3rd ID building network architecture to move complexity from brigades
As the Army is shifting for potential conflict against sophisticated nation states at much greater distances, senior leaders have expressed the need to move network complexity up from brigades and into their parent division headquarters.
With that overall strategic imperative, the 3rd Infantry Division is taking it upon itself — using existing capabilities and tools without purchasing anything additional — to produce a new network architecture that will unburden brigades and make units more mobile for large-scale combat operations.
“We reorganized ourselves … [at] no cost options or no cost things. It was really just reorganization. We reorganized ourselves, where we brought the cyber defenders up to the division level,” Lt. Col. Joe Kaminski, 3rd ID’s network officer, or G6, said in an interview. “As [the Army is] starting to change to the division being the unit of action, we saw some things that we wanted where we thought we could do better capabilities [wise], plug some holes where some holes existed, specifically to support a better cyber operations security environment.”
During the global war on terrorism, the brigade was the unit of action. But now, for large-scale combat operations, the Army is moving many of those capabilities out of the brigade to the division to make the brigade more nimble. As the Army is also looking at transforming its network — a unified approach that eschews the traditional tactical and enterprise distinction for a singular network across the globe that forces can plug into anywhere and immediately upon entering theater — moving complexity up is a key tenet.
Kaminski said his division focused on four lines of effort when devising this new architecture and approach: network security, host security, information assurance and auditing and threat hunting.
The division has been working on the concept for about a year, stemming from a deployment to Poland.
“We started building this out really right when we deployed to Poland because what we saw is, hey how do we get faster, how do we get lighter, how do we enable commanders without having these long network [Reception, Staging, Onward Movement, and Integration] requirements. How do we rethink this for the force just again to be more agile and adaptive to support operations,” Kaminski said. “It’s globally. You could theoretically throw a brigade in Indo-Pacom AOR, you throw a brigade in Eucom AOR, you can throw a brigade in Centcom AOR and we’re all integrated together. We’re all talking to each other. You get off the plane or you get off the ship and you’re fighting tonight. That’s the biggest thing. How do we enable that for the network? That’s when we said, okay, we got to build a global, integrated network.”
As part of enabling units to be more mobile, Kaminski explained they are approaching data and the network the same way the Army approaches supply.
“We had to rethink the size and capabilities of our systems that were down range and what we were utilizing. I was dragging servers that weigh almost 1,000 pounds in the end, with multiple enclaves and stuff, that’s got, like, 20 years’ worth of data on it. I don’t need 20 years’ worth of data in a fight. I need what I need in the fight,” he said, reminiscing of earlier in his career. “The thought process was almost like, what is my three days of supply, my three days of data, if you really think about it. Because the problem is, commanders don’t go into conflict or a fight with 20 years’ worth of food, or 20 years’ worth of ammo that they have to lug around. Why are we going in with 20 years’ worth of data? Really, what we needed to do was identify those critical data requirements, which I think we were able to do while we were deployed in Poland.”
Following that deployment, the division put this new concept and architecture to the test at a brigade level during a rotation at the National Training Center at Fort Irwin, California serving as a validation.
One of the main thrusts of the effort was keeping these cyber defenders and infrastructure in a static, sanctuary location, which allowed greater overwatch of the network and made it easier for units to maneuver and plug in.
Traditionally, a unit going to the National Training Center would find and plug into the nearest regional hub nodes. However, since the mission enclave stayed at Fort Stewart, the division’s home, they used a direct satellite connection, modem to modem, into a regional hub node utilizing satellite communications or a VPN. But the main difference is the unit is controlling the network.
“What we saw specifically was, [the brigade] hit ground and literally they just had to get transport up and they were up and operational. Because the network is never down. You weren’t moving the network to somewhere else and then trying to fight through that to get your services and operations up. Your services and operations never move and therefore, you literally just get your transport up and you’re connected and you’re rolling,” Kaminski said. “We saw them get up, I mean, when we talk about how fast they were able to get up, it’s just literally, it’s almost once you get your transport up, you’re up, you’re operational. Because your configurations don’t change, nothing like that changes. It’s just, you get transport up, you’re integrated now into this global network that we built, services are always being provided and they were up comms wise up, very, very quickly.”
As part of the overall concept, the division built a security operations center with all the cyber defenders and sever personnel. With the network personnel, they built a network operation security center following the deployment to Europe to be able to control the whole network.
During the NTC rotation, cyber defenders worked in the NOSC 24/7 and were able to validate threats on the network and report back to the brigade.
Following the rotation, the division is looking to finish out the build for its architecture toward what Kaminski describes as a single-domain concept. One brigade has already been built and they are moving to other brigades with a field validation for the single domain concept in October.
“This is going to be a force multiplier and game changer because, in the end, the division is going to really be providing those services. The brigade is going to be a customer of that. It’s going to really free up the brigade to really focus on maneuver and warfighting, specifically, their combat net radio systems at the tactical ledge and maneuver – like that’s what the brigade 6s and battalion 6s are going to be really it’s going to enable that,” he said. “The future is we’re going to continue that single domain build out and that’s going to really take us into next year. We’ll be done by the springtime fully for the division, where the division’s fully built out on this.”