Lundquist: Tell me what the SPAWAR Fleet Readiness Directorate (FRD) does?
Rear Adm. John P. Neagley: We are a single point of contact with the fleet. We help them reach back into the incredible resources and services that we can provide to them to better support them. I have three lines of operation: fleet support, which includes all the in-service support for C4I equipment, engineering agents for any kind of CASREP response and any other kind of support that they may need. I have the installation crews who do all the C4I modernization execution, including all equipment installations like Navy Multi-band Terminals (NMT), Consolidated Afloat Networks and Enterprise Services (CANES) and Automated Distributed Networking System (ADNS) on board our service platforms. My third line of operation is Data Center Consolidation, which includes a team tasked with consolidating all the different Navy data centers into three Navy enterprise data centers across the country.
CANES is a way to introduce some networks across the fleet, and it’s going to be instantiated on most of the ships out there. Our approach to protecting networks will be similar, whether it’s CANES or TSCE, or something similar.
Our strategy has been to deliver capabilities to the fleet, while at the same time reducing the variants of all the C4I systems we have out there, so NMT, ADNS, Commercial Broadband Satellite Program (CBSP) and CANES are fundamental to capability; we want to deliver that capability all at once in order to reduce the number of disparate systems out there. It will be easier to maintain, to train to, and by driving variants out, you can improve your ability to support those systems and, thus, improve operational readiness in the long term. What we’re doing right now is delivering the capability and installation of the systems. PEO C41 does the planning, research and development and delivery of those programs. We also coordinate with the other shipboard modernization entities, like Sea 21 and the Regional Maintenance Centers, to do the advanced planning. Our Afloat Installation Teams will then do the execution of those installations on the waterfront.
Lundquist: There must be a lot of coordination, because if you’re doing it in the middle of an availability, there are other things coming and going. Obviously, you don’t want to put something up on the bulkhead that’s going to be torn down in a week.
Neagley: We are disciplined in the process. We are not unique in the way we do modernization. We follow the Navy Modernization Planning (NMP) process and integrate our work at all the appropriate milestones, along with the combat systems and hull, mechanical and electrical work in that modernization package. We make sure that we are part of that process. Our challenge is that the baud rate at which you do C4I modernization is a little bit quicker than some of those other activities. We try—on a day-to-day basis—to get the latest capability out there as quickly as we can, while still meeting all the planning milestones that are required to get into an availability and execute it smartly. We update things fairly quickly in C4I. The program offices have different versions or mods, so we try to take that work and make sure that we align it with the right avail and get the right level of maturity on-board the ship so that it’s fully ready to go. That’s the kind of the balance that is probably unique to C4I. We have a speed-to-capability process that enables us to put stuff on very quickly for a particular exercise, contingency, or to meet an emergent requirement. This is usually accomplished by following the NMP process.
Lundquist: With regard to data center consolidation, what kind of data are we talking about?
Neagley: Anywhere you have a server that has data on it, including labs, warfare centers, shipyards, and any location in which we are storing large amounts of data. There are hundreds of them.
Data center consolidation helps the Navy reduce costs, because you need fewer people to maintain those data centers. But it’s also important from a security standpoint. You have the opportunity to make sure that the applications in those data centers are fully updated, so there are no security vulnerabilities. Managing the security environment for those data centers then becomes easier because there are a few of them instead of a disparate number spread all over the place. Having the data consolidated makes searching the databases easier.
Lundquist: What about communications? Do we backup and save every Navy message?
Neagley: Consolidating the Navy’s data centers creates an opportunity to look at the applications riding on those data centers and upgrading them. OPNAV N2/N6 has teams with functional area managers looking at the logistics, for example, and all the logistics applications we have. They then decide whether we have the right number or can consolidate, upgrade or virtualize some of them. They take all that work and pass it to us, so that we can put it in a data center.
It will certainly be more secure, too, because consolidation makes it easier to protect the data rather than having all that data spread out in hundreds of different locations with less visibility about how that data is being captured.
Lundquist: What about cyber-readiness?
Neagley: We’re trying to do some things in real-time here by looking at our ships and trying to determine their cyber baselines. We start with an understanding of the existing configuration on a ship, and try to determine whether that configuration has the latest updates or patches. When we find vulnerabilities, we send out patches to update equipment and software. We’re working on a better way to track that right now, and to identify the cyber baselines for each platform so that we can really know the ‘as is’ condition of those ships. Once we know what the baselines are, we want to know the best approach to protect those particular networks from an equipment and platform perspective, and even from a strike group perspective.
We have Task Force Cyber Awakening looking at this from a higher perspective, but our piece is the pragmatic job of knowing the baselines and getting the fleet as close as we can to a single baseline. When we have that understanding, we can push the same patch to everybody, which in turn speaks to configuration management. There’s a fair amount of variability in terms of what’s on a particular ship. You can imagine that each ship probably has some unique piece of equipment or combination of equipment that affects the baseline. We’re defining the attributes of that baseline now. We do that by asking the following questions: What should we look at; what are the things we care about; and how should we do a risk assessment against those vulnerabilities given a platform’s configuration?