northrop grumman white paper - nascionascio.org/events/sponsors/vrc/a distributed core network for...

Northrop Grumman White Paper

A Distributed Core Network for the FirstNet Nationwide Network

State Connectivity to the Core Network

April 2014

Provided by: Northrop Grumman Corporation Information Systems Sector Cyber Solutions Division 7575 Colshire Drive McLean, VA 22102 www.northropgrumman.com

Primary Point of Contact (POC) Alternate POC Royce Kincaid Director FirstNet Email: [email protected]

Phone: 202-642-0605

Mark Adams Chief Architect Email: [email protected] Phone: 703-296-0257

http://www.northropgrumman.com/

A Distributed Core Network for the FNN State Connectivity to the Core Network © 2014 Northrop Grumman Systems Corporation.

All rights reserved. Approved for public release: 13-1918. 2

1 Executive Summary

The FirstNet Nationwide Network (FNN) is an emerging critical national asset that will provide interoperable broadband communications capabilities for first responders across the U.S. In this paper, Northrop Grumman presents an architectural approach for the core elements of the FNN that are essential to ensuring the integrity of the network. In designing this architecture, Northrop Grumman has drawn upon its expertise in securing some of the nation’s most critical networks as well as our over 40+ years of experience in providing command and control solutions to the public safety community.

The FirstNet Nationwide Network (FNN) is not just the deployment of another commercial-like LTE wireless network. Due to the operational requirements of the public safety/first responder community, the FNN must be highly reliable, secure from cyber attack, and provide certification of privacy with varying levels of credentials depending on the agency accessing the service. The services provided by FNN must take into account the mission of protecting the public and the first responder, and the likely scenario that services will need to be agile to deal with changes in the environment quickly. This will occur when major events stress the services platform and require an architecture that is both dynamic at a local level while national in scale. The FNN must satisfy secure and robust interoperability requirements among diverse local, state, and federal organizations, without compromise.

In order for the FNN to meet the operational requirements of public safety, the Core Network must be treated as a mission critical information technology network, with a comprehensive security solution that supports the entire US public safety enterprise. This “enterprise IT” mindset demands taking an integrated, comprehensive approach to all the Core Network elements (Evolved Packet Core, Network Service Platform, Transmission/Transport, Data Center and Network Management Center, Operations Maintenance Centers, and Operational Support Systems). This approach provides optimal operations and maintenance service, minimizes security risks and creates a best value opportunity for the FirstNet Network Authority. Engaging a Systems Integrator to design and operate the Core Network enables the establishment of holistic Service Level Agreements, with a single entity accountable for end-to-end Core Network performance. A one Systems Integrator approach is the most effective way to address the magnitude, scope, complexity and interdependencies associated with the Core Network.

The network architecture for the FNN requires a core that is interoperable with multiple LTE manufacturers and includes three important features: Identity Management; Cybersecurity; and an Applications Delivery. Identity Management enables users to have credentials for using the network and defines the applications available to the user. Cybersecurity focuses on preventing Malware, Denial of Service (DoS), and other attacks that could seriously impact the operation of the FNN. Applications Delivery establishes an apps store used by first responders on their smart phones, tablets, etc. Mission operations make it imperative that the FNN provide all three features, integrated into a cohesive system. If any of these features are not provided or not fully integrated, the functionality, operability and security of the FNN will be seriously jeopardized – impacting public safety’s ability to perform its mission.



About Northrop Grumman

Northrop Grumman Corporation Information Systems (Northrop Grumman) is a leading provider of information technology solutions, cybersecurity, systems engineering and systems integration, serving federal civilian and state and local agencies, the Department of Defense (DoD), national intelligence and commercial customers. Northrop Grumman has served the public safety community for nearly 50 years and has performed as the Systems Integrator for many large IT Enterprise networks including NYCWiN on behalf of the City of New York, DHS Enterprise Network Service Solutions, an IT Enterprise network for the Department of the Treasury, and several IT Enterprise networks for the intelligence community. Northrop Grumman is a leader in public safety communications systems and one of the world’s largest suppliers of 9-1-1 First Responder Computer-Aided Dispatch systems and secure broadband wireless networks.

2 Understanding the Mission – Defining the Challenge

Public safety communications today are very lacking when comparing what police officers, firemen, and first responders use versus what the public use with their LTE 4G smart phones. This problem surfaced on the tragedy of 9/11 and correcting the problem was one of the key points made by the 9/11 Commission. With the establishment of the FirstNet Board and the FNN becoming a reality, first responders will finally have the communications technology they need. Narrowband, non-interoperable Land Mobile Radio systems will eventually be a thing of the past and true, state-of-the-art LTE 4G technologies will be the cornerstone of public safety communications. Police, fire and first responders will use apps much like they do in their own personal lives and there will be notable enhancements and efficiencies in how they perform their jobs. Information will be shared on a much broader basis between various first responder groups and the end result will be the saving of lives.

Imagine fire fighters in Alabama being flown to Colorado to fight a raging wild fire; they are credentialed and authenticated into the FNN. When they land in Colorado, they immediately begin performing their fire fighting duties. It seems like a very simple concept in the 4G LTE wireless world, but still does not exist for the public safety community.

The following sections discuss public safety requirements, and outline how the FNN is different from traditional LMR networks and LTE commercial wireless networks.

2.1 Public Safety Requirements

Public safety organizations in the US provide extraordinary service with the dedication of many people in diverse organizations across the country. Today, we face greater challenges from the impacts of events such as natural disasters, industrial accidents, and terrorist acts. These challenges often transcend political boundaries and response requires close collaboration among numerous organizations. Recent events have shown shortfalls in public safety organizations ability to collaborate.

The FNN architecture needs to employ cost-effective technology and systems to support public safety personnel and enable collaboration needed to address tomorrow’s growing threats to public safety.



The Core Network architecture must address public safety operational requirements to include the following:

• Traffic patterns – Commercial networks handle traffic that is more predictable than public safety traffic. Commercial networks are saturated in many major incidents. Public safety cannot tolerate saturation. Accordingly, the FNN must be able to handle large bursty and intermittent volumes of emergency traffic. We accomplish this with scalable technology and a Quality of Service (QoS) architecture that maintains time-critical services even in disastrous and high-density communications environments.

• Reliability – With lives and critical services at risk, public safety networks must operate in extreme situations with reliability that significantly exceeds that of commercial networks. We will accomplish this with a combination of architectural features including distributed, geo-redundant critical Core components and optimized, cost-effective mesh transport network.

• Security – The network must provide necessary confidentiality, integrity, and availability of information to those people and systems, but only to those people and systems with proper authorization. This will require federated identity services for access, authentication, and authorization scalable to the millions of people in government agencies at all levels who will need FirstNet services. It will also require the use of advanced encryption technology for information in motion and at rest. Additionally, we will need malware detection, physical security for network assets, security information sharing with government and commercial organizations, and regular training for participants.

• Services – The FNN must provide capabilities to handle all data types (e.g., voice, video, images, graphics) with a variety of services (e.g., point-to-point, relay, multicast, broadcast, video conferencing) The FNN users must be able to communicate not only with other public safety organizations, but also with the Internet and with a variety of controlled information services. These users will be in a variety of situations, including land fixed and mobile land-based systems, marine, and airborne vehicles in many environmental and operational circumstances. These services will be enabled with a combination of network technologies and systems.

• Standards – The architecture must provide secure and robust interoperability among diverse local, state, and federal organizations with roles in public safety. Making the FNN standards-based enables a multi-vendor environment that helps to stimulate competition in the public safety market, delivering highly cost-effective products and services. This will be a very different situation from the fragmented market today. Open-standards will also help reduce costs for operating and maintaining the FNN.



2.2 System Integrator Role for the Core Network – Why It Is Necessary

In order for the FNN to meet the operational requirements of public safety, the Core Network must be treated as a mission critical information technology network that supports the entire US public safety enterprise. This “enterprise IT” mindset requires an integrated, comprehensive approach to all the elements of the Core Network.

• Employ a cost-effective approach, with best-in-breed solutions. A one SI approach is an effective way to address the magnitude, scope, complexity and interdependencies associated with the Core Network. As a leading reseller of essential technology elements, a SI is able to leverage economies of scale to deliver a cost-effective solution.

• Ensure Integrity of the Core Network. Engaging a Systems Integrator to design and operate the Core Network enables the establishment of holistic Service Level Agreements, with a single entity accountable for end-to-end core network performance.

• Provide overarching Governance with Local Control. Establishing standardized interface points between agency networks and the FNN services and infrastructure, while preserving the local content and local control, minimizes program risk. FirstNet cannot afford to negotiate with every agency or locality separate interface agreements; the system would become very difficult to manage.

2.2.1 System Integrator Principles in Delivering the Core Network

The principles that are the basis of systems integration yeild the following benefits to FirstNet users:

• Functionality – The Core Network will use Commercial-Off-The-Shelf products that result in an interoperable functionality. Applying standard practices and procedures across the FNN enterprise enables consistent operational support and a consistent nationwide user experience.

• Performance – A Core Network supported by a systems integrator will provide optimal performance for FNN Customers. Service Level Agreements will be established that will be the foundation of operational support and network performance.

• Low Risk – A single entity accountable for the Core Network’s performance eliminates the risk for FirstNet managing multiple Service Level Agreements and resolving performance issues across multiple providers.

• Resiliency/Redundancy – A comprehensively designed Core Network architecture will deliver highly resilient and highly redundant performance for the network.

• Competitive Cost – An architecture based on components with standard interfaces will enable multi-vendor sourcing with competitive pricing and best-of-breed performance.



3 Technical Approach – Architectural Overview

The first responders’ mission, including safety, rescue, and recovery for the public that they serve, relies on anytime, anywhere, immediate access to information. In the future, first responders will face a continuing increase in number and severity of threats from both manmade and natural disasters. While serving public safety, the tools that connect to the FNN must include higher security and reliability than offered by commercial, consumer-grade technology devices, yet retain the desirable attributes of low cost and ease-of-use available from the commercial smart phone market.

A key to the adoption of the FNN will be whether the network is trusted and secured to the level that Public Safety, civil government and other secondary responders require, while providing sufficient local control of their own content to provide Mission value. In order to accomplish the type of security and flexibility needed, Northrop Grumman developed a conceptual architecture, depicted in Figure 1, which focuses on a tightly integrated set of functions that provide agencies the ability to securely deliver application services to their devices and trust that privacy and data integrity are assured. These functions include:

1) An Identity Management framework that uses local agency credentials through standard interfaces.

2) Cybersecurity protections monitored and deployed across the entire enterprise.

3) An Application Delivery and Services Platform that allows agencies flexible policy management for publishing their services to their users.

Figure 1 – FNN Enterprise Network Core Including Identity Management, Cybersecurity and Application Services



The FirstNet Core Network provides the overarching governance of the network to ensure network integrity. Figure 2 depicts the FNN with a nationwide component (Enterprise Network Core – ENC), a regional component (regional hub), and a local component (local hub). The two redundant nationwide cores connect to six redundant regional hubs (locations depicted are notional). The regional hubs connect to a primary local hub within each state. The connectivity from each local hub to a regional hub will typically be implemented with fiber optic, redundant, resilient, physically diverse routes to achieve a high degree of availability and sustainability.

The local hub (embedded in the States, major cities, and regions) provides the key interfaces to Agencies (Public Safety Entities). Devices on the network that provide differentiated services such as QoS, priority services, and secure compliant access to FNN enterprise and agency applications will require an appropriate Identity Management framework, proper device policy management supplemented by Cybersecurity and privacy protections, and validated access to applications based on the users’ identity. The implementation of these functions on the device does not eliminate the use of commercial devices.

Two fully staffed redundant data centers (Tier III) with fully redundant transport would provide a very resilient and cost-effective solution for the FirstNet Network Operations and Security Operations. In addition, these two locations would house a regional hub supporting both network services as well as containing various LTE Evolved-Packet-Core (EPC) components. There would also be four additional “Regional Hubs” interconnected with redundant transport from multiple carriers and PoP locations.

Figure 2 – Nationwide Core Network Supporting Local Hubs with Local Content/Control Features



The Data Centers will contain flexible, redundant, and distributed server, router, and switch resources needed to support the LTE EPC components, the application layer and network service support systems, as well as the network management and security operations hardware and software.

Through proper distribution of the LTE EPC components, the system will provide the type of local access and local control requested by the State & Local and agency user groups without compromising the “one network” principle necessary for a fully functional nationwide network. This distribution will be done statewide and major city gateway hubs as shown in Figure 2. It is anticipated that there could be between 50 and 70 of these gateways nationwide. These hubs provide the common standardized interface points critical to the effective mission operations of the FNN. These hubs will provide the interface points for localities and agencies to:

1) Provide “credentials” for their users to the FNN, allowing FirstNet to provide access, QoS, and other network services dependant on a user’s role, location, and access allowances.

2) Publish and Subscribe to applications either residing in their own agency networks, in the regional network, or delivered as a service by FirstNet at a nationwide level.

3) Provide a demarcation point for the FirstNet ENC security sensor, security gateways, and operate as the boundary between the local entities (PSEs) and the FNN.

4) Provide the flexibility to allow local PGW/SGW and MME components to reside closer to the localities to reduce latencies and increase security by maintaining a controlling data distribution and control information flow within the network.

These gateway hubs will reside in existing state and local data centers, using redundant transport strategies, backed up by neighboring localities, which provide a resilient cost-effective solution. This approach for interfacing the FNN with the PSEs allows clear and concise standardized interface points between the agency networks and the FNN services and infrastructure, while preserving the local content and local control aspects of the system. The legislation requires the FNN to be “one network” and not a “network of networks”. By defining the FNN as being inside the boundary of these gateway hubs and including all the ENC components and services, the FirstNet team will establish clear standards and interfaces to the user base. Included in these interfaces will be very important security standards and agreements between the users and the network operator. FirstNet cannot afford to negotiate with every agency or locality separate interface agreements; the system would become very difficult to manage.

The protect, publish, and provide components of the network architectural approach is depicted in Figure 3. This approach provides the maximum benefit to the State & Local and Federal users of the network through assuring security and operability while allowing the agency user base to publish and access applications in a trusted and secure fashion.



4 Summary

The FNN is not just the deployment of another commercial-like LTE wireless network. Due to the operational requirements of the public safety/first responder community, the FNN must be highly reliable, secure from cyber attack, and provide certification of privacy with varying levels of credentials depending on the agency accessing the service. The services provided by FNN must take into account the mission of protecting the public and the first responder, and the likely scenario that services will need to be agile to deal with changes in the environment quickly. This will occur when major events stress the services platform and require an architecture that is both dynamic at a local level while national in scale. The FNN must satisfy secure and robust interoperability requirements among diverse local, state, and federal organizations, without compromise.

In order for the FNN to meet the operational requirements of public safety, the Core Network must be treated as a mission critical information technology network, with a comprehensive security solution that supports the entire US public safety enterprise. This “enterprise IT” mindset demands taking an integrated approach to all the Core Network elements (Evolved Packet Core, Network Service Platform, Transmission/Transport, Data Center and Network Management Center, Operations Maintenance Centers, and Operational Support Systems). This approach provides optimal operations and maintenance service, minimizes security risks and creates a best value opportunity for the FirstNet Network Authority. Engaging a Systems Integrator to design and operate the Core Network enables the establishment of holistic Service Level Agreements, with a single entity accountable for end-to-end Core Network performance. A one Systems Integrator approach is the most effective way to address the magnitude, scope, complexity and interdependencies associated with the Core Network.

Figure 3 – Local Content and Local Control

A Distributed Core Network for the FNN State Connectivity to the Core Network © 2014 Northrop Grumman Systems Corporation. All rights reserved. Approved for public release: 13-1918.

10

The network architecture for the FNN requires a core that is interoperable with multiple LTE manufacturers and includes three important features: Identity Management; Cybersecurity; and an Applications Delivery. Identity Management enables users to have credentials for using the network and defines the applications available to the user. Cybersecurity focuses on preventing Malware, Denial of Service (DoS), and other attacks that could seriously impact the operation of the FNN. Applications Delivery establishes an apps store used by first responders on their smart phones, tablets, etc. Mission operations make it imperative that the FNN provide all three features, integrated into a cohesive system. If any of these features are not provided or not fully integrated, the functionality, operability and security of the FNN will be seriously jeopardized – impacting public safety’s ability to perform its mission.

Leveraging our experience integrating highly reliable networks for government and localities, we have identified the key elements of technology innovation that will assure both technical and business success for the FNN. The key to this success will be the adoption of the network for immediate use by Fire, Police, EMS, and government agencies. Northrop Grumman looks forward to the opportunity to build this type of partnership with FirstNet and the agencies that will depend on the network for years to come.

northrop grumman white paper - nascionascio.org/events/sponsors/vrc/a distributed core network for...

Documents