DISA targets network flexibility

The Defense Information Systems Network - the Defense Department's primary transport mechanism for voice, data and video - is one of the world's largest and most complex networks, with a budget of US$750 million per year for terrestrial service. Even though it carries top-secret communications from the battlefields to the White House, DISN is built almost entirely of commercial offerings. Anthony Montemarano, principal director for network services at the Defense Information Systems Agency, spoke recently with Carolyn Duffy Marsan about DISN's usage since Sept. 11 and why it's important to couple network management and security.

Here's an edited version of the discussion:

Q: What are the responsibilities of the DISA's network services group you lead?Network services basically provides system management for communications solutions and communications networks supporting the Department of Defense. We do the programming, planning, developing and provide back-up operational support. We don't necessarily watch the networks ourselves: Our operations directorate does that. We provide the support from the systems perspective, the engineering perspective.

Q: Describe the scale of DISN.

DISN is a series of networks. We have unclassified and classified data, voice and video networks, and then supporting those we have transmission infrastructures. These various functional networks ride upon transport derived primarily - well in excess of 90 percent - from the commercial environment.

Worldwide, we span from as far west as Singapore to as far east as Bahrain. Generally speaking, we're in the middle belt of the Earth. We don't go into South America and Africa. We're primarily in Europe, North America, the Far East, Korea, Japan, etc. That's all fixed infrastructure. And then, of course, we have these tactical entry points or teleports that can reach into the tactical environments to exploit [government-owned] . . . and commercial satellites.

If you're talking in terms of people using DISN, we're in the millions. In terms of services provided, we have some 3,500 separate data connections, whether classified or unclassified. When we provide a connection . . . we provide circuit access. Behind that circuit access, there could be 10 users or 100 users or 1,000 users.

We have numerous carriers. In the continental United States we have AT&T, WorldCom and Sprint, primarily, but Qwest is in there as well as the various [local exchange carriers]. We get extensive support from Verizon, PacBell, etc. So we use all the commercial carriers. There are very few places where the government actually owns the wire or the microwave. In Europe, we have a microwave system called the Digital European Backbone. The government owns that.

Q: How much data traffic does DISN carry, and what growth rates are you seeing?We have two methods of supporting data traffic. First we provide point-to-point circuits to various users. And I'd be hard-pressed to tell you how much of that is data because the user could pass data or voice over it. We just provide the circuit. But we know much of it is data. Then we have IP networks. On the unclassified side, we have 1,500 [connections] with an aggregate bandwidth of some 5,100 megabits per second. On the classified side, we're running about 1,615 megabits per second for about 1,000 connections.

Over a one-year period, [we've seen a] 25 percent increase in unclassified data while classified data has almost tripled. But understand that during the last year we had something called 9/11. We're finding that the classified side is expanding in its utilization [of DISN]. Prior to 9/11, I ran about 75 to 100 video teleconferences a day and about two classified video teleconferences a day. After 9/11, we were doing upwards of 30 to 45 classified video teleconferences a day, so you can see a shift as a result of the trauma of 9/11.

Q: How critical is DISN to the Department of Defense's enterprise architecture, which is called the Global Information Grid?The DISN makes up the communications component of the Global Information Grid. As people design their infrastructures, by and large . . . they'll be designing to ride on the DISN. From that perspective, I'd say it's absolutely critical.

One of the most important things about DISN is that if you know where your infrastructure is and you can see your infrastructure, you can manage your way through problems. You're always going to have problems. If you have 10 wires, one of them is going to break. The challenge is responding to that and managing your way through it. This becomes particularly important . . . [because] we no longer have to deal with only outages from disturbances. Now security or information assurance has become a major factor.

With the cyberthreats, you've aggravated your network management problem. It's not a matter of whether a card has failed. You have to see if there's a possibility that someone came in and was able to reach that card and make it fail. Or is somebody overloading that card with traffic. So what's critical is that when you deal with the cyber threats today you have the ability to see what you have out there and to be able to, if you will, fight the network.

During the 9/11 event . . . we immediately showed our infrastructure to the decision-makers and said: 'This is what you have and don't have, and this is what's in jeopardy.' It turns out we didn't get hit per se, but we had to move some of our infrastructure in that component of [the Pentagon] because it was in jeopardy. Because we could see it and we knew what it was, we could manage it. We knew how much trouble it was in and we could manipulate it. As a result, we had very little impact to our infrastructure. Nobody lost service.

Q: From your experience with DISN, what advice can you offer about managing large, complex networks?What we've done is take our network management tools and focused them in a central, global network operations security center and then sat our security tools right next to them. The Department of Defense's security structure has a joint task force with computer network operations. They sit side by side. So when we deal with network infrastructure challenges . . . not only do we have the guy or gal that understands the boxes out there and the manner in which [the network components] might fail, we have people that understand security and the potential for attacks that are being waged. And we have the various sensors and the like that we deploy. That synergy is absolutely incredible. It was effective during the Code Red attack.

My advice to corporate network managers is, if he doesn't have his information assurance folks or his security folks sitting side-by-side with his network operations then he's missing the mark. Especially if he's in any way dependent on the Internet for business because that, of course, is the primary path by which attacks can be made. Cyber attacks are sinister. When your packet loss begins to rise, it normally doesn't show up on a screen. The screen's still green, but the fact is there's packet loss, and the user is failing to get the traffic through. That's not obvious. Performance management and network management have to be one.

Q: What do you see as the most promising network technologies on the horizon for DISA and why?Convergence technologies that allow us to bring voice, data and video together. We're converging at the desktop, and we in the wide area can't avoid that. We also have to deal with the cultural challenges - not only the technical challenges - of bringing voice and video together in the wide area because the engineers and operators look at different things, manage it differently and are not sensitive to each other's needs. The data world has gone to extraordinary extremes to deal with security. Voice has never had to do that. It's just so easy from a PC at home to do something to a data environment, whereas you had to be a little more sophisticated to take a shot at a 5ESS. So coming to grips with that and getting the two cultures to deal with each other is a challenge.

Q: What do you see as DISA's major challenges related to its network infrastructure, and how are you addressing these challenges?One of the largest challenges we have, which I would argue anybody would have, is configuration management. As much as you try to do it, you don't get it right and you always have these weaknesses. Configuration management and troubleshooting are dependent on databases, and databases are always rife with challenges, errors and the like. We've deployed an integrated network management system that has helped us see across layers from the functional layer to the physical layer. But in helping it also magnified the configuration management challenge because it's reliant on the configuration management processes of an IP infrastructure and a voice infrastructure. Well, you think those two configuration management databases were built the same way? Of course not, so we're trying to bring them together.

Q: How has your view of managing the Department of Defense's network infrastructure changed since Sept. 11?For us, the war is still on. We feel very, very strongly, and consequently we are enormously focused on the battlefield and our support for the battlefield. So post-9/11, the fact of the matter is our operators, our network managers, our provisioning processes - all are focused with much greater intensity on supporting what is in Southwest Asia. Being extra sensitive to any anomalies that are detected so as to respond quickly. That's probably the main change.

Q: What lessons have you learned about DISN in the ongoing Afghanistan operation? And how might DISN change in response?Because of our bandwidth increase going into Southwest Asia, we're heavily dependent on commercial satellite solutions. So our ability to get transponders quickly has served us well. An after-action report is going to be: As soon as you smell anything happening, go after transponders. We've been able to get the capacity we've needed, but of course this is an extremely expensive proposition for us.

We also validated that video teleconferencing is a command and control system. It is not administrative in any sense of the word. The services and agencies have come to grips with the fact that sitting there, seeing somebody, seeing their body language is almost as important as hearing their words.