UNCLASSIFIED Mission Partner Environment (MPE) and NATO Federated Mission Networking (FMN) Overview BOLD ALLIGATOR CAOPT 25 June 2015 Joint Staff.

UNCLASSIFIED Mission Partner Environment (MPE) and NATO Federated Mission Networking (FMN) Overview BOLD ALLIGATOR CAOPT 25 June Joint Staff JS J6 DDC5I IID Slide 1: Intro --Overall message: NATO FMN efforts and US MPE efforts are cut from the same cloth and look to achieve similar objectives with similar materiel and non-materiel tool sets. --Now that the US has MPE and accreditation and ITAR release for use in mission partner environments for many of its systems, applications, and services, the US may employ US forces using an MPE instance to support NATO operations conducted at the NATO Secret level and NATO only releasability unlike any time in the past. UNCLASSIFIED

Coalition mission partner options
UNCLASSIFIED Agenda MPE Overview Joint Information Environment (JIE) JMEI US MPE and NATO FMN Parallel in synch efforts by other nations Coalition mission partner options Slide 1: Intro --Overall message: NATO FMN efforts and US MPE efforts are cut from the same cloth and look to achieve similar objectives with similar materiel and non-materiel tool sets. --Now that the US has MPE and accreditation and ITAR release for mission partner environments for many of its systems, applications, and services, the US may employ US forces using an MPE instance to support NATO operations conducted at the NATO Secret level and NATO only releasability unlike any time in the past. UNCLASSIFIED

MPE Use Case Range of Military Operations
UNCLASSIFIED MPE Use Case Range of Military Operations What is the CDRs intent? What is the mission? Who are the partners? What information needs to be shared? What classification and releasability level(s) do you need to operate in? Classified Releasable FEDERATIONS of MISSION NETWORKS UNCLASS NETWORKS MN BICES US BICES-X LOW TO HIGH HA/DR MCO UNCLASSIFIED

Draft Operation XX XX (XXX) Mission Network Relationships
MN BICES Joining Membership and Exiting Instructions (JMEI) Specific to XXX XXX Policy Foundation of Trust - Collective agreement by originating XXX partners “Third Stack” “REL XXX” DOTMLPF provided by each Mission Network contributor Network, capabilities, TTP employed therein to conduct XXX Ops Training & Education Leadership direction, Culture change, and Practice Governance Mission CDR specific as shaped by partner(s) CIAV (XXX specific activities per CDR’s Guidance) Compare XXX partner operational processes Deliberate “Do No Harm” coordinated change of DOTMLPF and TTP USA flag represents one or more mission network node contributions (Episodic MPE instance(s)) Create XXX CoI? SECRET REL XXX CJTF CFACC CFLCC CFMCC CFSOCC MP B MP D MP C MP Y MP X MP Z MP P MP A MP Q Self provided National Secret Self provided National Unclassified Self provided Cross Security Level Information Exchange Guard Specific C2 relationships for OAR related exercises and/or operations is NOT depicted

UNCLASSIFIED MPE and FMN US MPE and NATO FMN born of the same requirement document from COMIJC MPE and FMN concepts and implementation plan documents developed in parallel with close coordination and collaboration Both leverage best practices & lessons from ISAF AMN federation, other missions & exercises Primary tenet of both: Apply current capabilities, equipment, skills, talent, and TTPs to a mission network #1 challenge: Coordinating national/organizational implementation policies in a “do no harm” manner to achieve “unity of effort” within a mission network in pursuit of coalition mission objectives (Goal of CE14 FPC, documented in CE14MN JMEI) MPE JMEI Joining Instructions and NFIP Volume 2 Instructions contain the same protocol standards, IA & Security criteria to create a trusted, protected and secure federation of mission networks and standards for connecting six partner “human to human collaboration” core services with each other US MPE and NFIP basic protocols, standards and trust criteria cross referenced and match those referenced and used in ISAF AMN, CE13, CE14 and AC15 JMEI documents. ATO* for CE13MN & CE14MN network contributions demonstrated ability to meet foundational MPE JMEI Joining Instruction and NFIP Instruction protocols, standards and trust criteria COMIJC requirement for a “future” capability to employ DOTMLPF in a mission environment routed to and endorsed by NATO ISAF chain of command SACEUR and US CJCS *ATO = Authority To Operate UNCLASSIFIED

US MPE – NATO FMN Relationship
MN BICES NS WAN CJTF CFACC CFLCC CFMCC CFSOCC CJTF CFACC CFLCC CFMCC CFSOCC US MPE and NATO FMN conceptually alike MPE (US led mission) – FMN (NATO led mission) Federation of “REL TO Mission” mission networks model Episodic in nature (temporary, built for mission) Nations agree to trust and security criteria to “connect” mission networks Trusted and protected connections made through Joining, Membership, and Exiting Instructions (JMEI) Nations provide their own equipment and TTP “federate” capabilities and TTPs Partners replicate releasable, operational capabilities and TTPs within respective mission networks This slide shows the relationship between JIE, MPE Tier1 and a MPE Tier 2 federation of networks – Please note, all flag representations are notional and for demonstration purposes only. JIE is represented by the purple cloud. JIE enables the US joint force to connect, access and share within a single security architecture. The Defense Intelligence Information Enterprise is part of the JIE, as depicted by the US-BICES-X capability highlighted in the blue triangle. This triangle represents an envisioned MPE Tier 1 federation of CCMDs, enabled by TNE technology, who can share information with mission partners not only in bi-lat relationships, but also in multi-lat relationships across CCMD boundaries. The Tier 1 environment supports the CCDR’s requirement to have a persistent info sharing environment for planning with mission partners. This Tier 1 capability is US provided and will rely heavily on the infrastructure and security provided by JIE. The gray cloud represents a MPE Tier 2. This environment is episodic, temporary in nature and formed to support a specific mission, at a specific mission classification and releasability. The US flag reflects a US extension from JIE into this federated environment. Note, that each nation contributes their own resources to form this federation. They may also elect to connect their own classified and unclass nets to this federated environment as depicted by the red/green lines From the US perspective, components will be required to repurpose equipment to form “third stack” to support the US contribution to the federated network. JMEI described the basic standards required for nations to join this environment. Leveraging US DOTMLPF that has been approved for use on current mission networks (such as CENTRIXS-ISAF) the US is ready today to form a MPE Tier 2 instance to support any mission. **All flags representative only – notional laydown

Key = Managed Deliberate Coordinated Change Among Willing Partners
NATO Federated Mission Networking (FMN) and US Mission Partner Environment (MPE) Discussion Points --Overall message: NATO FMN efforts and US MPE efforts are cut from the same cloth and look to achieve similar objectives with similar materiel and non-materiel tool sets --Two key challenges within any partner entity: Culture change and implementation of organizational versions of MPE or FMN concept to facilitate use of organizational DOTMLPF and Policy in a trusted peer to peer coalition mission network environment Respective Program Office accreditation and governmental* approval for release of organizational capabilities and technologies for use in a mission partner environment with a specific set of mission partners Leverage reciprocity or streamline process to obtain or to reuse accreditations and release* of organizational capabilities and technologies for subsequent mission network environments with the same or different sets of mission partners NATO FMN Pedigree: FMN Concept, 2 August 2012; NATO FMN Implementation Plan (NFIP) Volume 1 NAC Approved 29 January 2015, NATO FMN Transition Plan Approved by NATO International Military Staff 19 February 2015. Both US MPE and NATO FMN efforts originated from the same requirement(s) document generated by COMIJC LTG David Rodriguez, endorsed by COMISAF GEN David Petraeus and forwarded up the respective US and NATO chains *e.g. US ITAR = International Trade and Arms Regulation Key = Managed Deliberate Coordinated Change Among Willing Partners UNCLASSIFIED

US - NATO Strategic C2 Relationships & Partnerships
UNCLASSIFIED US - NATO Strategic C2 Relationships & Partnerships Represents Any Nation or Organization NATO IT Infrastructure Joint Information Environment XML Exchanges Strategic Operational Processes Mission Threads NATO Common Funded Federated Mission Networking Mission Partner Environment Connected Forces Initiative Global Integrated Operations Enterprise & Mission Services Operational CIAV Enterprise & Mission Services Mobile Computing Strategy Mobile Communications Joint Information Environment Parallels to NATO IT Modernization and IT Modernization of Partners Common Understanding of Operational Processes/Mission Threads is key ingredient for joint, allied and coalition force success a. Delivery of operational processes/mission threads from tactical level to operational level HQs for comparison and coordination is essential for integration of internal forces b. Delivery of operational processes/mission threads to “Mission X” CIAV (Coalition Interoperability Assessment and Validation) for comparison, correlation and coordination is essential for integration with external [coalition] forces Use of common data strategies such as NIEM to organize XML Exchanges ensures information and data is exchanged between mission partners with content and context intact Connected Forces Initiative (enhances integration of Alliance and Alliance member support to NATO Level of Ambition (LOA) Global Integrated Operations NATO IT Infrastructure / NATO Network Enabled Capability (NNEC) Joint Information Environment Federated Mission Networking Mission Partner Environment Coalition Interoperability Assurance and Validation NIEM Enterprise & Mission Services Mobile Computing Strategy Mobile Communications Jolted Tactics Mission Threads / Operational Processes NATO Mobile Computing Strategy References: a) HQ SACT ACOS C2DS Food for Thought Paper “ Towards a Mobile Computing Strategy for NATO” 5000 TSC FCX 0010/TT9586 Ser NU August 2013 b) NCIA GM Speech at AFCEA sponsored Koblenz Information Technology Symposium. On 30 August, General Manager Koen Gijsbers gave a keynote speech at the annual Koblenz Information Technology Symposium, organised by the Armed Forces Communications and Electronics Association (AFCEA). The thrust of the speech was on Mobile Computing and Cyber Defence, and the role of these in the NCI Agency’s future. “The world, our environment, is getting more Instrumented, Interconnected and Intelligent. There will be soon a trillion connected devices in the world; there is an increasing range of sensors, agility and mobility of people and organizations growth continuously. We can’t stop this development, perhaps we can benefit from it and we have to prepare ourselves for this evolution.” Agility and flexibility The General Manager referred to studies that currently are conducted within the Agency in order to, “invest in in new technologies that increase competitiveness and lead ideally to savings.” Indirectly linking the theme to the Secretary General’s “Connected Forces” initiative, he emphasized that mobile and cloud computing have the ability to contribute to improved agility and flexibility. Mr. Gijsbers also mentioned an ‘App store’ approach for NATO capabilities highlighting both the associated opportunities and challenges. “We must realise that technology is only a part of the challenge – the human behaviour is essential to mobile computing,” the General Manager stated. The General Manager ended his presentation with the following conclusions: - NATO and nations must collaborate on the development of secure mobile computing; - NATO must engage with the academic world to take advantage of both front-line technology and an open mind-set; - NATO must engage with the Nations, academia and industry to develop a cyber-security awareness program (NATO and defence is not special in this context); - The Human Factor is equal to the technical challenges. Tactical Jolted Tactics XML Exchanges Nation / Mission Partner Funded Similar Tools and Processes Support Both Global Integrated Operations and NATO Level of Ambition UNCLASSIFIED

Roles, Responsibilities and Relationship options within ANY coalition
Eight options for mission partner participation within a coalition event. Only one involves “joining” by contributing and federating a mission network with a “core” mission network provided by a lead HQ or any other mission partner HQ Contribute own network, resourced and governed by mission partner operating with a "Releasable to Coalition Event Name" caveat. Required: Receipt and full compliance with coalition event lead HQ JMEI documents Request purchase, lease or loan extension of coalition event lead HQ network to own forces/C2 nodes. Compliance with network provider criteria is required, assumes network provider has already fully complied with coalition event lead HQ JMEI document criteria. No direct compliance with lead coalition event HQ JMEI template documents required. Request purchase, lease or loan extension of a network provided by another coalition event mission partner to own forces/C2 nodes. “Federation of sovereign mission networks” key tenet of MPE / FMN Frameworks Note: "Releasable to Event" caveat means information is releasable to all coalition event mission partners, not just those who contribute networks to a specific coalition federation of networks!!

Note: Mission partners may utilize a coalition event federation of networks established to support a specific coalition event without selecting options 1-3: No direct or indirect compliance with lead coalition event HQ JMEI template documents required for any option below. Data and information may flow to and from option 4-6 mission partner representatives in a variety of different ways. Embed a small or large force within another mission partner's force. Send augmentees to coalition event HQ or lower echelon HQ or mission partner HQ as augmentees. Send personnel to coalition event as observers. Advocate and support coalition mission in world forums via a variety of communications media 8) Some combination of options 4-7. --Data and information flows to option 4-6 mission partner representatives in different ways. --Embedded forces will receive and send information and data (contribute reports, etc.) via the organization into which they are embedded. --Observers and augmentees to may receive an account to one of the networks in the federation of networks after their [individual national] security clearance is accepted by the mission partner providing the coalition event network where the augmentee is working separate and apart from any other national only network access. (For example SIPRNet or NIPRNet for US personnel or NS WAN or NATO Unclassified for NATO PE and CE staff.) Note: "Releasable to Event" caveat means information is releasable to all coalition event mission partners, not just those who contribute networks to a specific coalition federation of networks!! "Releasable to Event" caveat means information is releasable to all coalition event mission partners, not just those who contribute networks to a specific coalition federation of networks!!

Cannot “Surge” or “Pre-determine” Trust
NATO Federated Mission Networking (FMN) and US Mission Partner Environment (MPE) Summary Unity of Effort and Speed of Command within a coalition force requires movement of coalition C5ISR operations and activities off of national or NATO specific security domains Federated Mission Networking and Mission Partner Environment frameworks offer option of establishing a primary C2 mission network environment specific to a mission/exercise/training event Use is complementary to, not in place of, existing national, NATO, or other multi-national network domains Each coalition is different-- leverage common agnostic protocols, standards to establish trusted and protected connections and compatibility criteria for six collaboration services as a consistent foundation for each different coalition mission network No new* equipment, no new skill sets, no new software, no new services, no new people required to implement FMN and MPE Framework—just a desire to participate and adjust to mission priorities Partners bring own DOTMLPF capabilities -- whatever they are All are treated the same—as peers-- capacity and size or organizational role does not matter to security, infrastructure and information assurance accreditation teams. *May require additional sets of current equipment/licenses if re-purposing of existing equipment/licenses is not practical or available Cannot “Surge” or “Pre-determine” Trust

Cannot “Surge” or “Pre-determine” Trust
NATO Federated Mission Networking (FMN) and US Mission Partner Environment (MPE) Summary Most difficult challenge to coalition mission planning is coordination and adjustment of national and NATO policy implementations to establish mission/exercise specific policies Lessons from ISAF, CE2013, CE2014, IMMEDIATE RESPONSE 14 , CLEVER FERRET 14, AUSTERE CHALLENGE 2015, any other coalition event planning process Culture and policy adjustments---perform coalition mission tasks on mission network, national business on national network, business with NGOs and others on Unclassified networks Practice and more practice is only tried and true method of increasing trust among mission partners and reducing time to implement trusted network- enabled information sharing arrangements. Trust can be gained by practice and familiarity with partner DOTMLPF and Policies—practice must include training audience “6s”! COMBINED ENDEAVOR 2013/2014 & AUSTERE CHALLENGE 15 achieved FMN/MPE objectives with current DOTMLPF and Policies BOLD QUEST 15.2 Cannot “Surge” or “Pre-determine” Trust

You Can’t Surge Trust; Mission Partners Get A Vote

Back Up

ACME - Episodic Capability
ACME = Austere Challenge [15] Mission Environment AC15 Joining Membership and Exiting Instructions (JMEI) Policy: Collective agreement for AC15 Management: AC15 NETOPS “Third Stack”: Provided by each ACME network Contribution (USA, LTU) Piggyback arrangements follow provider governance and protection requirements (must be a coalition member) Training: Per AC15 training audience and scenario requirements Governance: AC15 CJTF CJ6 overall, Each ACME network contribution governed, resourced and protected by owner CIAV: Embedded in AC15 planning and execution process to include “Do no harm” change management Self provided National Secret Self provided National Unclassified USA provided Multi-National (MN) BICES Self provided Cross Security Level Information Exchange Guard ACME REL AC15 CJTF CFACC CFLCC CFMCC CFSOCC Other USA Locations ACME: Represents an overarching framework for AC15 to enable network contributing partners to operate at a Secret REL to AC15 level based on CDR’s guidance and agreed upon CONOPS, TTP, Policy, Governance, and Common Standards

Mission Partner Environment (MPE)
Operational Context: As a standard practice, US Forces use SIPRNet as the primary warfighting network for operations. In Afghanistan, this constrained the ability of US commanders to speak with immediacy to all operational commanders (mission partners) The need to mitigate risk and provide the commanders with strategic, operational and tactical flexibility spurred the development of the Afghanistan Mission Network (AMN) for coalition information sharing & mission tasks -- get the “fight” off the SIPRNet Lessons Learned & Guiding Principles: Operational imperative – unity of effort, enable communications with all mission partners to execute the Commander’s intent in a single security and releasability environment. MPE is not a single network – it is a framework describing USA contribution(s) to a federation of partner provided mission specific networks, systems, and TTPs No intent establish a new “program of record” as MPE is not a “thing” to purchase; focus is on re-purposing existing materiel and non-materiel enablers and capabilities. Alignment with NATO’s Federated Mission Networking (FMN) Individual nations are resourced and equipped independently, each bringing their own equipment & resources DoD must leverage & better shape what already fielded or in existing or in development; and incorporate new technologies within normal refresh schedules. when the US is not the lead nation, and DoD is not the lead federal agency “We’re one year away from forgetting everything we learned in Afghanistan.” Iron Major, USMC - Communications Officer

MPE Operational Context
Lesson Learned: USA use of SIPRNet as primary C2 network during mission partner operations generates strategic, operational and tactical limitations: Forces on different networks with inadequate cross-domain solutions resulted in poor ops, planning and intelligence information exchange between NATO, U.S. and other partner forces in ISAF Non-materiel DOTMLPF, TTP and Policy solutions as or MORE important than materiel solutions Need for strategic to tactical human-to-human information exchange in a common language on same security and releasability level in real time – share by default; classify by exception Consistent DoD ability to employ in-place information sharing, TTP, and operational C4ISR to support both persistent and episodic (mission specific) operations with mission partners MPE leverages a “federation of sovereign C2 networks” created by the contribution of two or more nation “mission networks” to establish a mission specific enterprise in which all mission partners may operate as peers within a single classification and releasability policy MPE addresses the limitations of US forces operating only on SIPRNet in a mission or event with mission partners that do not have access to SIPRNet. MPE is a Mission Commander's capability; whether US , NATO, FVEY or another nations’ or organizations, the mission partners shape the operational objectives and the supporting requirements for joining and exiting instructions. MPE Tier 1 (persistent) is “As Is” COCOM/Component engagement with mission partners via bi and multi lateral relationships. Once a COCOM/Component Commander goes from persistent ops to mission specific ops; MPE must already be in place. Solution: Move coalition fight off of national networks [SIPRNet] UNCLASSIFIED

NATO / ISAF UNCLASSIFIED

MPE Enduring and Episodic Definitions
Application of MPE Principles and Network Relationships and Characteristics differ (known steady state relationships vs. unknown situation shaped coalition membership) MPE Enduring: Strategic Level (information sharing & planning) Asynchronous and non-real time information sharing Persistent – time not a factor Specified Mission Partners (bilateral or multi-lateral “Communities of Interest) Combatant Command (CCMD) HQ capabilities for Mission Partner engagement/planning Technologically dependent Integrated with and enabled by Joint Information Environment (JIE) MPE Episodic: Operational to Tactical Level (Conduct Operations) Synchronous and near-real-time or real-time conduct of operational mission tasks Episodic – time to establish always a factor Mission Focused (exercise or contingency operation) Unknown mission partners, emergent mission; unknown duration JTF and component capabilities for peer to peer Mission Partner operations US may not be lead; but must leverage JIE to contribute DOTMLPF, P & TTP to coalition Politicians create coalitions whether long term or mission/event specific. Military and/or DOTMLPF compatibility is not a requirement to become a member of a coalition. MPE is a Mission Commander capability for operational planning and execution with Mission Partners Tier I is US centric, a CCMD HQs capability enabled by JIE in required day to day mission partner planning. Mission Partners are already known operating within pre-determined agreements and COIs. Tier II is episodic and may or may not be US led. Mission Partners could be the same or different than those in Tier I. A JTF Commander will leverage JIE transport and infrastructure attributes to achieve his operational objectives. US forces bring same DOTMLPF capabilities to the fight whether the lead or in a supporting role. Practice and more practice is tried and true method of increasing trust among mission partners and reducing time to implement trusted network-enabled information sharing arrangements. “US and Mission Partners collaborate in Mission Partner Environment (MPE) Enduring environments day to day with the capability to transition to conducting operations within a MPE Episodic for any operation” UNCLASSIFIED

Joint Information Environment (JIE) – Enduring & Episodic MPE
e.g. Existing bi-lateral and multi-lateral network relationships: MN BICES and other named network relationships, etc. CCMD Persistent  CCDR level  US Centric  Bi-lateral /Multi-lateral  Specified Mission Partners Enduring MPE “A” MPG Enduring MPE “B” CCMD CCMD MPG Rel to Mission or Exercise JIE Connect Access Share SIPRNet and NIPRNet Episodic MPE MP A CJTF CFACC CFLCC CFMCC CFSOCC US BICES-X is an Enduring MPE. Federation within USA of US HQs is of interest to partners as it facilitates consistent connection by partners from more than one geographic location. US BICES-X is solely a US owned and operated environment, partners are not part of internal US decision-making. It is NOT related to MN BICES. Briefing point. MN BICES is another example of an MPE Enduring solution. MN BICES is an environment that supports intelligence information exchange and collaboration between 28 NATO nations, NATO plus seven non-NATO Nations. MN BICES is governed by a MN BICES Board of Governors. MN BICES is but one of many possible connections to US BICES-X. This slide shows the relationship between JIE, Enduring MPE and an Episodic MPE federation of networks JIE is represented by the purple cloud. JIE enables the US joint force to connect access and share within a single security architecture. MPE Enduring and MPE Episodic instances are complimentary, not in competition. Each instance of either type of MPE represents trusted relationships with different sets of mission partners. The Enduring MPE supports the CCDR’s requirement to have a persistent info sharing environment for planning with mission partners. This enduring capability is US provided and will rely heavily on the infrastructure and security provided by JIE. Until the JIE matures, the, the US-BICES-X capability within the Defense Intelligence Information Enterprise is proposed as an interim enduring capability. It is depicted by highlighted in the blue triangle. This triangle represents an envisioned MPE Tier 1 federation of CCMDs, enabled by TNE technology, who can share information with mission partners not only in bi-lat relationships, but also in multi-lat relationships across CCMD boundaries. The gray cloud represents an episodic MPE. “Hub and spoke” depictions are of relationships not network architectures. Within a coalition event federation of networks the network relationships are many to many. This environment is episodic, temporary in nature and formed to support a specific mission, at a specific mission classification and releasability. The US flag reflects a US extension from JIE into this federated environment. Note, that each nation contributes their own resources to form this federation. They may also elect to connect their own classified and unclass nets to this federated environment as depicted by the red/green lines. From the US perspective, components will be required to repurpose equipment to form “third stack” to support the US contribution to the federated network. Joining, Membership, and Exit Instructions (JMEI) describe the basic standards required for nations to join this environment. Leveraging US DOTMLPF that has been approved for use on current mission networks (such as CENTRIXS-ISAF) the US is ready today to form a MPE Episodic instance to support any mission. MP Q MP X MP B MP Y MP C LEGEND National Classified Network (e.g. SIPRnet) National Unclassified Network (e.g. NIPRnet) National Contribution (3rd Stack); National DOTMLPF-P, IA, Security Enduring MPE Connection Episodic MPE Federated Network; Commander accepts risk, sets rules MP P MP Z MP D Temporal  CJTF level  Commander centric  Unknown Coalition of the Willing Cross Security Level Exchange “Guard” MPG = Mission Partner Gateway

Today’s MPE Enduring Environments
Collaborate and Share Information Enduring MPE “A” US BICES-X FTI PACOM CENTCOM EUCOM TNE SIPRNET TIER 1 Tier 1 SIPR connection currently provides only CENTCOM users access to the US BICES-X FTI Mission Partner L JIE Connect Access Share Mission Partner M Mission Partner N Mission Partner O Enduring MPE “B” MN BICES CCMD MPG SIPRNet and NIPRNet CCMD MPG Plus other existing bi-lateral and multi-lateral network relationships some of which may not be directly connected to current DoD Networks or future JIE US BICES and NATO BICES are now known as Multi-National (MN) BICES after addition of seven nations to the original 28 BICES members (NATO member nations): Australia, Austria, Finland, Ireland, New Zealand, Sweden, Switzerland Interim Mission Partners collaborate via a JIE Tier I environment but must be able to rapidly shift to operating within a Episodic Mission Partner Environment (MPE) framework as situation(s) dictate

Operational Context: As a standard practice, US Forces use SIPRNet as the primary warfighting network for operations. In Afghanistan, this constrained the ability of US commanders to speak with immediacy to all operational commanders (mission partners) The need to mitigate risk and provide the commanders with strategic, operational and tactical flexibility spurred the development of the Afghanistan Mission Network (AMN) for coalition information sharing & mission tasks -- get the “fight” off the SIPRNet Lessons Learned & Guiding Principles: Operational imperative – unity of effort, enable communications with all mission partners to execute the Commander’s intent in a single security and releasability environment. MPE is not a single network – it is a framework describing USA contribution(s) to a federation of partner provided mission specific networks, systems, and TTPs No intent establish a new “program of record” as MPE is not a “thing” to purchase; focus is on re-purposing existing materiel and non-materiel enablers and capabilities. Alignment with NATO’s Federated Mission Networking (FMN) Individual nations are resourced and equipped independently, each bringing their own equipment & resources DoD must leverage & better shape what already fielded or in existing or in development; and incorporate new technologies within normal refresh schedules. when the US is not the lead nation, and DoD is not the lead federal agency “We’re one year away from forgetting everything we learned in Afghanistan.” Iron Major, USMC - Communications Officer

MPE Operational Context
Lesson Learned: USA use of SIPRNet as primary C2 network during mission partner operations generates strategic, operational and tactical limitations: Forces on different networks with inadequate cross-domain solutions resulted in poor ops, planning and intelligence information exchange between NATO, U.S. and other partner forces in ISAF Non-materiel DOTMLPF, TTP and Policy solutions as or MORE important than materiel solutions Need for strategic to tactical human-to-human information exchange in a common language on same security and releasability level in real time – share by default; classify by exception Consistent DoD ability to employ in-place information sharing, TTP, and operational C4ISR to support both persistent and episodic (mission specific) operations with mission partners MPE leverages a “federation of sovereign C2 networks” created by the contribution of two or more nation “mission networks” to establish a mission specific enterprise in which all mission partners may operate as peers within a single classification and releasability policy MPE addresses the limitations of US forces operating only on SIPRNet in a mission or event with mission partners that do not have access to SIPRNet. MPE is a Mission Commander's capability; whether US , NATO, FVEY or another nations’ or organizations, the mission partners shape the operational objectives and the supporting requirements for joining and exiting instructions. MPE Tier 1 (persistent) is “As Is” COCOM/Component engagement with mission partners via bi and multi lateral relationships. Once a COCOM/Component Commander goes from persistent ops to mission specific ops; MPE must already be in place. Solution: Move coalition fight off of national networks [SIPRNet] UNCLASSIFIED

MPE Enduring and Episodic Definitions
Application of MPE Principles and Network Relationships and Characteristics differ (known steady state relationships vs. unknown situation shaped coalition membership) MPE Enduring: Strategic Level (information sharing & planning) Asynchronous and non-real time information sharing Persistent – time not a factor Specified Mission Partners (bilateral or multi-lateral “Communities of Interest) Combatant Command (CCMD) HQ capabilities for Mission Partner engagement/planning Technologically dependent Integrated with and enabled by Joint Information Environment (JIE) MPE Episodic: Operational to Tactical Level (Conduct Operations) Synchronous and near-real-time or real-time conduct of operational mission tasks Episodic – time to establish always a factor Mission Focused (exercise or contingency operation) Unknown mission partners, emergent mission; unknown duration JTF and component capabilities for peer to peer Mission Partner operations US may not be lead; but must leverage JIE to contribute DOTMLPF, P & TTP to coalition Politicians create coalitions whether long term or mission/event specific. Military and/or DOTMLPF compatibility is not a requirement to become a member of a coalition. MPE is a Mission Commander capability for operational planning and execution with Mission Partners Tier I is US centric, a CCMD HQs capability enabled by JIE in required day to day mission partner planning. Mission Partners are already known operating within pre-determined agreements and COIs. Tier II is episodic and may or may not be US led. Mission Partners could be the same or different than those in Tier I. A JTF Commander will leverage JIE transport and infrastructure attributes to achieve his operational objectives. US forces bring same DOTMLPF capabilities to the fight whether the lead or in a supporting role. Practice and more practice is tried and true method of increasing trust among mission partners and reducing time to implement trusted network-enabled information sharing arrangements. “US and Mission Partners collaborate in Mission Partner Environment (MPE) Enduring environments day to day with the capability to transition to conducting operations within a MPE Episodic for any operation” UNCLASSIFIED

Joint Information Environment (JIE) – Enduring & Episodic MPE
e.g. Existing bi-lateral and multi-lateral network relationships: MN BICES and other named network relationships, etc. CCMD Persistent  CCDR level  US Centric  Bi-lateral /Multi-lateral  Specified Mission Partners Enduring MPE “A” MPG Enduring MPE “B” CCMD CCMD MPG Rel to Mission or Exercise JIE Connect Access Share SIPRNet and NIPRNet Episodic MPE MP A CJTF CFACC CFLCC CFMCC CFSOCC US BICES-X is an Enduring MPE. Federation within USA of US HQs is of interest to partners as it facilitates consistent connection by partners from more than one geographic location. US BICES-X is solely a US owned and operated environment, partners are not part of internal US decision-making. It is NOT related to MN BICES. Briefing point. MN BICES is another example of an MPE Enduring solution. MN BICES is an environment that supports intelligence information exchange and collaboration between 28 NATO nations, NATO plus seven non-NATO Nations. MN BICES is governed by a MN BICES Board of Governors. MN BICES is but one of many possible connections to US BICES-X. This slide shows the relationship between JIE, Enduring MPE and an Episodic MPE federation of networks JIE is represented by the purple cloud. JIE enables the US joint force to connect access and share within a single security architecture. MPE Enduring and MPE Episodic instances are complimentary, not in competition. Each instance of either type of MPE represents trusted relationships with different sets of mission partners. The Enduring MPE supports the CCDR’s requirement to have a persistent info sharing environment for planning with mission partners. This enduring capability is US provided and will rely heavily on the infrastructure and security provided by JIE. Until the JIE matures, the, the US-BICES-X capability within the Defense Intelligence Information Enterprise is proposed as an interim enduring capability. It is depicted by highlighted in the blue triangle. This triangle represents an envisioned MPE Tier 1 federation of CCMDs, enabled by TNE technology, who can share information with mission partners not only in bi-lat relationships, but also in multi-lat relationships across CCMD boundaries. The gray cloud represents an episodic MPE. “Hub and spoke” depictions are of relationships not network architectures. Within a coalition event federation of networks the network relationships are many to many. This environment is episodic, temporary in nature and formed to support a specific mission, at a specific mission classification and releasability. The US flag reflects a US extension from JIE into this federated environment. Note, that each nation contributes their own resources to form this federation. They may also elect to connect their own classified and unclass nets to this federated environment as depicted by the red/green lines. From the US perspective, components will be required to repurpose equipment to form “third stack” to support the US contribution to the federated network. Joining, Membership, and Exit Instructions (JMEI) describe the basic standards required for nations to join this environment. Leveraging US DOTMLPF that has been approved for use on current mission networks (such as CENTRIXS-ISAF) the US is ready today to form a MPE Episodic instance to support any mission. MP Q MP X MP B MP Y MP C LEGEND National Classified Network (e.g. SIPRnet) National Unclassified Network (e.g. NIPRnet) National Contribution (3rd Stack); National DOTMLPF-P, IA, Security Enduring MPE Connection Episodic MPE Federated Network; Commander accepts risk, sets rules MP P MP Z MP D Temporal  CJTF level  Commander centric  Unknown Coalition of the Willing Cross Security Level Exchange “Guard” MPG = Mission Partner Gateway

Today’s MPE Enduring Environments
Collaborate and Share Information Enduring MPE “A” US BICES-X FTI PACOM CENTCOM EUCOM TNE SIPRNET TIER 1 Tier 1 SIPR connection currently provides only CENTCOM users access to the US BICES-X FTI Mission Partner L JIE Connect Access Share Mission Partner M Mission Partner N Mission Partner O Enduring MPE “B” MN BICES CCMD MPG SIPRNet and NIPRNet CCMD MPG Plus other existing bi-lateral and multi-lateral network relationships some of which may not be directly connected to current DoD Networks or future JIE US BICES and NATO BICES are now known as Multi-National (MN) BICES after addition of seven nations to the original 28 BICES members (NATO member nations): Australia, Austria, Finland, Ireland, New Zealand, Sweden, Switzerland Interim Mission Partners collaborate via a JIE Tier I environment but must be able to rapidly shift to operating within a Episodic Mission Partner Environment (MPE) framework as situation(s) dictate

Joining Membership and Exit Instructions
JMEI Defined Joining Membership and Exit Instructions Not a new idea but a new term generated by ISAF coalition forces Old terms: TTPs, SOPS, other named products resulting from exercise planning process or Crisis Action Planning (CAP) process In short, JMEI are a set of documents specific to a mission/exercise that range from technical implementation guidance to establishment of secure and trusted peer to peer communications to Mission[Exercise] CONOPS to OPORDERs and FRAGOs to political guidance to agreements between partners to Commander's Intent Operation [or Exercise] Orders, all OPORDER Annexes and any other document pertinent to a specific mission or exercise are a part of the collective set of documents referred to as “JMEI” UNCLASSIFIED

MPE JMEI Joining Instructions Definition
MPE JMEI Joining Instructions – A set of mission and partner agnostic documents that describe basic standards and compliancy criteria to establish a trusted and secure network relationship / connectivity between US and “coalition of the willing” partners as well as compatibility of six core collaboration services between network contributing mission partners US objective: A consistent and repeatable set of MPE JMEI Joining Guidance across Combatant Commands (CCMD) and Services to describe minimum criteria for technical connections, IA, security, and six core collaboration services Benefit: Services and mission partner ability to train and equip to a standard that is useful regardless of which US CCMD or contributing mission partner is the lead or what mission is being executed Choice to train and equip forces to JMEI Joining Guidance is a sovereign decision—change(s) in MPE JMEI Joining Guidance managed and coordinated, not governed, among a “coalition of the willing” US DoD governs US train and equip processes Content of US MPE JMEI Joining Instructions evolve in a consistent and complementary manner with NATO Federated Mission Networking Implementation Plan Volume II Instructions Partner MoDs govern respective train and equip processes HQ NATO / Existing NATO processes govern train and equip processes to support NATO Command Structure HQs NATO has Federation Mission Networking (FMN) Implementation Plan (NFIP) “Instructions” in NFIP Volume II as a counterpart to MPE JMEI. “MPE JMEI Joining Instructions contain the common “Lego Blocks” to enable more rapid establishment of trusted network relationships between any unique set of willing mission partners” UNCLASSIFIED UNCLASSIFIED

Event Specific JMEI Definition
Event Specific JMEI – A set of documents specific to a mission/exercise Content ranges from technical implementation guidance to Mission/Exercise CONOPS to OPORDERs/FRAGOs to political guidance to agreements between partners to Commander’s Intent Starting point: Leverage and reference basic standards and compliancy criteria set in MPE JMEI Joining Instructions [stated US goal is US MPE consistency with NATO FMN Volume II Instructions] Generated by mission/exercise lead HQ staff and mission partner reps to address all aspects of a specific coalition mission or exercise with mission partners under a JTF Commander lead, lead Nation, or exercise sponsor Event specific JMEI are the products of Crisis Action Planning or a the planning process associated with any exercise, test, experiment planning process Benefit: Shape and drive collective DOTMLPF and Policy contributions to achieve mission objectives via generation of event specific policies, operational procedures, and technical configuration and security agreements tailored to address unique criteria and circumstances applicable to each mission and partner set Commanders retain flexibility to shape and employ coalition force HQ and DOTMLPF of supporting forces as they see fit to conduct operations in order to meet assigned objectives Mission partners respond to acknowledged leadership role of whomever is mission or exercise Commander without giving up sovereign rights and responsibilities Foundation provided by MPE JMEI Joining Instructions Part 1 is tailored to address unique criteria and circumstances applicable to each exercise/mission within each CCMD/JTF/Lead nation. Foundation provided by JMEI Joining Instructions is tailored to address unique criteria and circumstances applicable to each exercise/mission within each CCMD/JTF/Lead nation. Episodic MPE provides a foundation that enable a commander the necessary flexibility to adapt collective mission partner DOTMLPF and Policy to achieve common objectives for a specific coalition mission or event. Risk to nation by joining XX Mission Network Federation is less than NOT joining in terms of resources, force protection, mission accomplishment UNCLASSIFIED

Mission XX JMEI Development & Validation Flow Chart
US FMN 90 Day Study Figure 7 Coalition Nations Prioritized by those that provide Combat Power, Logistics, BOG*, etc. Mission, Exercise, Test, Experiment, Training Event JMEI** MPE Joining Instructions CCMD Standardization US MPE JMEI Joining Instructions signed by JS J6 21 August 2014 MPE U.S. Components CIAV*** Bi-lats/Multi-lats Allies, Partners Systems, Applications, Services, Mission Threads Regional Accommodation Systems, Applications, Services, Operational Processes The process flows top to bottom with a feedback loop to complete the cycle. Upper right: An event is conceived: Identification of: Event Objectives Lead Organization, Command Structure and Relationships, Mission Partners. An event is a coalition mission, exercise, experiment, test or training event Top Gray Bubble: Discussions conducted with Mission Partners to identify and coordinate details of coalition event objectives and synchronization of national contributions to meet event objectives Connection JMEI are used to establish a trusted federated network environment at a specific event security level for nations electing to contribute a network and willing to meet minimum technical, IA, Security and Core Service criteria The Connection JMEI are standardized across all US CCDRs to enable reuse in any mission or event environment by US joint forces and mission partners US Services (Components to CCDRs) and Mission train and equip to FMN concept tenets to use extant DOTMLPF in a mission environment [in addition to national secret] A CIAV process influences and facilitates US and Mission Partner capability developers to conduct interoperability and interface assessments to establish DOTMLPF cross mapping of capabilities that support mission threads Employment of US and Mission Partner DOTMLP capabilities are influences and tailored to geographic region as well as specific event and mission partner constraints OPLANs and Exercises designed to validate OPLANs are informed and shaped by results of DOTMLPF “Train and Equip” Combination of collective event participant capabilities, ability to form a trusted a federated network to leverage the power of the net to meet event objectives and OPLAN and OPLAN Validation Exercises inform the specifics of an Event JMEI which lays out technical, Security, IA, and TTP standards and expectations for the event. Identification of event security classification caveat, C4ISR and mission support processes and Information Exchange Requirement directed by the event commander in support of CCIRs. A nation or mission partner either meets the criteria as articulated in the Connection JMEI and Event JMEI or is not allowed to connect their national network contribution to the federation. Completed JMEI and OPLAN and used to execute event Feedback from event informs the CCDR standardization process and engagement with mission partners regarding coordinated and deliberate change [update] of the Connections JMEI. Exercise / OPLAN Validation Mission CAP/ Exercise / Test Planning Process Event JMEI * Boots on the Ground **Joining, Membership & Exit Instructions ***Coalition Interoperability, Assurance & Validation “Execution” Feedback J3 Mission Partner Advance Planning versus Crisis Reaction

XXX Mission JMEI Development & Validation Flow Chart
US FMN 90 Day Study Figure 7 Coalition Nations that provide Combat Power, Logistics, BOG*, etc. XXX TASKORD, OPORD, EXORD, CONOPS, SOP, CDR Guidance and Intent, etc. JMEI** MPE Joining Instructions FMN Community Standardization XXXNet U.S. HQ & Components CIAV*** XXX Partners Systems, Applications, Services, Mission Threads Systems, Applications, Services, Operational Processes XXX specific tasks and objectives The process flows top to bottom with a feedback loop to complete the cycle. Upper right: An event is conceived: Identification of: Event Objectives Lead Organization, Command Structure and Relationships, Mission Partners. An event is a coalition mission, exercise, experiment, test or training event Top Gray Bubble: Discussions conducted with Mission Partners to identify and coordinate details of coalition event objectives and synchronization of national contributions to meet event objectives Connection JMEI are used to establish a trusted federated network environment at a specific event security level for nations electing to contribute a network and willing to meet minimum technical, IA, Security and Core Service criteria The Connection JMEI are standardized across all US CCDRs to enable reuse in any mission or event environment by US joint forces and mission partners US Services (Components to CCDRs) and Mission train and equip to FMN concept tenets to use extant DOTMLPF in a mission environment [in addition to national secret] A CIAV process influences and facilitates US and Mission Partner capability developers to conduct interoperability and interface assessments to establish DOTMLPF cross mapping of capabilities that support mission threads Employment of US and Mission Partner DOTMLP capabilities are influences and tailored to geographic region as well as specific event and mission partner constraints OPLANs and Exercises designed to validate OPLANs are informed and shaped by results of DOTMLPF “Train and Equip” Combination of collective event participant capabilities, ability to form a trusted a federated network to leverage the power of the net to meet event objectives and OPLAN and OPLAN Validation Exercises inform the specifics of an Event JMEI which lays out technical, Security, IA, and TTP standards and expectations for the event. Identification of event security classification caveat, C4ISR and mission support processes and Information Exchange Requirement directed by the event commander in support of CCIRs. A nation or mission partner either meets the criteria as articulated in the Connection JMEI and Event JMEI or is not allowed to connect their national network contribution to the federation. Completed JMEI and OPLAN and used to execute event Feedback from event informs the CCDR standardization process and engagement with mission partners regarding coordinated and deliberate change [update] of the Connections JMEI. Exercise / OPLAN Validation XXX Exercise Planning or Crisis Action Planning Process XXX JMEI * Boots on the Ground **Joining, Membership & Exit Instructions ***Coalition Interoperability, Assurance & Validation “Execution” Feedback J3s Secret REL to XXX Mission Partner Advance Planning versus Crisis Reaction

Why JMEI? The term “JMEI” came about as HQ ISAF and HQ ISAF Joint Command (IJC) needed to be able to provide nations [partners] wishing to contribute a national extension to ISAF AMN a consistent and repeatable package of holistic guidance and procedures COMISAF could not “mandate” systems interoperability for the various national C4ISR systems already in use, so the focus was on generating UNITY OF EFFORT by mandating human to human collaboration leveraging the most basic standards and technical protocols In addition to being able to protect and secure a network to ISAF mission policies the only other mandated criteria was to be able to communicate with other partners via six “core services” Web browsing, Chat (NATO Standard XMPP technical format mandated), Voice Over IP Telephone (VOIP), Video Tele-Conferencing over IP (VTCoIP), (with attachments), and Global Address List sharing The result was an evolution of mission technical and procedural documents from “a collection of workarounds” to a description of how to “federate” national mission network contributions into a trusted and protected federation of partner DOTMLPF capabilities and policies called “Afghan Mission Network” Operational and Functional ISAF documents also evolved to reflect operations as a unified coalition force vice a partnership of multiple independent forces Non-Materiel (DOT_MLPF) and Policy contributions by NATO and Nations to the ISAF coalition are the most important contributing factors to ISAF mission success UNCLASSIFIED

Repeatable JMEI for MPE / FMN
NATO and a significant number of nations came to same conclusion that operating as a part of a coalition was most effective and efficient when coalition partners were equal peers within a “mission network” NATO consideration included coalition partnerships with non-NATO member nations In order to leverage the “best practices” of ISAF AMN to inform establishment of a future “mission network” while retaining the flexibility to adapt and adjust to any mission or mission partner set, basic technical elements of JMEI were separated from mission specific and temporal policy driven elements Two categories of JMEI were born JMEI Joining Instructions – A set of mission agnostic documents that describe a nations’ view of the basic standards and compliancy criteria necessary to establish a trusted and secure network relationship as well as compatibility of six core collaboration services between network contributing mission partners (Repeatable and consistent across MPE and FMN documentation) Event specific JMEI – A set of documents are generated by mission/exercise lead HQ staff and mission partner reps to address all aspects of a specific coalition mission or exercise to include partner agreements regarding compatible implementation of national security, identify and access management and cyber defense policies within a federation of “mission networks” NATO has Federation Mission Networking (FMN) Implementation Plan (NFIP) “Instructions” in NFIP Volume II as a counterpart to MPE JMEI. The US MPE Joining Instructions have been signed by LTG Mark Bowman, US Joint Staff J6. [Internal] Governance and implementation across the US DoD is to be accomplished via DoD (staffing complete and awaiting DoD CIO signature) and CJCSI Mission Partner Environment Executive Steering Committee (MPE ESC) Governance and Management (staffing complete and awaiting Joint Staff J5 signature on behalf of CJCS) Governance is internal US business pertaining to training and equipping US forces. Management is via agreement, not consensus, among "coalition of the willing" to ensure coherent, cooperative and deliberate change management process for minimum criteria for technical connections, IA, security, and six core services with as many partners as possible given sovereign decisions and political desires. **MPE Episodic: Operational to Tactical Level (Conduct Operations) --Synchronous and near-real-time or real-time conduct of operational mission tasks --Episodic - time to establish always a factor --Mission Focused (exercise or contingency operation) --Unknown mission partners, emergent mission; unknown duration --JTF capabilities for peer to peer Mission Partner operations --US may not be lead; but must leverage Joint Information Environment (JIE) to contribute US DOTMLPF and Policy to coalition Exchange and Access made “Practical, Efficient, and Effective” When all Participants are Conducting Operations or Training at the “same Security Classification and Releasability Level” UNCLASSIFIED UNCLASSIFIED

First Cut BOLD QUEST MN 15.2 JMEIs
UNCLASSIFIED First Cut BOLD QUEST MN 15.2 JMEIs Policy (J6) Accreditation Process Exercise Statement of Security Compliance (ESSC) and Accreditation Checklist Authorization Templates (eIATT, eIATO, eATO, eDA) Information Assurance Policy Authentication, Authorization, Accounting Removable Media Contingency Plan Cyber Defense Policy Public Key Infrastructure (PKI) Intermediate/Subordinate CA MOA Public Key Infrastructure (PKI) User Agreement Infrastructure (C4AD/JDAT) Network Interface Point (NIP) Design NIP Router Configuration Internet Protocol (IP) Routing IP Plan Router Naming Router Domain Naming Multicast Border Gateway Protocol Routing Time Synchronization/Network Time Protocol (NTP) Data Transport Services (DTS) IP Security / Virtual Private Network (VPN) BQ MN 15.2 JMEIs NetOps (C4AD) Network Operations (NetOps) (TECHCON) Trouble Ticket Procedure (NOC) Information Management/Knowledge Management (IM/KM) Transition Annex Comms (JDAT) Radio Plan (Single Channel Radio) Call Signs and Routing Indicators Frequency Management Communications and Information Sys Security Tactical Satellite Communications Data Communications Network Plan LINK 16 Communications Communications and Information Systems Plng BQ Mission Initiatives (JFD/C4AD/JDAT) Command and Control (C2) Services (Systems) Force Tracking Systems (FTS) / Ground Forces Mgmt Svcs IAMD JFS JMT DaCAS Cyber Core Services (C4AD/JDAT) Mail Routing ( ) Voice over Internet Protocol (VoIP) Chat Global Address lIst (GAL) Synchronization Web Browsing Access Domain Name System (DNS) Summary Process Description (J6) Joining Process Charts Joining Process Checklist Template Joining Letter Others? Exit (C4AD) Data Handling and Protection Guidance Mission Network Exit Procédures UNCLASSIFIED

MPE Implementation / JMEI Change Management
UNCLASSIFIED MPE Implementation / JMEI Change Management The US MPE JMEI Joining Instructions were signed by LTG Mark Bowman, US Joint Staff J6 on 21 August 2104 Distribution is to any and all partners Governance and implementation within US DoD to be accomplished via DoD Instruction (Mission Partner Environment (MPE) Information Sharing Capability Implementation for the DoD) signed 25 Nov 2014 by DoD CIO and CJCSI* Mission Partner Environment Executive Steering Committee (MPE ESC) Governance and Management signed 1 October 2014 Policy. It is DoD policy that: MPE will serve as the framework for operational information sharing between DoD Components and Mission Partners Governance: Internal national [US] business pertaining to training and equipping forces per MPE JMEI Joining Instruction standards Governance also reflects relationships and influence within a mission or an exercise Management: US MPE JMEI Joining Instructions are living documents with updates derived from feedback received from implementation in coalition events Change is via agreement, not consensus, among "coalition of the willing" to ensure coherent, cooperative and deliberate change management process for minimum criteria for technical connections, IA, security, and six core services with as many partners as possible given sovereign decisions and political desires All changes deliberately made in close coordination with “coalition of the willing” contributors (Management vice Governance) Unilateral changes are/would be counter-productive *CJCSI = Chairman of Joint Chiefs of Staff Instruction UNCLASSIFIED

CE14MN JMEIs Joining the CE Mission Network (15)
UNCLASSIFIED Joining the CE Mission Network (15) Policies for CEMN: PKI, Accreditation, IA, etc. Configuring the CE Mission Network (48) Technical Guidance to provide trusted and protected environment needed to meet CE14 goals Exiting the CE Mission Network (1) Guidance for protecting archived information post CE14 Procedures to gracefully exit CEMN federation CE Mission Network Membership (8) NETOPS CONOPS, Cyber Security, Incident Reporting, IM/KM, Vulnerability Management, etc. Event Specific Instructions (38) Daily Battle Rhythm, ORBAT, Reporting Procedures, Trouble ticket, numbering convention, SCR VHF, HF UHF, SHF Allocation, Network diagrams, Tactical Data-link verification, Friendly Force Tracking systems verification, SATCOM Systems Information, etc. Admin (5) Library of Terms, CE14 JMEI Structure, US MPE JMEI Joining Instructions APAN link to CE14 Event JMEI documents: UNCLASSIFIED

CE13 JMEI Trends and Statistics
UNCLASSIFIED CE13 JMEI Trends and Statistics 47% Not followed or not read 17% 30% *e.g. missing procedures, delayed equipment, weather-related problems, etc. 36% 8% 24% 64% 8% 11%  JMEI read but not followed or not read at all account for almost half (47%) of the issues with implementation of CE2013 JMEI across all participants. This was the primary issue with units where the JMEI required the unit to configure equipment differently than national or service specific guidance as understood by SMEs.  JMEI specified a specific vendor for equipment/software rather than utilizing international standards.  JMEI for specific item in accreditation checklist was not existent or vague in wording. After the first six accreditations, it is clear that the most significant hurdle to overcome remains human factors. It is guaranteed that successful accreditation is not possible if JMEI are NOT READ and equipment and services configured accordingly. The first two accreditations failed with offending staff needing to work overtime to read the JMEI then reconfigure their equipment. The next two accreditations were completed within two hours with 100% pass on all areas---these two organizations had ensured all members of their deployed CE13 staff were familiar with both the CE13 concepts a well as the importance of following CE13 JMEI. The message was received by all other participants with subsequent accreditations have proceeding smoothly with only minor compliance hiccups and delays to the accreditation and Authority to Operate (ATO) process. Participants not following, not reading or an outside restriction (technical or policy) with CE13 JMEI are the primary reasons for accreditation issues Compiled by CE13 C7 Assessment staff UNCLASSIFIED

Total JMEI Deficiencies
UNCLASSIFIED CE14 Assessment Trends and Statistics Total JMEI Deficiencies Mandatory Compliance Deficiencies Optional Compliance 317 290 27 Restricted = Conflicts with national policy or otherwise unable to comply Compiled by CE14 C7 Assessment staff UNCLASSIFIED

Evolving to a Mission Partner Environment
UNCLASSIFIED National Connections Web-browsing [ISAF] AMN - Theater Specific Mission Threads Policy & Governance Chat Training CX-I VTCoIP Doctrine & TTP GAL Sharing Standards CIAV VoIP Pre-AMN CX-GCTF Web-browsing GAL National Connections Doctrine & TTP Standards Mission Threads Training Policy & Governance VoIP VTCoIP Chat MPE- Theater Agnostic VTCoIP Doctrine & TTP VoIP National Connections GAL Sharing Mission Threads Web-browsing Chat CX-”X” CIAV-like Policy & Governance Standards Training some assembly required Synergy created by negotiation of policies, practice and compatible (not identical) train and equip decisions BEFORE a mission is what drives improvements in DOTMLPF-Policy interoperability between partners MPE: Provides an overarching capability framework for CCMDs based on CONOPS, Doctrine, TTP, Policy, Governance, Common Standards, Training, Interoperability UNCLASSIFIED

MPE Implementation and Policy Within US DoD
The US MPE JMEI Joining Instructions were signed by LTG Mark Bowman, US Joint Staff J6 on 21 August 2014 Distribution is to any and all partners Content derived from ISAF AMN JMEI and draft NATO FMN Implementation Plan (NFIP) Volume 2 and informed by lessons from COMBINED ENDEAVOR (CE) 2013 and planning for CE2014 Governance and implementation within US DoD to be accomplished via: DoD Instruction (Mission Partner Environment (MPE) Information Sharing Capability Implementation for the DoD) signed 25 Nov 2014 by DoD CIO CJCSI* Mission Partner Environment Executive Steering Committee (MPE ESC) Governance and Management signed 1 October 2014 Policy. It is US DoD policy that: MPE will serve as the framework for information sharing and conduct of coalition operational activities between DoD Components and Mission Partners *CJCSI = Chairman of Joint Chiefs of Staff Instruction

Mission Partner Environment (MPE)Traceability
Strengthening Security Relationships: our relationships with mission partners are a critical component of multi-national engagement and support our collective security Combine capabilities with mission partners: form, evolve, dissolve, and re-form in different arrangements in time and space Scalable: ranging from an individual unit enrolling the expertise of a nongovernmental partner to multi-nation coalition operations MPE Pedigree Terms of Reference ICD/ CONOPS JROCM 081-12 90-Day Study 026-13 MPE Enduring (Tier 1) CDP Joining Instructions CJCSI DoDI MPE Episodic CDP NATO FMN Pedigree: FMN Concept 2 August 2012; NATO FMN Implementation Plan (NFIP) Volume 1 NAC Approved 29 January 2015, NATO FMN Transition Plan Approved by NATO International Military Staff 19 February 2015. Both US MPE and NATO FMN efforts originated from the same requirement(s) document generated by COMIJC LTG David Rodriguez, endorsed by COMISAF GEN David Petraeus and forwarded up the respective US and NATO chains of command to CJCS and SACEUR for endorsement. Both sets of leadership endorsed the requirement. Signed Both US MPE and NATO FMN efforts originated from the same requirement(s) document generated by COMIJC, endorsed by COMISAF and forwarded up the respective US and NATO chains of command to CJCS and SACEUR for endorsement. Both sets of leadership endorsed the requirement.

MPE and FMN Parallel Efforts
NATO FMN Pedigree: FMN Concept 2 August 2012; NATO FMN Implementation Plan (NFIP) Volume 1 NAC Approved 29 January 2015, NATO FMN Transition Plan Approved by NATO International Military Staff 19 February 2015. Both US MPE and NATO FMN efforts originated from the same requirement(s) document generated by COMIJC LTG David Rodriguez, endorsed by COMISAF GEN David Petraeus and forwarded up the respective US and NATO chains of command to CJCS and SACEUR for endorsement. Both sets of leadership endorsed the requirement. NATO FMN Implementation Plan (NFIP) Volume 1 NAC approved 29 January 2015 US MPE JMEI Joining Instructions signed by, US Joint Staff Director J6 on 21 August 2104 “US MPE AND NATO FMN efforts are in parallel and are deliberately aligned

MPE Operational Metrics
MPE “What” MPE is a framework, a concept of operations. A JIE use case. MPE implementation is represented by two or more mission partners agreeing to achieve unity of effort by joining trusted mission networks together to form a federation of networks composed of collective partner provided policy, transport, systems, applications, security, services and operational processes.. MPE “So What” Clearly communicate commander’s intent for desired operational effects with all mission partners Moves the fight off SIPR; allowing US and non-US formations, information, and data to operate in the same battlespace Greater flexibility in mission and task organizing to fight more effectively US and partners fight with the equipment and TTPs they ALREADY own and train with Addresses CCMD persistent info sharing requirements and JTF episodic events Elevates mission partners to peers and recognizes their sovereignty Defines the level of trust & addresses cyber vulnerabilities upfront Do not start from “zero” Mission Partner Advance Planning, Training, versus Crisis Reaction

MPE Implementation / JMEI Change Management
UNCLASSIFIED MPE Implementation / JMEI Change Management The US MPE JMEI Joining Instructions were signed by LTG Mark Bowman, US Joint Staff J6 on 21 August 2104 Distribution is to any and all partners Governance and implementation within US DoD to be accomplished via DoD Instruction (Mission Partner Environment (MPE) Information Sharing Capability Implementation for the DoD) signed 25 Nov 2014 by DoD CIO and CJCSI* Mission Partner Environment Executive Steering Committee (MPE ESC) Governance and Management signed 1 October 2014 Policy. It is DoD policy that: MPE will serve as the framework for operational information sharing between DoD Components and Mission Partners Governance: Internal national [US] business pertaining to training and equipping forces per MPE JMEI Joining Instruction standards Governance also reflects relationships and influence within a mission or an exercise Management: US MPE JMEI Joining Instructions are living documents with updates derived from feedback received from implementation in coalition events Change is via agreement, not consensus, among "coalition of the willing" to ensure coherent, cooperative and deliberate change management process for minimum criteria for technical connections, IA, security, and six core services with as many partners as possible given sovereign decisions and political desires All changes deliberately made in close coordination with “coalition of the willing” contributors (Management vice Governance) Unilateral changes are/would be counter-productive *CJCSI = Chairman of Joint Chiefs of Staff Instruction UNCLASSIFIED

“Third Stack” Discussion Joint Staff JS J6 DDC5I IID Deputy Director Cyber and C4 Integration Interoperability and Integration Division January 2015

MPE Third Stack Food for Thought
What is a third stack? Applicable to MPE Enduring? MPE Episodic? “New” “Different” “Repurposed” Hardware? Software? Strategic communications. J3 or J6 perspective? Can do” versus “should do”- Priority: Cost savings or operational effectiveness of J3? How does it all fit together? (Data storage -- operating system(s) -- work stations – Transport) Who provides and sustains? Operational Requirements? Reuse of DOTMLPF? Policy impacts? Product?

“Third Stack” references
MPE Tier 1 [Enduring] CDP (21 April 2014). Foot Note 16. Figure 2 Page 7 A “Third Stack” is the IT equipment (workstations, routers, security components, servers, applications, and peripherals, etc.) necessary to establish a mission network that facilitates information sharing with mission partners. U.S. forces typically deploy with two sets of IT equipment (NIPRNET and SIPRNET) for the conduct of operations. Additional investment may be required in the event that existing equipment cannot support a releasable environment for an assigned mission. FMN 90 Day Study 7.0 TECHNOLOGIES SYNDICATE FINDINGS AND RECOMMENDATIONS (Page 36) “….The study report recommends the pursuit of a hybrid Tier 1/Tier 2 architecture, adoption of specific configurations for the six core capabilities within the Tier 2 networks, adoption of a “third stack”19 of FMN-ready servers and end user equipment at appropriate echelons…..” Footnote 19: Same text as above. Determine system requirements for a third stack capability based on mission thread requirements at appropriate echelons (including CCDRs, Service-provided CTF HQs, Component Commanders and joint forces), and integrate their requirements within the JMEI, ISAs and CISMOAs. Those units expected to fill the role of CTF commander will also include the necessary capabilities to establish an FMN core. Environment infrastructure by and large already in place. Any unit with CENTRIXS-”X” capability. What is missing from most “third stacks” are warfighting tools Deploy FMN third stacks to applicable units. [The need to deploy FMN third stacks will be reviewed once the required number of FMN third stacks is determined.] One “third stack” already in place for many units/organizations within DoD. Supports in place MTs for that unit per ROC/POE. No more, may be less.

Network Design-Domain View
Any event will have as many “stacks” as participants wish to utilize in support of various relationships both internal and external to a specific event or mission. “Third stack” is colloquial for “Mission Network” in which operations are to be conducted. There will be an physical or virtual “stack” of equipment for each network relationship/point of presence at a given location. BQ/NIE 14 had four networks identified on this slide. Network Design-Domain View UNCLASSIFIED BOLD QUEST / NIE 14.2 Notes: There is no cross-domain solution between SIPR and BQ Coalition. Interface at HQs will be swivel chair and LNO. Ground PLI will flow one way from NIE to BQ (both ways in JTE) Air picture tracks may flow one way from BQ to NIE (20% probability) No passage of traces / op overlays, coordination measures etc. between domains Air picture integration is a significant risk EXCON C-S ECC MCC SIPR Demo NIPR ‘Demo UNCLASS 4 2 1 NIE BQ 3 NIPR JTFHQ / CJFLCC CJFACC 1AD USMC UK SIPR Slides shows extension of networks for information sharing. NIPR ‘Coalition UNCLASS’ ‘ Coalition SECRET’ C-S Air Picture Ground PLI UNCLASSIFIED

Generic “Third Stack” at any US location
UNCLASSIFIED SIPRNet Secret Rel USA Only Third Stack CENTRIXS-”X” Infrastructure NIPRNet UNCLASSIFIED [Access] Rel USA Only Other networks, etc. Different Crypto but may be same switch to connect to transport. MPE Enduring and MPE Episodic Crypto Crypto Crypto Wide variety of applications, services, portals, etc., to include six collaboration services and most “Warfighting tools” Wide variety of applications, services, portals, etc., to include six collaboration services BUT very few “Warfighting tools” Today only six collaboration services with a few exceptions Software location for Operating Systems, services Data Storage location. Separate from Operating system! May be replaced with releasable database(s) per mission needs Work Stations: Virtual (VDI), Laptop, Desk Top. May be repurposed to any environment at low cost and effort. Repurpose workstations distribution per mission needs Crypto could be in one “box” or multiple boxes Possible transport solution for long or short haul communication links as well as within an organization facility, base or platform Crypto To a user, six different “networks”, to a “6” provider “one network” Internet UNCLASSIFIED

Cross Domain Baseline V 3.8.0 - 1 April 2011
UNCLASSIFIED MEC User Terminal View – AVE 1.3 AVE 1.3 is based on NetTop 2.2 Agile Virtual Enclave (AVE) Includes a Second Wire for Unclassified Enclaves Implemented at USPACOM HQ CENTRIXS J Classified Networks K SIPR VSE CLASSIFIED K NIPR INTER- NET J UNCLASSIFIED V S E NIPR Unclassified Networks SI PR Inter- Net Cross Domain Baseline V April 2011 50 UNCLASSIFIED 50 50

Eligibility: Who is eligible? A mission partner wishing to contribute a network to a coalition federation of networks MUST be a formal member of a specific coalition event* Obvious, but……. Coalition event membership is a political decision with the only requirement being a statement of support for the coalition X event task/objective in a world forum. Coalition event membership carries no automatic requirement to contribute either personnel or equipment. Coalition member ≠ Network Contributor *Event = Exercise, experiment, test, training event, operational mission

Why form ISAF AMN? Persistent certainties acted upon by COMISAF in January 2010 when designing ISAF Afghan Mission Network (AMN): A coalition Commander only has limited influence over sovereign coalition forces and respective DOTMLPF-Policy after a coalition is formed A coalition Commander has ZERO influence over how those multi-national forces were trained and equipped prior to mission/exercise execution Share to Win” is more important than “Need to Know” among coalition partners which requires movement of coalition force mission activities from independent network environments to an environment in which all mission partners operate together as trusted peers Key objectives of ISAF AMN Removal of policy barriers enabling sharing of information and direct collaboration between NATO provided HQs and national forces supporting ISAF mission Mandate only those elements necessary to foster trust and enable “Rel ISAF” human to human communications between and across all echelons Any existing machine to machine or procedural interoperabilities would be leveraged A short list of key functional areas necessary to achieve ISAF mission would form basis of “ISAF Mission Threads”, identified gaps expected to influence subsequent national train and equip efforts COMISAF concern: Information exchanged via automated multi-security level guards or manual processes was neither timely nor achieved with content and context intact --if transferred at all UNCLASSIFIED

JIE –DI2E – Enduring & Episodic MPE
Persistent  CCDR level  US Centric  Bi-lateral /Multi-lateral  Specified Mission Partners e.g. Existing bi-lateral and multi-lateral network relationships: MN BICES, PEGASUS, CPN, other named network relationships, etc. Mission Partner B Mission Partner C Mission Partner A Enduring MPE Enduring MPE Mission Partner D Enduring MPE e.g. Federated US BICES-X West East South US BICES-X is an Enduring MPE Enduring MPE DI2E CCMD CCMD Mission Partner F Mission Partner E CCMD Rel to Mission or Exercise MPG JIE Connect Access Share Episodic MPE MP A CJTF CFACC CFLCC CFMCC CFSOCC US BICES-X is an Enduring MPE. Federation within USA of US HQs is of interest to partners as it facilitates consistent connection by partners from more than one geographic location. US BICES-X is solely a US owned and operated environment, partners are not part of internal US decision-making. It is NOT related to MN BICES. Briefing point. MN BICES is another example of an MPE Enduring solution. MN BICES is an environment that supports intelligence information exchange and collaboration between 28 NATO nations, NATO plus seven non-NATO Nations. MN BICES is governed by a MN BICES Board of Governors. MN BICES is but one of many possible connections to US BICES-X. This slide shows the relationship between JIE, Enduring MPE and an Episodic MPE federation of networks JIE is represented by the purple cloud. JIE enables the US joint force to connect access and share within a single security architecture. MPE Enduring and MPE Episodic instances are complimentary, not in competition. Each instance of either type of MPE represents trusted relationships with different sets of mission partners. The Enduring MPE supports the CCDR’s requirement to have a persistent info sharing environment for planning with mission partners. This enduring capability is US provided and will rely heavily on the infrastructure and security provided by JIE. Until the JIE matures, the, the US-BICES-X capability within the Defense Intelligence Information Enterprise is proposed as an interim enduring capability. It is depicted by highlighted in the blue triangle. This triangle represents an envisioned MPE Tier 1 federation of CCMDs, enabled by TNE technology, who can share information with mission partners not only in bi-lat relationships, but also in multi-lat relationships across CCMD boundaries. The gray cloud represents an episodic MPE. “Hub and spoke” depictions are of relationships not network architectures. Within a coalition event federation of networks the network relationships are many to many. This environment is episodic, temporary in nature and formed to support a specific mission, at a specific mission classification and releasability. The US flag reflects a US extension from JIE into this federated environment. Note, that each nation contributes their own resources to form this federation. They may also elect to connect their own classified and unclass nets to this federated environment as depicted by the red/green lines. From the US perspective, components will be required to repurpose equipment to form “third stack” to support the US contribution to the federated network. Joining, Membership, and Exit Instructions (JMEI) describe the basic standards required for nations to join this environment. Leveraging US DOTMLPF that has been approved for use on current mission networks (such as CENTRIXS-ISAF) the US is ready today to form a MPE Episodic instance to support any mission. MP Q MP X MP B MP Y MP C LEGEND National Classified Network (e.g. SIPRnet) National Unclassified Network (e.g. NIPRnet) National Contribution (3rd Stack); National DOTMLPF-P, IA, Security Enduring MPE Connection Episodic MPE Federated Network; Commander accepts risk, sets rules MP P MP Z MP D Temporal  CJTF level  Commander centric  Unknown Coalition of the Willing Cross Security Level Exchange “Guard”

UNCLASSIFIED Mission Partner Environment (MPE) and NATO Federated Mission Networking (FMN) Overview BOLD ALLIGATOR CAOPT 25 June 2015 Joint Staff.

Similar presentations

Presentation on theme: "UNCLASSIFIED Mission Partner Environment (MPE) and NATO Federated Mission Networking (FMN) Overview BOLD ALLIGATOR CAOPT 25 June 2015 Joint Staff."— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

UNCLASSIFIED Mission Partner Environment (MPE) and NATO Federated Mission Networking (FMN) Overview BOLD ALLIGATOR CAOPT 25 June 2015 Joint Staff.

Similar presentations

Presentation on theme: "UNCLASSIFIED Mission Partner Environment (MPE) and NATO Federated Mission Networking (FMN) Overview BOLD ALLIGATOR CAOPT 25 June 2015 Joint Staff."— Presentation transcript:

Similar presentations

About project

Feedback