Overview of NATO Technology Trends



Similar documents
Security & Encryption

CS 4803 Computer and Network Security

MultiCom Encryption The only encryption platform that can defend your sovereignty in all networks! Radio security solutions

SpiderCloud E-RAN Security Overview

Sectra Communications ensuring security with flexibility

A Model-based Methodology for Developing Secure VoIP Systems

WHITE PAPER. Secure Cellular Push-to-Talk to Land Mobile Radio Communications

Allstream Converged IP Telephony

Key Trends in Enterprise Networks

SSL VPN vs. IPSec VPN

WHITE PAPER. Securing Process Control Networks

What is Unified Capabilities?

Secure information exchange

SOLUTION BRIEF Astro 25 conventional systems. ASTRO 25 conventional SYSTEMS. conventional systems

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

Agenda. What is Hybrid AP Fat AP vs. Thin AP Benefits of ZyXEL Hybrid AP How Managed AP finds the Controller AP Web GUI

INTEGRATION OF SDR CELLULAR BASESTATIONS INTO MILITARY TELEPHONE NETWORKS

Wireless Networks. Welcome to Wireless

Local Session Controller: Cisco s Solution for the U.S. Department of Defense Network of the Future

Vesselin Tzvetkov, Holger Zuleger {vesselin.tzvetkov, Arcor AG&Co KG, Alfred-Herrhausen-Allee 1, Eschborn, Germany

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

WHITE PAPER COMBATANT COMMAND (COCOM) NEXT-GENERATION SECURITY ARCHITECTURE USING NSA SUITE B

Global Client Access Managed Communications Solutions. JPMorgan - Global Client Access. Managed Internet Solutions (EC Gateway)

Application Note: Onsight Device VPN Configuration V1.1

VNS3 to Cisco ASA Instructions. ASDM 9.2 IPsec Configuration Guide

Cisco Wireless Security Gateway R2

Site to Site Virtual Private Networks (VPNs):

OpenScape Session Border Controller Delivering security, interoperability and cost savings to the enterprise network border

Efficient evolution to all-ip

WLAN Authentication and Data Privacy

R4: Configuring Windows Server 2008 Network Infrastructure

Session Border Controllers: Addressing Tomorrow s Requirements

R&S MKS9680 Modular Encryption Device Secure voice, fax and data transmission

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

Introduction to Computer Security

Objectives. Remote Connection Options. Teleworking. Connecting Teleworkers to the Corporate WAN. Providing Teleworker Services

Analysis and Simulation of VoIP LAN vs. WAN WLAN vs. WWAN

Voice over IP Security: Issues and Answers

About Sectra Communications

Portable Wireless Mesh Networks: Competitive Differentiation

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Session Border Controllers in Enterprise

Cisco Satellite Services Platform Delivering Managed Services over Satellite

SIP Trunking DEEP DIVE: The Service Provider

Cisco IOS Firewall. Scenarios

Spirent Abacus. SIP over TLS Test 编 号 版 本 修 改 时 间 说 明

Building Robust Security Solutions Using Layering And Independence

High Performance VPN Solutions Over Satellite Networks

DEPLOYING VoIP SECURELY

Allstream Hosted Collaboration Solution

Making the Case for Satellite: Ensuring Business Continuity and Beyond. July 2008

Configuring SIP Support for SRTP

Guidelines on International Gateway Access and Voice over Internet Protocol (VoIP) Issued by the Nigerian Communications Commission

TLS and SRTP for Skype Connect. Technical Datasheet

Laboratory Exercises V: IP Security Protocol (IPSec)

DoD s Strategic Mobility Vision: Needs & Challenges

Overview of VoIP Systems

Your new VoIP Network is working great Right? How to Know. April 2012 WHITE PAPER

Best Practices for Outdoor Wireless Security

promise of lower-cost, network-based voice communications. The shift to VoIP which in truth represents a subset of the larger convergence

TETRA Security for Poland

Introduction to Computer Security

Securing an IP SAN. Application Brief

Deploying QoS sensitive services in OSGi enabled home networks based on UPnP

Internet Security. Internet Security Voice over IP. Introduction. ETSF10 Internet Protocols ETSF10 Internet Protocols 2011

PETER CUTLER SCOTT PAGE. November 15, 2011

Cisco Intercloud Fabric Security Features: Technical Overview

Professional Mobile radio. NEXIUM Wireless Mission-Critical LTE

network infrastructure: getting started with VoIP

Intelligent Migration to IP

Migration from TDM to IP in Public Safety Environments: The Challenge for Voice Recording

How To Deliver High Quality Telephony Over A Network

CCNA Security 1.1 Instructional Resource

Colt VoIP Access Colt Technology Services Group Limited. All rights reserved.

Release Notes. NCP Secure Entry Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3. Known Issues

March PGP White Paper. Transport Layer Security (TLS) & Encryption: Complementary Security Tools

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

End-to-End M2M and IoT Services

5.0 Network Architecture. 5.1 Internet vs. Intranet 5.2 NAT 5.3 Mobile Network

Security Policy Revision Date: 23 April 2009

IT Networking and Security

How To Make A Cell Phone Converged Into A Cell Network

Integrate VoIP with your existing network

Contents Introduction Why Fax over IP? How Real-time Fax over IP works Implementation with MessagePlus/Open Summary. About this document

TABLE OF CONTENTS. Section 5 IPv Introduction Definitions DoD IPv6 Profile Product Requirements...

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

CONNECT PROTECT SECURE. Communication, Networking and Security Solutions for Defense

VOICE SOLUTIONS NGN. Telephone-Handbook NEXT GENERATION NETWORK. UAN: (051) /Nayatel

Inter-MAC and UPnP-QoS

Implementing Deep-Secure guards in NATO Information Exchange Gateways

Acme Packet session border controllers in the enterprise

Transcription:

Overview of NATO Technology Trends Interoperability MIL + GOV devices; ED FN and ED MC Roadmap Jan Leduc Rohde & Schwarz SIT Prague, 01.04.2015

Agenda ı NATO Technology Trends & Interoperability SCIP NINE ı ELCRODAT Fixed Networks (ED FN) ı ELCRODAT Military Crypto (ED MC) ı ELCRODAT Migration 01.04.2015 Overview of NATO Technology Trends 2

NATO Technology Trends & Interoperability ı The SAVILLE Algorithm will be stepwise declassified by NATO ı NATO and Industries are working on cryptographic communication means for the future ı NATO Cryptographic Interoperability Strategy gives guidelines on how to achieve interoperability between nations 01.04.2015 Overview of NATO Technology Trends 3

NATO Technology Trends & Interoperability ı NATO Cryptographic Interoperability Strategy defines two protocols for interoperability Secure Communications Interoperability Protocol (SCIP) Networking and Information Infrastructure (NII) Internet Protocol Network Encryption (NINE) ı Both protocols are in standardization, but both have the same open points, when it comes to PKI, KMI and Algorithms ı One of the actual goals of this community in NATO is IP over everything, Everything over IP and Gateways to legacy systems only where absolutely necessary 01.04.2015 Overview of NATO Technology Trends 4

NINE vs SCIP Layer 7 - Application Layer 6 - Presentation Layer 5 - Session Layer 4 - Transport Layer 3 - Network Layer 2 Data Link Layer 1 - Physical NINE operates on Layer 3 Layer 7 Application Layer 6 - Presentation Layer 5 - Session Layer 4- Transport Layer 3 - Network Layer 2 Data Link Layer 1 - Physical SCIP operates on Layer 7 ı Hides (encapsulates) end-user IP address (infrastructure hiding) ı Encrypts Layer 3 and all layers above ı Signaling, encryption, rekey functions are not compatible with SCIP ı Does not allow to pass unencrypted information through higher layer (except TOS) ı Encrypts only Application layer ı Signaling, encryption, rekey functions are not compatible with NINE IS ı Allows equipment to support separate clear and secure applications 01.04.2015 Overview of NATO Technology Trends 5

NINE IS ı NINEs are system components that provide IPv4/IPv6 Traffic Protection, Networking, and Management features Wired, wireless, satellite, and hybrid networks Enclave or node protection (gateway or host) Standalone device or embedded in a terminal/host Host Enclave NINE NINE Enclave Host Cyphertext Wide Area Network Host Enclave NINE NINE Enclave Host In-Bound Out-Bound 01.04.2015 Overview of NATO Technology Trends 6

Secure Communications Interoperability Protocol ı SCIP, formally known as FNBDT (Future Narrow-Band digital Terminal) was developed by the US Government and national industry ı It has later been adopted by NATO to ensure secure end-to-end communications ı SCIP was first developed for circuit-switched networks, but was extended to also work over IP networks (SCIP over IP) ı It supports a Public Key Infrastructure, thus supports national sovereignty and interoperability in multi-national operations ı As it is an Application-Layer protocol (Layer 7), it is independent of the underlying physical link ı It supports HF-/VHF-/-UHF Radios, PSTN, IP (LAN, WiFi, 2G, 3G and 4G) 01.04.2015 Overview of NATO Technology Trends 7

NATO s Secure Voice Strategy Overview NATO HQ C 3 Staff NATO HQ C 3 Staff 01.04.2015 Overview of NATO Technology Trends 8

NATO Technology Trends & Interoperability ı For cryptographic interoperability NATO sets new standards: ı Different Crypto suites for different Applications Suite A algorithms are officially kept secret. Only and exclusively used for NATO and its member nations (MEDLEY und MERCATOR ) Suite B algorithms are public. Can be used for non-nato nations, Coalition partners, NGOs, etc. (AES) ı NATO focus is on certificate-based cryptos and automatic PKI Services Over-the-air keying/re-keying 01.04.2015 Overview of NATO Technology Trends 9

ED FN and ED MC for NATO ı NATO and Nations need for national and multinational Operations devices that implement SCIP and NINE ı There are two different devices needed (1) Tactical device which is fully ruggedized and has some legacy functionalities for green Applications (2) A sever room or desktop device which is multifunctional and flexible for white Applications ı Both of those capabilities can be offered by the successor products ELCRODAT Military Crypto (ED MC) ELCRODAT Fixed Networks (ED FN) ı Both devices offer similar, interoperable capabilities just for different environments 01.04.2015 Overview of NATO Technology Trends 10

ELCRODAT Migration 1990 2000 2010 Today 2020 ELCRODAT 4-2 Voice/Data encryption device ELCRODAT MC Voice/Data encryption device SCIP/NINE - IP based Maximum Synergy though R&S SIT Platform Concept ELCRODAT 6-2 Voice/Data encryption device ELCRODAT FN Voice/Data encryption device SCIP/NINE - IP based ELCRODAT 5-4 Voice/Data encryption device 01.04.2015 Overview of NATO Technology Trends 11

ELCRODAT Military Crypto (ED MC) ı Successor of ED4-2 Tactical, radio-detached joint, crypto device NINE for Data through IP Networks SCIP for Secure Voice und Data through heterogeneous Networks Minimal legacy functionality (To be discussed) 01.04.2015 Overview of NATO Technology Trends 12

ELCRODAT Fixed Networks (ED FN) ı Successor of ED5-4 und ED6-2 Tabletop / Server Room / Mobile Deployable Device SCIP for Secure Voice und Data through heterogeneous and insecure Networks NINE for Data through IP Networks No legacy Functionality in the device Gateway to the ED6-2 System 01.04.2015 Overview of NATO Technology Trends 13

Concept Study ED FN 01.04.2015 Overview of NATO Technology Trends 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information