Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
COPYRIGHT © 2011 BY NORTHROP GRUMMAN SYSTEMS CORPORATION. .
COPYRIGHT © 2011 BY NORTHROP GRUMMAN SYSTEMS CORPORATION.
Distributed Mission Operations Network (DMON) Cross Domain
Solution (DCDS) Overview
7 December 2011
Bonnie Page Danner, CISSP Manager, Cyber Architects
DCDS Services Project Manager [email protected]
321-235-3818
ACSAC 2011 Works in Progress
COPYRIGHT © 2011 BY NORTHROP GRUMMAN SYSTEMS CORPORATION.
Distributed Mission Operations Network (DMON) and the DMON CDS (DCDS)
• USAF Distributed Mission Training Operations and Integration Program: CONTRACT NO: F33657-98-D-2061
• DMON connects geographically separated USAF Mission Training Centers (MTCs), Development and Test Sites, and Combat Air Force DMO Hubs
• Primary DMON Purpose: To allow daily collaborative team training for air combat missions
• Single domain events have been conducted for over ten years and cross domain events for over three years
• The first DMON cross domain event approval to operate (ATO) was received December 2008.
• As of this month, 22 persistent DCDS ATOs have been granted (for 9 different rule sets/security policies at 13 MTCs)
• Cross domain events allow training between different security domains offering more realism for warfighters
• DMON cross domain events are remotely managed from a centralized operations center
2
COPYRIGHT © 2011 BY NORTHROP GRUMMAN SYSTEMS CORPORATION.
DMON and the Approved DCDS Sites
3
COPYRIGHT © 2011 BY NORTHROP GRUMMAN SYSTEMS CORPORATION.
Conceptual (Operational System) View (DMON) Cross Domain Solution (DCDS)v3
Operational Protection Level 3 (PL3*) DCDS System
Encryptor
PL3
TSol 8 (V240)
PL3
@DOC
TSol 8 (V240)
PL3
DMO MTC
DMO MTC
DMO MTC
Test PC
High-side Network
Management PC
High-side Portal PC
Encryptor
Crypto Management
Encryption Mgmt Net
Encryptor
DMO Network
Encryptor
Encryptor
● ● ●
Portal
Portal
Encryptor
Encryptor
High-side MTC
@DOC
DCDSv2/v3 Management System (MS)
PL3
Portal PC
MTC III MTC I
MTC IV
Portal DMO MTC
Portal
Encryptor
MTC II
CloudShield DCDS CI
NE
CE
Low-side Network
Management PC
`
*PL3 as defined in Joint Air Force, Army, Navy (JAFAN) 6/3 security guidance
Test PC
Encryptor
Portal PC
Encryptor
Low-side Portal PC
RED Cryptonet
● ● ●
BLUE Cryptonet
BLUE Cryptonet
A2011.067
4
COPYRIGHT © 2011 BY NORTHROP GRUMMAN SYSTEMS CORPORATION.
Future Considerations
• With flexible rules management and current strength of its security systems, DCDSv3 is robust enough to meet new requirements near term with relative ease
• Persistent approvals to operate and remote management of DCDS are key discriminators for future warfighter simulation training across different security domains
• As the DMO network grows, assessment of the security posture of remote management solutions becomes more important
• Global Infrastructure enterprise focus on cross domain solutions recognizes centralized management as a goal
• New technologies and approaches will evolve from cross domain solution enterprise research and development initiatives to help address emergent DMO Network needs
5