Secure Wi-Fi Enters the Battlefield
Access will enable productivity gains.
Secure Wi-Fi for classified operations is now available to the U.S. military, thanks to recent policy, hardware and software improvements.
This is of great importance, especially to the Army, which faces challenges with command-post networks. Given size, weight and power constraints, these networks lack mobility, explained Paul Mehney, director of public communications for the Army's Program Executive Office Command, Control, Communications-Tactical (PEO C3T). The Army needs more rapid network initialization and faster command-post setup and teardown.
“By going wireless, command-post setup and teardown times may be reduced by hours, and less cable and protective flooring have to be transported from location to location,” Mehney said. “Soldiers can be untethered from their workstations for improved collaboration. Most important, network downtime is significantly reduced. Following command-post setup, units can turn on their secure Wi-Fi hot spot and the network can come up first instead of last, in as little as minutes instead of hours. And soldiers can stay connected longer when jumping the command post.”
The PEO C3T supports the Army’s efforts to modernize its network, including improving command-post capabilities. In particular, the Army is interested in high-security Wi-Fi. The PEO C3T is working with industry to develop and adapt this capability for the military, Mehney said.
Secure Wi-Fi will provide “agility and operational flexibility, enabling commanders and staff to stay securely connected with full situational awareness and mission command capability for the maximum amount of time possible," Mehney added. It will enable faster, more informed decision making and improve survivability during operations. Commanders and staff can use their mission command systems much sooner following a maneuver, resulting in a more accurate and timely common operating picture, he noted.
Notably, the National Security Agency's (NSA's) Commercial Solutions for Classified (CSfC) Program is a factor in the use of commercial off-the-shelf products in layered solutions to protect classified National Security Systems (NSS) information. Command posts will use the CSfC solution to provide secure classified and unclassified wireless options, Mehney confirmed.
The NSA has developed so-called “capability packages” that outline the operational requirements for designing secure networks, including mobile networks, campus wireless local area networks (WLANs) and multisite connections, said Jon Green, vice president and chief technologist for security at Aruba, a Hewlett Packard Enterprise company. Green joined Charlie Kawasaki, chief technology officer at Pacific Star Communications (PacStar), and Bob Ackerman, editor in chief of SIGNAL Magazine, in discussing the technologies enabling secure wireless networks during a recent AFCEA International online event.
“NSA has done all of the work for us,” Green said. “They’ve built the architecture. They’ve built the policy.”
The downloadable reference designs have been tested and approved by the NSA. Many of the network design decisions have already been made, making it easier to build high-security Wi-Fi or other networks, sometimes in as little as six weeks, Green advised. At the same time, there are additional options if those designs don’t meet mission requirements. “It’s kind of their gift to the world,” he said.
In the intelligence community, some operations centers are seeing improved collaboration from the use of high-security Wi-Fi networks. Green shared that one agency operating at the Top Secret-SCI level had indicated that its analysts said they would never give up the capability and go back to what they had done before. The agency also reported productivity gains and increased collaboration, Green said.
The capability package designs, when paired with double- or triple-layered encryption and separation of hardware and software, are enabling the Wi-Fi networks, he said. The NSA's network architecture mandates many cybersecurity measures, Kawasaki added. The result is increased mobility for command posts as well as for tactical vehicles.
Shrinking traditional enterprise technologies from 600-pound stacks of servers, routers and cables to something much smaller—and ruggedizing them—is enabling improved mobility and secure Wi-Fi in a tactical setting, Kawasaki offered. For vehicles in particular, where a mobile network is so important, “typically you would be accessing the secret networks or multiple networks, including coalition or Joint Worldwide Intelligence Communications System (JWICS) networks using satellite reachback, and you would be sharing that connection with multiple networks,” he said. “You’d essentially be dropping in your red networks into a vehicle through SATCOM.”
Advances in network capability and improvements in size, weight and power are giving vehicles better access to classified networks. Aruba’s wireless solutions for connectivity, with such products as Wave 2 access points, AirWave Network Management and Mobility Controllers, provide key functionality.
PacStar offers an integrated, small-form-factor, rugged CSfC access point that “allows you to stand up wireless access that can be very quickly relocated in command posts or mounted in vehicles,” Kawasaki said. Its ruggedized server and router boxes, part of the PacStar 400-Series, come in at around 2.5 pounds each. “They can be dropped, they can be loaded into a vehicle, and [they] can be parachuted in by airborne,” he said. “[They are] very light and flexible.”
To get that small, PacStar did “lots of engineering,” said Jeff Sinclair, PacStar's vice president of sales. “We are taking technologies like Cisco, HP and Aruba and putting them in form factors that are one-sixth of the traditional size.” The key is software virtualization, or relying on the virtual version of software in systems. “We are levering virtualization very heavily,” Sinclair said. In addition, the hardware includes tactical cyber solutions for cyber and electronic warfare.
The technologies will be used in the Marine Corps Networking On-The-Move program and installed on mine-resistant, ambush-protected all-terrain vehicles (MRAP-ATVs), high-mobility multipurpose wheeled vehicles (HMMWVs) and amphibious assault vehicles. The system will provide communications on the Point of Presence (POP) Vehicle Kit and Staff Vehicle Kit (SV Kit), along with connection to the Secret Internet Protocol Router Network (SIPRNET), Non-secure Internet Protocol Router Network (NIPRnet) and mission-specific networks.
Lastly, Green stressed potential productivity gains. When the Army had to move a forward operating base, it could take as long as eight hours before a command post had full network access, mostly because of cabling issues. When units left a location, they would cut the old cables and leave them because it was faster to make new cables when they got to the new location, Green said. But that involved carrying the cables, the flooring and the server rooms, and then being able to secure the cables. Commercial-grade equipment, typically used in a server room with a cooling room, was not made for military deployment. Enhanced software and hardware now make tactical use of Wi-Fi and advanced networking possible, Green said.