Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
NCI Network Engineering
1. neTWoRk engIneeRIng
The Challenge Methodology and Techniques
Network engineering is a complex and ever-evolving NCI supports its customers with a robust engineering
discipline. Today’s networks must be able to securely deliver methodology, assistance in selection and acquisition of
voice, video, and data traffic with complex quality of service commercial off-the-shelf (COTS)/Government off-the-shelf
and redundancy requirements. Challenges of reliable (GOTS) products, and implementation and integration of
operation include: these products into a seamless enterprise-wide networking
environment. NCI’s standardized engineering process,
• Installing, upgrading, and maintaining deeply interconnected and
Systems Engineering and Architecture Methodology (SEAM),
multi-level systems
formally organizes our engineering support efforts from
• Incorporating large-scale, heterogeneous networks that contain a mix
of legacy and leading-edge devices concept through long-term lifecycle support. SEAM’s disci-
plined approach ensures the final results support the business
• Providing overarching system security by ensuring that the network is
secured and that anomalous behaviors are being isolated and tracked objectives underlying your networking requirements.
• Accommodating new standards and products, particularly in the NCI’s approach to developing, managing, and using
rapidly changing wireless and mobility market segments network engineering products and data incorporates ITIL,
The nCI SoluTIon ISO 20000, and CMMI best practices and lessons learned
from Department of Defense (DoD), Joint agencies, civilian
NCI offers full lifecycle network engineering services to our agencies, and commercial architecture efforts. NCI’s
clients, from the initial analysis of the requirements and standard approach to develop, manage, and implement
design of the network through implementation and testing network engineering views, products, and data includes the
of the solution, including the design of disaster recovery following key elements:
contingency plans. Our network engineering capabilities
include architecture development, design, implementation, • Assess requirements and plan and prepare for architectural support
efforts
configuration, and operations of wired local area networks
(LANs), wireless LANs (WLANs), metropolitan area networks • Deliver meaningful results—ensure
architectural efforts support and enable
(MANs), and wide area networks (WANs). Our extensive
measurable improvements in network
experience providing the following network engineering
operations
services for Federal Government clients allows us to
• Leverage enterprise architectures—
rapidly identify potential bottlenecks, security threats, and
rapidly and iteratively develop/assess
vulnerabilities, as well as address these potential issues with integrated architecture products and
cost-effective solutions for: maintain architecture data
• LAN/WLAN/MAN/WAN architecture design and implementation • Maintain/evolve systems and data during implementation, operations,
• Disaster response planning and recovery and maintenance—ensure compliance with baseline requirements
• Installation, test, and evaluation • Provide transparency—monitor, measure, and report architectural
• Network discovery and audits support efforts and effectiveness
• Network security evaluation and remediation NCI supports its customers with streamlined, repeatable
• Protocol, topology, and routing design processes for the full lifecycle of installation and integration
• Reliability and contingency assessment activities. We depend on detailed preparation activities,
• Vulnerability assessment in close coordination with key stakeholders, to deliver
• Intrusion detection and intrusion prevention comprehensive site surveys, brief site personnel concerning
plans, obtain valuable input on technical details, and control
schedule constraints and manage responsibilities. As an
example, our preliminary site-specific implementation plan
details the equipment layouts and intended sequence of
nCI Information Systems, Inc. ISO 9001:2008 Certified Voice: 703.707.6900 | 888.409.5457
World headquarters Fax: 703.707.6901
11730 Plaza america Drive e-mail: contactus@nciinc.com
Reston, Virginia 20190 Web: www.nciinc.com
2. neTWoRk engIneeRIng
onsite activities. NCI receives, prepares, tracks, and installs • NCI provides full-spectrum support for classified and unclassified
project equipment, all in close coordination with asset networks for our USTRANSCOM customer, including the Network
management processes. NCI ensures appropriate parties are Operations Center (NOC) supporting all DoD transportation resources
informed of new equipment entering a location as part of worldwide. The USTRANSCOM NOC interfaces with numerous on-site
maintaining strict control of incoming and outgoing material. and remote commercial, DoD, service, and common-user networks
[e.g., SIPRNET, NIPRNET, and the Scott Air Force Base (AFB) LANs,
NCI possesses extensive in-depth knowledge and experience MANs, and WANs]. NCI NOC responsibilities include the Global
to anticipate, mitigate, and avoid information assurance Transportation Network, supporting 7,000+ user accounts from
(IA) policy impacts. NCI’s work in the IT security arena is installation-level transportation clerks to senior officials from the Joint
noteworthy—we have been instrumental in helping our Chiefs of Staff. NCI is the single point of contact for all networking
customer, U.S. Transportation Command (USTRANSCOM), issues with the Defense Information Systems Agency, Scott AFB,
win the National Security Agency Frank B. Rowlett Award AMC, Surface Distribution Deployment Command, and Military Sealift
for Organizational Achievement three times in the past Command as it applies to USTRANSCOM’s networks.
seven years for the best computer network defense program • NCI network engineers provide cradle-to-grave support for all
across the Federal Government. We understand the impact network services running on the topology, including identification,
of technological change, especially with the phase-out of testing, evaluation, documentation, installation, maintenance, and
vulnerable hardware and software. NCI’s approach includes configuration of network infrastructure hardware and software while
analyzing and recommending methodologies to mitigate at the same time monitoring, troubleshooting, and documenting
the widening expectations of emerging technology, espe- network connectivity. NOC tools that NCI uses include a wide variety
cially those related to systems/network management and of UNIX, LINUX, and Microsoft-based commercial COTS and open
administration. NCI has extensive experience conforming source software with significant custom integration to meet the needs
to DIACAP and DITSCAP certification and accreditation of this high-profile customer. NCI performs Local Registration Authority
requirements for many systems across DoD. NCI provides duties, including issuing and revoking public key infrastructure
certificates. NCI personnel provide Tiers 2 and 3 technical network
in-depth expertise in network-centric SIMs, eEye Retina,
support and administration, desktop support, and security support for
VPN, DAPE, risk mitigation, ETFM, P-DNS, HBSS, two-factor
USTRANSCOM users by responding to and resolving service requests.
authentication, DAR, data in motion, and network access For example, NCI personnel perform Tiers 2 and 3 customer support
control (NAC) solutions to ensure networks are continuously for TRAC2ES, the USTRANSCOM Regulating and Command and
monitored. Control Evacuation System.
Successfully Supporting Complex Systems
NCI has employed its proven network engineering expertise
to design and oversee the implementation of new systems CuSTomeR BeneFITS
and networks for numerous DoD customers with large-scale,
• Reliable networks and architecture that is scalable for orders of
complex networks. NCI’s superlative network engineering magnitude expansion
has led to long-term partnerships with customers that • Seamless integration with no interruption of service and more
include USTRANSCOM, Air Mobility Command (AMC), secure infrastructure
Army National Guard, National Guard Bureau, Tank • Access to information through IT systems is reliable, secure, and
Automotive and Armaments Life Cycle Management current
Command, and Defense Reutilization Marketing Service. • Joint interoperability
Our success for these customers has led organizations such
as the Air National Guard, Madigan Army Medical Center,
and the North American Aerospace Defense Command/U.S.
Northern Command to award contracts to NCI to perform
advanced network engineering tasks.
nCI Information Systems, Inc. ISO 9001:2008 Certified Voice: 703.707.6900 | 888.409.5457
World headquarters Fax: 703.707.6901
11730 Plaza america Drive e-mail: contactus@nciinc.com
Reston, Virginia 20190 Web: www.nciinc.com