Your SlideShare is downloading. ×

Dmg tem2011-0718-05 madina--cto ns mobility pp

634

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
634
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • DISA MCEP Overall Uptimes: Up to the month of May 2011 the performance has remained remarkable maintaining our goal of component availability for both MCEPs. Total Monthly Traffic Usages: The majority of all the traffic is high side data usage. SME PED Enclave Added per Location: None of new enclave was connected to the network in May 2011. SME PED Devices Added/Disconnected per Period: 30 new devices were added to the network in May 2011. DIA: 4 devices EUCOM Patch: 19 devices NMCI Hampton Road: 1 devices NSA Meade: 1 device SOCSOUTH: 2 devices SOCOM: 2 devices STRATCOM: _ 1 device - 17 devices were disconnected from the network in May 2011. AFNIC: _ 1 device DIA: _ 1 device EUCOM Patch: 4 devices SOCSOUTH: _ 1 device NSA Meade: _9 devices STRATCOM: _ 1 device
  • Transcript

    • 1. Maria A. Medina Voice Services Networks Branch 18 Jul 2011 A Combat Support Agency Defense Information Systems Agency NS Mobility Efforts
    • 2.
      • MCEP Architecture Diagram
        • SME PED support today
      • Secure Voice mobility
      • Mobility components
      • Mobile Virtual Network Operator Integration
      • Fish-Bowl plus DISN Networks
      • Why it makes sense
      • Way Ahead
      Agenda
    • 3. Current SME-PED MCEP Network Architecture Cingular Verizon Sprint Management Console Multi-Protocol Router APN-I POP ROUTER SWITCH PREMISE ROUTER SIPRNet CA Virus Scan Web Server Mail Server Customer Enclave Managed Service SME PED MCEP SME PED SERVER HAIPE FIREWALL DECC Post camp site NIPRNet Mail Server Web Server Virus Scan CA SME PED SERVER Post camp site SWITCH PREMISE ROUTER FIREWALL Tier 0 Tier 0 APN-I DISN Trunk DHS Trunk SME PED: Secure Mobile Environment Portable Electronic Device MCEP: Multi Carrier Entry Point DHS T-Mobile APN-I Verizon APN-I
    • 4. DISA Multi-Carrier Entry Point (1&2) SME-PED
      • Total 671 SME-PED devices Connected to MCEP
      * AVG number of traffic from May-10 to May-11 was 1915389096 Bytes
    • 5. Secure Voice - Mobility
      • Working with NSA partners on the next generation of secure mobile phones and the concept of mobility.
        • Will technology refresh our Multi Carrier Entry Point (MCEP) to support not only SME PED, but other NSA approved commercial secure mobile devices using Mobile Virtual Network Operator (MVNO) technology.
        •   MVNO approach has received broad NSA and DISA support because it enhances security, management, and performance of secure mobile voice and data solutions.
        • Worked with NSA and developed a request for information (RFI) to industry to determine industry's readiness to delivery this capability.
      • End goal: Ensure the network connectivity and secure mobile communications for consumption of data and services anywhere, anytime in the network
    • 6. DRSN 1/2 3/4 1 = SRTP/DTLS 2=TLS 3= RTP 4= TLS 5= TDM/PRI 6=IP External Networks GW 5 6 6
      • APN –Wireless Carrier Access Point (multiple as required)
      • VPN – VPN Server--Serves to terminate VPN from Mobile Handsets
      • SBC – BBUA--Serves to terminate SRTP/DTLS Session and Generate. RTP flow
      • SIP - SIP registration/Session Controller for Mobile Handsets
      • LSC – To provide IP Telephony connection to classified IP Networks
      • And to establish connection to classified TDM network through Media Gateway
      Wireless Carrier Data Service UA TLS/RTP Session Border Controller (SBC) UA TLS/SRTP LSC E B C Classified IP Network @ applicable security level APN VPN 1/2 1/2 Mobile Secure Voice Enabled DISA MCEP SIP Server (LSC) Legend:
    • 7. Mobility Components + Data + Voice Wi-Fi 802.11 Bridge The Cloud IPAD Tablet PC Laptop 3G/4G
    • 8. Multi Carrier Entry Point (MCEP) /Mobile Virtual Network Operator (MVNO) Integration Centralized, Controlled Access for Mobile Devices DoD Mobile Virtual Network Operator (MVNO) Service Firewall / Threat Detection Commercial Wireless and IP Service Carriers DoD Users with Mobile Devices UC Session Processing (Voice, Video, Collaboration) Unified Communications Aware Firewall MCEP Security and Application Services (VPN, E-mail, etc.) MCEP Access Point DoD Mobile Virtual Network Operator DoD Secure Service Overlay To DISN UC Services
        • MCEP Key Tenets
        • Create IA boundary for wireless interconnects
        • Single entry point for DISN wireless extensions
        • Supports DoD e-mail and collaboration
        • Survivability through backup MCEPs
      DISN Core
    • 9. Mobile Virtual Network Operator RFI Summary
      • Original drafted/prepared by NSA
      • Coordinated within DISA (CTO, CIAE, NS)
      • The purpose defined: market research, discovery and information gathering
      • DITCO released the RFI
        • 19 May 2011
        • Closing date was 27 June
      • Twenty four vendors responded
        • Great input!
    • 10. MVNO Requirements/ Characteristics
      • Support 1 million or more subscribers world wide
      • Segregation and isolation from PSTN and internet
      • Restricted service offering to a set of particular devices
      • Centralized provisioning of end point including SIM card
      • Centralized security management; centralized management and deployment
      • Reporting on subscriber physical location (GPS)
      • Logistics capability (SIM Card/Phone).
      • Robust subscriber management and billing capabilities
    • 11. Why It Makes Sense To Tech Refresh the MCEP for Mobility
      • Basic infrastructure for supporting mobility is already on line
        • NetOps approved (redundant, accredited and 24x7 management)
        • Current Wireless networks access concepts and experience
          • Regardless of who the “carrier” is
      • Voice capability already planned for MCEP to provide for lack of CSD
      • DISA policy based controls access and network protection for DISN services
      • Contract vehicle on-line
      • Supports on going Unified Capability efforts
    • 12. Way Ahead
      • DISA leans forward on providing
        • The MVNO capability
        • Consolidating MVNO and MCEP service
        • Implementation of the Voice Capability at the MCEP after NSA completes the technical approach for mobility (“Fish-Bowl Concept)
        • Supporting and actively participating in NSA mobility efforts
      • DISA becomes the wireless service provider for the Department of Defense
    • 13.  

    ×