380 likes | 883 Vues
Space and Naval Warfare Systems Center Atlantic Command Overview. CAPT Bruce Urbon, USN Commanding Officer Mr. Chris Milller Technical Director. January 8, 2010. Statement A: Approved for Public Release. Distribution is unlimited (01 September 2009). . Department of the Navy Organization.
E N D
Space and Naval Warfare Systems Center AtlanticCommand Overview CAPT Bruce Urbon, USN Commanding Officer Mr. Chris Milller Technical Director January 8, 2010 Statement A: Approved for Public Release. Distribution is unlimited (01 September 2009).
Department of the Navy Organization Secretary of the Navy Chief of Naval Operations Assistant Secretary of the Navy for Research Development and Acquisition Space and Naval Warfare Systems Command San Diego, CA Naval Sea Systems Command Washington, DC Naval Air Systems Command Patuxent River, MD Naval Supply Systems Command Mechanicsburg, PA Naval Facilities Engineering Command Washington, DC SPAWAR Systems Center Pacific San Diego, CA SPAWAR Systems Center Atlantic Charleston, SC Where We Fit Our Mission: Provide quality full-service systems engineering and acquisition to rapidly deploy capabilities to the Naval, Joint and National Warfighter through the development, test, evaluation, production and fielding of sustainable, survivable and interoperable Command, Control, Communications, Computers, Intelligence, Surveillance, Reconnaissance, Information Operations, Enterprise Information Services and Space capabilities that enable knowledge superiority. Statement A: Approved for Public Release. Distribution is unlimited (01 September 2009). 2
SPAWAR Systems Center Atlantic Washington Tidewater Germany Charleston New Orleans Tampa Afghanistan Iraq Bahrain Combined assets to create and sustain mission effectiveness. Antarctica Statement A: Approved for Public Release. Distribution is unlimited (01 September 2009). 3
Areas of Expertise Engineered Solutions for the Warfighter C4ISR Integration Sensor Systems Mobile C4I Systems Modeling & Simulation Command Center Services Networks & Communications • Also: • Personnel Programs • Physical & Computer Security • Image Processing • Information Assurance • Information Technologies, Management & Support • Visual Information Systems • Wireless Technologies Anti-Terrorism/Force Protection Cryptology – Intelligence – Reconnaissance Air Traffic Control, Meteorology and Navigation Systems and Technical Services Statement A: Approved for Public Release. Distribution is unlimited (01 September 2009). 4
Community of National Assets A community of national assets exist within a 10 mile radius. C4I integration facility Military SDDC (841st Transportation Battalion) Former Naval Base Vehicle Integration site Military SDDC (841st Transportation Battalion) Radio frequency test facility Charleston Air Force Base RF Test facility Ground terminus supported by rail and highway system “Jointness – The future of national and international security lies in interoperability and cooperation among the services, the interagency, international partners and non- governmental organizations…” Admiral M. G. Mullen then Chief Naval Officer Charleston Air Force Base Statement A: Approved for Public Release. Distribution is unlimited (01 September 2009). 5
Major Customers • Navy • Marine Corps • Army • Air Force • Unified Combatant Commands • Dept. of Defense • Dept. of State • Dept. of Veterans Affairs • Dept. of Justice • Dept. of Treasury • Dept. of Homeland Security • Federal Aviation Admin. • National Science Foundation TOA FY 08 $5.0Billion Providing quality full-service systems engineering and acquisition to rapidly deploy capabilities. 36% Joint 52% Naval 12% National • 81% • Partnership • with private industry Statement A: Approved for Public Release. Distribution is unlimited (01 September 2009). 6
Systems Engineering and Program / Project Management CMMI Lean Six Sigma Program & Project Management Measuring and assessing processes Improving processes by eliminating waste & variation • DAWIA PM • Master of Science in PM • CMMI PM & C • PMP Certification • Project Initiation Review (PIR) • CDMs & KSAs • Navy ERP PS • PM University August 2007 (5 /day) Carnegie Mellon, Software Engineering Institute (SEI) appraisal team awards Capability Maturity Model Integration (CMMI®) Maturity Level 3 December 2007 (50 /day) Team unification 50 MRAPS per day + LSS = Statement A: Approved for Public Release. Distribution is unlimited (01 September 2009). 7
September 9, 2009 CAPT Bruce Urbon, USN - Commanding Officer Mr. Chris Miller- Technical Director Space and Naval Warfare Systems Center Atlantic Mr. Stephen Lariviere 5.8 Information Assurance, Cyber Defense & Cyber Security Systmes Engineering Division SPAWAR 5.8 Local IA Competency Lead 8 January 2010 V1.1
Information Assurance, Cyber Defense & Cyber Security Systems Engineering Division “Our Business IS Cyber Security” • Core Competencies: • Identity Management Engineering Services • Cryptographic Engineering • Certification and Accreditation • Network Systems Security/Computer Network Defense • Cross Domain Services/Multi-Level Security • Forensics/Biometrics • Information Systems Security Engineering Mission Statement: To consistently deliver technologically superior Enterprise-wide Information Assurance, Cyber Defense and Cyber Security Systmes engineering capabilities, systems engineering services and life cycle support to the warfighter, our DoD, joint and federal customers through the use of highly qualified and certified personnel that will ensure our customers receive the most professional, compliant, efficient, and cost effective products and services available. 9
Information Assurance (IA) Engineering Division 5.8 • The Information Assurance 5.8 Competency provides quality Information Assurance (IA) Engineering Services, with a focus on: • Multi-Level & Cross Domain Solutions • Identity & Key Management • Cryptographic Systems • Certification and Accreditation • The IA Engineering 5.8 Competency is structured allowing the organization to capitalize capabilities and enhance innovative customer solutions. • Provides a scalable and adaptive government workforce • 400+ civil service IA workforce • Charleston, San Diego, Norfolk, DC, & New Orleans. • Capable of meeting anticipated and unanticipated challenges. • Security Test and Evaluation • Computer Network Defense • Network Systems Security • Vulnerability Management 10
Who we are • Over 75% degreed with the majority of degrees in Electronic/Computer Engineer or Computer Science • 25% Post Graduate Degrees majority with Masters in Information Assurance Acquisition Management • Defense Acquisition Workforce Improvement Act (DAWIA) • Certified Project Management Professional (PMP) Network Engineering • Cisco Certified Network Associate (CCNA) • Cisco Certified Network Professional (CCNP) • Cisco Certified Design Professional (CCDP) • Cisco Certified Design Associate (CCDA) • Certified Wireless Network Administrator (CWNA) • Certified Network Engineer (Novell) (CNE5) • Microsoft Certified Systems Engineer (MCSE) • Microsoft Certified Professional (MCP) • Nortel Certified Support Expert (NCSE) • Verisign Certified Administrator • Red Hat Certified Technician (RHCT) • Cisco Architecture for Voice, Video and Integrated Data (AVVID) Design and Implementation Certified Engineer 11
Who we are • Information Assurance Certifications • ISC2 Certified CISSPs • Certified Ethical Hackers • Certified NSA INFOSEC Evaluators • NSA Certified Cryptologic Engineers • Certified Computer Forensics Engineers • NSTISSI 4000 Series Certified Professionals • COMPTIA Security + • GIAC GSEC • Certified TEMPEST Technical Authorities • Certified Level 2 TEMPEST Engineers • Systems Security Engineering-Capability Maturity Model Appraiser • Other • Certified SOA Consultant • Certified SOA Analyst • Designated Executive Agent for Navy TEMPEST Program • Designated by CNO as Approval Authority for PDSs • NSA CDS CT&E Test Lab • NSA HAIPE Interoperability Lab • Certified Professional Engineers 12
What we do Warfigther 5.8 Competency Services Provided Vulnerability Analysis and Mitigation IA Training IA Publication Development Computer Forensics Data Recovery Software Evaluations Software Reverse Engineering Data Reminisce Studies Penetration Testing Anti-Tamper IA Service Oriented Architecture Certification Test & Evaluation (T&E) FISMA ComplianceBiometrics and Forensic Solutions Crypto Modernization Crypto Integration & Installation Consolidated IA ILS Multi-Level Web COMSEC IA Testing Network Security Design & Product Analysis, Implementation, Operations, & Sustainment Network Security Afloat Fleet IT-21 NOC(s) Network Security Lab Antivirus Distribution and Support Multi-Level Web and Chat Cross Domain Solutions (CDS) TEMPEST and PDS Electronic Key Management Key Management Infrastructure Public Key Infrastructure Defense Information Infrastructure (DII) Guards Installation, ISEA Information Assurance / Monitoring Information Security (INFOSEC) Online Services Website NMCI Information Systems Transition Team Information Assurance Audits Certificate of Authority Workstations Web Application Development Secure Network Configuration 13
Who we do it for Supports Warfigther 5.8 Competency PEO’s, Programs and Projects Supported • PEO C4I • PMW-160 • CND • Crypto • CANES • PMW-120 • DCGS-N • PEO EIS • NGEN • SPAWAR HQ • USSOCOM • NAVFAC • MWR • NMDSC • TRICARE • NMIC • NAVMISO • NAVMED LOGISTICS • IRS • NAVSEA • VA • USMC HQ • BUMED • NNWC-NOT • USCG • DHS (Homeland Security) • DISA • NAVAIR • NSA • USNS Mercy & Comfort • NELO • ASN/RDA • NSWC • NRL • USCENTCOM • AFRICOM • OPNAV • US AIR FORCE • US ARMY • NAVFAC • DOE • DOC (Commerce) • DHS (Health Services) • DOS (State) 14
CORE AREAS 16
Electronic Key Management System (EKMS) Four tiers of EKMS provide automated end-to-end Key Management including: cryptographic key generation, distribution, destruction, and material accounting system Tier 0 (Ft. Meade, Finksburg) Tier 1 (Ft. Huachuca, San Antonio) Tier 3 DTD, SKL, or SDS Tier 2 LMD/KP PTSN/ISDN Phone & SIPR Network End User 18
PKI SMART CARD SYSTEM SOFTWARE PEOPLE • Authentication • Data Integrity • Non-repudiation • Confidentiality 19
CRYPTO 20
Cryptographic System Engineering Crypto Baseline Mgmt AIMT Priority List USCG USN USMC MSC DoN Procurement and Installation Crypto Validation IA Crypto Products Mgt Tool • Identifying System Specifications to Meet Fleet Readiness Requirements • Enabling Warfighters to capture critical crypto info to support Fleet missions • Identifying filled and unfilled crypto requirements to support Fleet operations • Delivering crypto solution to support Fleet missions and operations 21
Cryptographic Life Cycle Support • Sustaining the Warfighter’s Legacy Cryptographic Equipment: • Extending the useful life of Cryptographic devices • Reducing downtime and repair efforts for in-service Cryptographic devices • Managing reclamation process of ready for use Cryptographic from other services CASREPS Resolved Help Desk Support Crypto ISEA Crypto ILS Crypto Repair 22
Certification T&E • Certification Test & Evaluation • Joint • Navy • Federal • Cross Domain Solutions (CDS) Certification • Vulnerability Analysis and Mitigation • FISMA Compliance INFORMATION ASSURANCE NON-TECHNICAL TECHNICAL COMSEC COMPUSEC PERSONNEL PROCEDURAL PHYSICAL SETA TEMPEST PROPERTIES CONFIDENTIALITY INTEGRITY AVAILABILITY ACCOUNTABILITY 24
Certification T&E • IA Training and Publication Development • Computer Forensics and Data Recovery • Software Reverse Engineering • Service Oriented Architecture IA • Anti-Tamper • TEMPEST Evaluation • Protected Distribution Systems (PDS) • COMSEC and Crypto 25
NETWORK SECURITY /DESIGN & PRODUCT ANALYSIS, IMPLEMENTATION,OPERATIONS, & SUSTAINMENT 26
Network Security Hackers IA Engineered IA Solutions Engineering Services and product support to Joint Forces for the development, testing, integration, configuration and life-cycle management of network security solutions using a “Defense-In-Depth” strategy in support of Mission-critical objectives. • Specific Initiatives: • IT-21 Fleet NOCs • Cyber Condition Zebra • Piers • ONE-NET • Shipboard Networks • SCCVI / SCRI • HBSS 27
Health Systems • SSCC Health System Program provides key systems engineering and technical support to the Health Systems Community enabling them to support Healthcare for the Warfighter. • Information Assurance • Local Area Network and Infrastructure Upgrades • Server Systems • Systems Engineering for IM/IT Enterprise Architectures • Strategic Planning • Integrated Systems Support • Software Engineering, Design, and Development • Application Mapping and Documentation • Citrix Remote Access • Enterprise Services Operations Center MHS Sponsors 28
Cross Domain Services • Cross Domain Services: provides the ability to manually and/or automatically access and/or transfer data between two or more differing security domains • Helps sites develop Cross Domain Solutions • Maintains confidentiality, integrity and availability of information • NSA Designated Trusted Agent for CT&E (SR1-8) Testing • JMINI • DODIIS • NETTOP • HAP 30
Biometric Solutions Signature Identification Voice Identification Facial Recognition Retina Scan Using Biometric Identification to provide Positive Authentication Finger Prints Hand Geometry Keystroke Dynamics 32
Forensic Solutions • Computer and Network Forensics • Intrusion Detection • Honey Pots • Forensics Lab Installation • Malware Repair • Deleted File Restoration • Repair Corrupted Files • Drive Imaging • Forensics Training • Password Recovery Data Recovery Honey Pots Restore Access Forensics Training 33
Information Systems Security Engineering Secure System Configuration - security configuration Requirements evaluated or implemented for OS, routers, switches, databases, etc. Specific areas of expertise include: • Antivirus • Access control • Registry security • All operating systems • File permissions • Ports/services • Role privileges • Password strength • Security patches/updates • Audit • Misuse detection • Intrusion detection • Firewalls • Data Base Security • Wireless Networks • PKI • Website Security • IAVA Patches • Secure Network Data Storage • Solutions • NMCI System Transition Support 35
IA Website Services - INFOSEC IA Publications and Policies Anti-Virus NCDOC “Ask The Expert” IA Bulletin Board Advisories Customer Service INFOSEC Chat IAVM Training Help with INFOSEC Products & Services (i.e., VPN, FORTEZZA, Firewalls, Intrusion Detection, Secure Voice, EKMS, TEMPEST) Fleet Internet Security Handbook https://infosec.navy.mil/ https://infosec.navy.smil/ 36
Points of Contact: Mr. Steve Lariviere, (SSC-CH Code 58200) Division Head, IA & Cyber Defense & Cyber Security Systems Engineering Division 5.8.2 steve.lariviere@navy.mil (843)218-4140 Mr. Karl Baker (SSC-CH Code 582B0) Technical Operations (843)218-4091 INFOSEC Website https://INFOSEC.navy.mil 37