A.3. Network Infrastructure

A.3.1. Background

56. With the NATO Network Enabled Capability Feasibility Study (NNEC FS) a new concept of ensuring service interoperability was introduced that complements and reuses the architectural views. This concept dubbed the Interoperability Performance Parameters (IPP), inspired by the US developed concept of Key Performance Parameters (KPP), forces the system architects and designers to specify a wider context of their capabilities sufficient to allow secure service interoperability in a Federation of Systems (FOS). The interfaces at which interoperability between separate infrastructure capabilities is to be managed are called the Service Inter Operability Points (SIOP).

57. The principle is that an individual capability needs to work seamlessly with and within a FOS. The infrastructure services in a FOS and the international interoperability interfaces are described in the context of the total C4ISR systems architecture, often referred to as the Overarching Architecture (OAA).

58. This section describes the NATO General-Purpose Segment Communication System (NGCS) Reference Architecture (RA). NGCS is part of the NII, representing the NATO owned capability. It provides the communication services and associated management and security services. Also it describes the timeframe for NGCS up to 2014, first implementations are in progress.

59. The major change to classical network infrastructures is the coherence and interoperability of infrastructure capabilities brought by different coalition partners that needs to be achieved. In the NNEC FS the concept of a Maturity Model was introduced to describe, qualify and quantify the different levels of infrastructure capability. Increasing levels of maturity are characterised by enhanced sets of services, performances, and support, including advances in the associated Doctrine, Organisation, Training, Materials, Personnel, Leadership, Facilities (DOTMLPF) spectrum.

60. Interoperability of separate infrastructure capabilities is managed by the earlier mentioned concept of IPP. The IPP allows a more comprehensive description and specification of those parameters that are essential for providing scalable end-to-end services over combined infrastructure capabilities.

A.3.2. NGCS 2007 Target Architecture

61. A reference model of the baseline network infrastructure for NGCS RA is depicted in Figure A.2. This architecture is described in the NGCS RA ed1. At the time of writing the NSIE and the NATO IP Cryptographic Equipment / Secure Access Router (NICE/SAR) had not been fielded, but the implementation projects were in progress. The Bandwidth Manager Function (BMF) had been fielded.

NGCS Digital User-Network Access Reference Configuration
Figure A.2. NGCS Digital User-Network Access Reference Configuration

A.3.3. Communications & Networking

A.3.3.1. Internet Protocol Version 4 (IPv4)

62. Internet Protocol Version 4 (IPv4) is currently the dominant network layer protocol used in the communication between networked devices. IPv4 is a data-oriented protocol to be used on a packet switched inter-network (e.g., Ethernet). It is a best effort protocol in that it doesn't guarantee delivery. It doesn't make any guarantees on the correctness of the data; it may result in duplicated packets and/or packets out-of-order. All of these things are addressed by an upper layer protocol (e.g. UDP).

A.3.4. Construction of a robust IP-network infrastructure

63. Operational relevant service availability should be one of the main design criteria and operational evaluation criteria for the NGCS. Despite the migration of users onto a single network and the introduction of significant additional complexity, e.g. QoS, the service availability has to be improved. Service availability and performance are exponents of infrastructure, organization, human aspects and others. The assessment of operational service readiness and performance is a structural activity required in the NGCS product life-cycle management. It should give input to transformational processes and for the development of Target Architectures (TA) that underpin infrastructure investment projects.

A.3.4.1. NGCS Overview

64. The NATO General Purpose Communications System (NGCS) has a Circuit Switched Component (CSC) and a Packet Transport Component (PTC). The services offered are presented at the NGCS User Network Interface (NUNI). The NGCS user-network access domain incorporates functions for user access of circuit switched functions and packet transport functions. The circuit switched component provides on-demand switched access and also access to semi-permanent circuits. Both can be provided either in secure or non-secure modes. The packet transport component provides for both secure and non-secure IP access services.

65. A secure service offered by the network at the NUNI provides for interconnection within a single security domain. If telecommunication services are required for a second security domain, this is implemented by installation of another cryptographic device - e.g. NATO Secure ISDN Equipment (NSIE) offering bulk encryption or NATO IP Cryptographic Equipment (NICE) (with the associated RED networking functions). In order to provide greater throughput, more than one instance of this might exist for a single security domain.

66. In mid-term, a complete migration to a fully IP based network is planned for the NGCS.

A.3.4.2. Definition and implementation of a QoS architecture

67. In the public standardization bodies, e.g. IETF, ITU, ETSI, ANSI, many initiatives are ongoing regarding the specification of a global QoS architecture in support of network convergence. Likewise many government organizations are doing the same.

68. The operation and control of QoS enabled IP-services requires many new Operation and Support Systems as well as a thorough reassessment of the management organization.

69. The complexity and the novelty of IP QoS warrant a step-by-step introduction. The entities affected by the introduction are:

  • The end-user;

  • The applications;

  • The infrastructure;

  • The OSS/BSS;

  • The policies;

  • The third party providers, e.g. SP, NDN;

70. The introduction should follow the developments in the commercial sector, and each successive introduction step in NATO should be done when the technology is stable and mature. Nevertheless NATO may want to implement additional functionality like additional CoS to implement MLPP, but this always be based on an underlying commercial standard based QoS architecture. Eventually the QoS architecture must take account of the requirements in military tactical radio networks and future QoS enabled MANETs. It is envisaged however that commercial standards for wireless MANETs will be developed among others by the ZigBee Alliance

71. The model of spiral development should be applied. Each step is first tested in the laboratory (applications, infrastructure and OSS/BSS), evaluated against user requirements, operational issues, architectural principles, before it is gradually rolled out in the operational network.

72. Business cases for network convergence are becoming increasingly viable. As more and more services are uniquely available on IP and standardization for IP based service support is becoming mature, it becomes more cost effective to migrate an existing infrastructure based on TDM and IP bearers to a single IP-bearer service system. However, network convergence does not come for free. Following items and activities are required:

  • Specification of a comprehensive set of Classes of Service (CoS) for the ultimate network, which can be initially collapsed to a basic set and further expanded with each implementation step.

  • Definition of application mapping to telecommunications services (the CoS).

  • Specification of CoS handling in the network

  • NATO policy with the objective to have uniform QoS handling in the multinational network.

  • Supporting management and control systems (NGOSS compliant) that need to be integrated in the total SLM complex.

  • Proof of concept testing.

A.3.4.3. The migration of applications onto an IP-bearer

73. All the applications that are often traditionally carried on the CSC, i.e. telephony, switched VTC, leased line (for real-time data, for bandwidth pipe) need to be adapted so that they can also perform on an IP-bearer. Most of the applications require an QoS enabled IP infrastructure. In addition the connection oriented application services require call signalling, DNS, directory (for the gatekeeper) and resource reservation functionality. This infrastructure should be provided as a common core functionality for all application services requiring it. Target architectures for VoIP (SVoIP and VoSIP) and VTCoIP therefore need to be coordinated. For interoperability purposes NATO needs to standardize the signalling at the respective Service Interoperability Points.

A.3.4.4. Transition to IPv6

74. IPv6 is an enabler for establishing coalition wide connectivity in a network enabled NII. The transition strategy of the NATO CIS to IPv6 is described in [TN1088] [3]from which the top-level roadmap is repeated here in Figure A.3.

Roadmap to IPv6
Figure A.3. Roadmap to IPv6


[3] Derived from Technical Note 1088: NATO IPv6 Transition Plan, Preliminary Version, NC3A, June 2006