Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
Sequestration slows network modernization that Navy can't wait for
Monday - 6/3/2013, 6:59am EDT
Navy leaders say the Common Afloat Networks and Enterprise Services program (CANES) amounts to a service life extension program for most of the Navy fleet, only for the digital age. The service plans to install the system, which amounts to a wholesale replacement of a ship's network, aboard 192 ships by the end of the decade.
But sequestration is making for a rocky start to the program, which is still in a limited fielding phase, said Rear Adm. Bill Leigher, the Navy's director of warfighting integration for information dominance.
Rear Adm. William Leigher, director, Warfare Integration for Information Dominance
Without a clear picture of what next year's budget will look like, it's unclear whether the Navy will be able to play catch-up in 2014 and beyond. Until it does, it will continue to live with a patchwork of legacy shipboard IT that it's dying to throw overboard. Leigher said in today's Navy, the IT architectures on each ship are more a product of happenstance than of well thought-out design.
"It's legacy hardware, legacy software, and none of it fits together very well," he said. "About half of the hardware pieces are either 'unknown' or 'other.' None of us would operate that way. You had so much diversity in that, and not in a good way, that it added to chaos in the IT environment in a way that made it nearly impossible to do anything in a seamless way. On the software side, it's much the same. You have different versions of software across the fleet that make it really impossible to keep the software up to date and secure from an end to end point of view."
Too many baselines to manage
Within each ship, there are multiple different networks too, few of which were designed from the beginning to interoperate.
"If you took the four enclaves you'd have on a typical ship with all of the chaos, you really can get up to 630 different baselines on an aircraft carrier," Leigher said. "That's impossible to manage."
He said the Navy has learned that lesson every time it's tried to apply a critical software patch to guard against a newly-discovered security vulnerability.
"What we don't have is the ability to easily do remote maintenance or minor changes. The patching processes approach 120 days, and we've been working to get that down to 40 days," he said. "But we think we can get that down to a few days when we get the force up to speed with CANES."
Leigher said the Navy believes CANES will significantly reduce its total cost of ownership for floating networks, letting IT administrators handle critical changes remotely and letting it standardize its practices for maintaining systems and training the people who use them across the entire fleet.
He said once the system is widely deployed, it'll also reduce the cost of new systems that come on board ships. The idea is to let them plug into the common services CANES will provide via its services-oriented architecture rather than each software platform having to be able to operate independently.
"We're only really starting to think about how we'll use cloud services afloat, but we have to look at CANES in a way that provides data across a number of applications," he said. "Today, I have one program office that's providing CANES, another providing messaging services, another providing signals intelligence and reconnaissance, and all of them are going to bring their own versions of, let's say, Google Earth. With CANES we can provide that as a core service as well as a data warehouse for all of the services we might need."
Leigher said the plug-and-play architecture also will let Navy ships much more easily connect to non-Navy networks during contingency operations.
"If all of the sudden I'm going to sail into a coalition operation in the Persian Gulf, I've got a plug-in that's ready-made for a CENTRIX network. I'm not bolting on new equipment and I'm not standing up another network that I've got go through all the certification and accreditation procedures on, and I don't have to make separate interfaces for all the command and control systems I want to connect that to," he said.
Learning as they go
Even if budget pressures weren't an issue, the Navy says it would still be struggling right now to figure out how to install CANES quickly. It's an elaborate process that involves keeping a ship tied to a pier for months at a time. Those extended periods of downtime conflict with the current Navy leadership's preference for keeping ships forward deployed as much as possible.
The Navy scheduled its first CANES installation aboard the USS Milius during a period when it already was scheduled for an extensive maintenance overhaul. The CANES project on that ship began six months ago, and is only two-thirds of the way done. The Navy just began outfitting its second ship this month, and it'll race to get the system installed in 4 1/2 months.
Leigher said ultimately, the conversions need to be performed within 90 days.
"We're learning things with Milius, and we'll put them into action," he said. "When I visited that ship, the executive officer said, 'Here's what you're going to do to me. Just when I'm lighting all of my systems back off, getting my maintenance up, getting my food service software up and running, you're going to tell me I have to take a time out so you can shut my network off for 15 days so you can do data migration into the new network.' Those are the things that we're uncovering. Milius has the opportunity, the challenge, the luck to be the number one ship in the Navy to get this install. We're going to take those lessons and turn them around, and I have very little doubt that we're going to be able to hit that 90 day mark by next spring. We're committed to that no matter what it takes."