in any form of contested cyber battlespace environment.  
DISA is expected to be “always on” despite a contested cyber battlespace and significant threats to the infrastructure. We also must be able to isolate or bypass disruptions in order to keep on providing services.

Users demand capabilities now, services now, plug in anywhere, even on the move. DISA’s responsibility is to be prepared for the “next engagement” by ensuring that U.S. military forces are able to connect, pull information needed for their missions, and freely exchange information on demand. The warfighters must be able to do these things throughout the full spectrum of military operations, including conventional warfare, nation building, counterterrorism, special operations, humanitarian operations, and disaster relief.

“Always on” means that DISA provides, operates, and assures the full range of capabilities and services supporting critical warfighting connectivity and business information.  This demands a secure, robust enterprise infrastructure that is effectively operated and managed, providing capabilities and services in the face of a cyberattack, as well as natural disasters, technology failures, and man-made incidents such as fiber cable cuts.

“Always on” also means that the power of the infrastructure can be extended wherever in the world it is needed to support missions and to satisfy the crucial demands at the “edge.”

Assured access to critical information from multiple sources promotes IT agility and enables faster and more accurate decision making.

DISA has a global operational structure with a “Network of Network Operations Centers” that provide the ability to seamlessly operate and manage the DISA enterprise with an ability to surge and focus capabilities anywhere in the world to support contingency and crisis operations. This operational structure is built upon a common framework of tactics, techniques, and procedures (TTPs), using advanced network and security management technologies. We will continue to leverage “net-centric” concepts enhancing NetOps information sharing, network defense, and situational awareness across the enterprise.

DISA’s operational structure provides the ability to operate and manage a global network infrastructure providing optimum diversity and capacity in support the Department of Defense global warfighting requirements. As an example, the capacity of DISA’s global network has grown from 480 gigabits per second in 2005 to more than 5,500 gigabits per second in 2010.  Additionally, DISA’s Computing Services capabilities are “always on” with continuous operations supporting more than three million users of more than 2,800 applications, providing more than 3.7 petabytes of storage. Computing Services has become DOD’s number one provider of personnel, payroll, logistics, accounting, and medical records processing. To our users, it’s the availability and reliability of the information that is important.
This is a team effort, and DISA realizes that it cannot be successful without fully engaging all its partners.  DISA and its mission partners must synchronize our efforts and fully leverage industry’s capabilities to help improve and expand our capabilities.  We must address emerging needs to ensure that our forces can always, in all conditions, access needed information, communicate, collaborate, and share information on a protected and trusted network.
There are many successful examples of these partnerships at work. In Iraq and Afghanistan, DISA, the military services, U.S. Central Command forces, and the telecommunications industry partnered to extend core networks, support training, provide spectrum analysis and deconfliction, and install automated tools for spectrum operations. The teamwork and innovative thinking and elimination of traditional barriers proved essential in meeting the demand for more bandwidth and diversity.

Improving the bandwidth and diversity situation in Iraq and Afghanistan also enhanced capacity and diversity for the Pacific, European, and Africa Commands. In order to meet users’ growing information needs during the two simultaneous Central Region operations, DISA established new commercial satellite and terrestrial bandwidth solutions. A more diverse, east and west, global, international grid is now operational, eliminating critical single points-of-failure and mitigating the conventional bandwidth congestion problems experienced by in-theater forces. The combined effect dramatically improves theater information exchange and collaboration and also provides alternative inter-theater routing when major, undersea fiber cuts occur in the Mediterranean Sea, Persian Gulf, Indian Ocean, or Pacific Ocean.

Defense of the infrastructure is an absolute requirement for being “always on.” DISA is ensuring the reliability of the network by building in security tiers to reduce the attack surface. Two DISA initiatives in this area are the Host Based Security System (HBSS) and demilitarized zones (DMZs). HBSS is a flexible, commercial-off-the-shelf-based application that monitors, detects, and counters in real time known cyber threats to the DOD enterprise. It employs machine-to-machine techniques for control and audit to enable the DOD to see the status of its devices and to manage them. DMZs will allow safe sharing among mission partners inside and outside the DOD. The DMZ effort involves moving servers and services that face outside the DOD into a zone where they can be afforded a range of access controls. For some applications, like those used by the Defense Logistics Agency to interact closely with industry partners, the policy will be very conservative. For other applications, like a public Web site, the policy will be very open.

An aspect of availability and reliability, particularly on the battlefield, is the assurance of sufficient spectrum capabilities and services for effective operations. DISA provides direct, operational support to commanders, including electromagnetic battlespace planning, deconfliction, and joint spectrum interference resolution. DISA pursues emerging spectrum technologies and will continue to advocate for current and future military spectrum requirements. The reality is that a vast majority of spectrum is shared between commercial and government users, and there is plenty of precedence for close cooperation between industry and federal users

The enterprise infrastructure must be available “24x7x52” – 24 hours a day x 7 days a week x 52 weeks a year. Partnerships and collaboration are the keys to building such an enterprise infrastructure and providing the capabilities and services that fully support DOD and all mission partners along the entire spectrum of military operations. DISA values not only our military partners but also our partners in industry and academia. We recognize that we do not have all the answers. We are looking to industry to bring forward innovative technologies to meet the goals of the new DISA 2010 Campaign Plan, our strategic framework that describes how we will achieve our vision of enabling information dominance and accomplishing our mission today and in the future. The DISA strategic objective is to operate and assure our enterprise infrastructure and the command-and-control/information-sharing capabilities and services we provide through dynamic control focused on the full spectrum of military operations.