This is the second part of series of writings under this title!
ARCHITECTURE FOR NETWORK STRUCTURE
Vision in changing the connectivity of FINDEF
The concept for military connectivity to guide the transformation of networks is presented in Figure 11. The aim was to build a nationwide mission network that enables troops, platforms and command posts to move within reach of the network and sustain connectivity by roaming between several alternative access points and networks. National level joint forces would be able to operate while supported by the mission network and when assembled together level they would be able to roam seamlessly to use tactical C4I-services. This includes both military and other governmental stake holders important for defence of Finland. Connectivity would be at level of availability to provide reliable connection to centralised data and IT services residing within core network.
Figure 11: A vision for military connectivity in FINDEF
Connectivity would allow both centralized “cloud computing” and “peer computing” at edges of the network. It would also allow connecting visitors from other organizations to join in using shared services.
Reality of 2004 situation in military networking
The military network of 2004 was built for totally different purposes than 2008 vision dictated. The architecture was following traditional approach of connecting sites together. Wide area network (WAN) was connecting sites together by using basic trunk connections provided with PDH and SDH technologies, ISDN family of circuit switching and data packet switching with IP routing WAN. Local networks were providing connectivity within each site. As-is architecture for military networks 2004 is illustrated in Figure 12.
Figure 12: The AS-IS architecture of 2004 transportation networks of FINDEF
Network structure itself was not providing any other value but connection between sites. All intelligence and added value was within branch and terminal devices that used connections to provide ICT services to users. Communications services included transfer of documents, messages and voice. Plain trunk connection services was also provided to Services and Branches capable in hosting their own information structure. The communications services provided in FINDEF 2004 are illustrated in Figure 13.
Figure 13: The communications services provided to average military user in Defence
Forces Finland in 2004
None of the services were available outside of garrisons unless they were provided with local systems. Logical infrastructure for communications services was not transferable. This led to practise of extending the garrison based ICT-services to operations and exercises. There were situations where garrison based LAN was extended at Ethernet level over hundreds of kilometres to support troops in exercises. All changes needed time to plan since they were unique. Several technicians were needed to configure their specific nodes and systems before service was extended properly. Network was mainly built to support peace time functions of FINDEF and included many old layers of structure that had just remained like sediment in the structure.
Simple, agile and faster connectivity of 2008
The topology of FINDEF network was changed towards two tier structure: 1. Core networks to lay stable platform to centralised cloud computing and majority of enterprise wide ICT services. 2. Access networks to provide reliable connections between users and needed services. Local based networks were gradually migrated towards these two options. The 2008 architecture plan for the networks of FINDEF is outlined in Figure 14.
Figure 14: The TO-BE architecture of 2008 networks for connectivity in Defence Forces
The physical layer of national fibre network was boosted by wavelength division multiplexing (WDM) that provided both higher performance between data centres but also more alternative routes for access network. The data link layer of core network was simplified by using only two strategic technologies (Synchronous Digital Hierarchy (SDH) and Multiprotocol Label Switching (MPLS) to provide both performance and quality in connection services. Legacy technologies (PDH and low band SDH) were migrated towards different access networks since some end devices were not able to use pure Ethernet and IP-connection. New network access (NA) point provided end-to-end managed channels from customer edge to provider edge at IP packet level. This simplified the configuration management and enabled improving the quality of service (QoS) for connectivity.
New service access (SA) point was provided by using only two access standards: Wireless Local Access with 802.11x protocol and wired Ethernet access on 802.3 basis. This simplified end users means in plugging their terminals to access network and released technicians to manage more complex systems. Voice circuits and services were integrated with IT services (Computer Telephone Integration, CTI) or provided with mobile networks only (GSM and TETRA). This released a number of people to build and operate new ICT-services.
Communications services were consolidated from each site to be hosted in joint and common “cloud computing” structure. The military connectivity doctrine was changed to user – service from the previous site – site. This enabled two major transformations:
- Nationally and regionally provided communications services that were accesses via simpler access networks
- Each end user was able to plug their terminal in network and start using provided communications services as illustrated in Figure 15.
Figure 15: Communications services for 2008 end users and military units
Simplification also released number of technicians and signals troops as local technical complexity was replaced by nationwide service cloud. This contributed also to diminishing manning resources of Defence Forces.
Execution of the network transformation
The project for iC4ISTAR connectivity was launched 2004 and accomplished the migration of WDM and MPLS networks by the end of 2006 . The network migration was done using products and expertise from Cygate, Siemens and ECI. Technical competence was injected with academics and engineers from Helsinki University of Technology. Same time national TETRA network and its services was extended within FINDEF in close cooperation with Erillisverkot Oy, the governmental service provider. GSM mobile voice services were outsourced to TeliaSonera. Simultaneously terminal devices were standardized and provided in principle of choose your own device.
New system for access networks was based on development cooperation between FINDEF and private companies. Later Ascom Oy acquired the main development company and created an international concept for military access networks. Access device was accepted as an armament system at 2006.
On 2006 the cooperation between FINDEF and other teleoperators was improved. Standard service catalogue was updated, agreements on cooperation during crises established and FINDEF started to provide and use telecommunications services more professionally. FINDEF started to provide telecommunication services to Erillisverkot Oy for them to further refine them to other governmental organizations. The concept of governmental cooperation was tested in TIETO 2007 exercise.
Military joint operations were accelerated with network services provided to 2008 Rajapintaharjoitus (Annual Joint C4I technical exercise in Finland), where C4 Centre was providing new access network services to major Services and Branches of Defence together with Police and Fire Department.
This is the end of part B.
The following parts will include architecture views from computing, command post structure, information management and information security points.
No comments:
Post a Comment