Everything Over Internet Protocol
THE USE OF EOIP TECHNOLOGY TO INCREASE THE WARFIGHTER’S CAPABILITIES.
As commanders and staff require more responsive and efficient communications, the command, control, communications, computing and intelligence (C4I) requirements increase as units arrive in an operational theater.
Today’s military and commercial satellite assets cannot meet this demand for services. The solution is to either increase satellite resources or use existing bandwidth more effectively.
Current special operation forces mission profiles require that progressively greater quantities of information be distributed to increasingly smaller elements in order to better synchronize targeting during combat operations, coordinate support and decrease targeting approval time. Unfortunately, current circuit-based networks and equipment sets terminating at DISA teleports cannot provide the provisioned services that the SOF information provides.
To overcome this capability shortfall, Everything over Internet Protocol (EoIP) technology has been adapted from the commercial sector and integrated into military networks. The use of EoIP-based networks instead of circuit-based networks greatly improves the quality and efficiency of services provided to the warfighter while decreasing the equipment size, training requirement, cost and manning requirements.
In the last few years the C4I requirements for battalion and company sized SOF elements have doubled, if not tripled. High capacity secure voice and data are now required down to the operational detachment alpha (ODA) level in order to increase the speed of targeting and synchronization of operations across the battlefield.
Moreover, targeting video or unmanned aerial vehicle feeds are bandwidth intensive, but are only required at variable times and lengths since their use, however frequent, is based on current operations. Combined with a severe increase in voice calls during missions, many units find that they are operating above 90 percent utilization of a particular circuit and the quality of their voice, video and data is degraded.
Combined and joint staffs requirements for targeting, intelligence, logistics and transportation have significantly increased in order to support combat operations and synchronization across multiple battle spaces. Increased bandwidth or bandwidth efficiency allows for faster information sharing among special operations and conventional forces translating into information superiority.
However, this superiority becomes less decisive when the demands of SOF elements overwhelm the capability of circuit-based networks and UAV feeds are dropped, video teleconferencing (VTC) fails, secure telephone calls are choppy or delayed, and data transfers are unreasonably slow. A circuit- based network is inflexible because services are based on a fixed data rate, whereas EoIP-based networks pool available bandwidth for prioritized use and incredible flexibility.
The current DISA architecture is based on individual, dedicated circuits providing a myriad of services such as Nonsecure Internet Protocol Router Network (NIPRNET), Secret Internet Protocol Router Network (SIPRNET), Joint Worldwide Intelligence Communications System (JWICS), DSN nonsecure phones, SCAMPI secure phones and VTC. Each service is allocated specific bandwidth (i.e. 256 kbps) even when not in use. This circuit-based network is shown in figure 1 as Network A.
One of the first IP-based technological advancements in Army tactical networks was the use of Voice over Internet Protocol (VoIP), which uses software to provide voice switching as opposed to relying on large circuit-based switchboards. VoIP traffic rides the same NIPR/SIPR/JWICS data network or enclave, eliminating the need for separate DSN or SCAMPI voice circuits. When no calls are being made, the bandwidth may be used by other applications on the same data network.
Much like VoIP calls, video teleconferences and streaming UAV targeting video are now also being transported as an IP stream of data on the same enclave, significantly improving the efficiency of allocated bandwidth. With proper quality of service (QoS) established, voice and video traffic take priority over TCP/IP (Web/portal page, email, file transfer protocol) requests ensuring the highest possible clarity of transmission. The implementation of voice and video in IP converged networks is shown below in Network B.
Internet protocol converged networks have already proven their potential in the commercial sector, however, unlike military networks, the commercial sector does not (i.e. 768 kbps SIPRNET, 256 kbps JWICS, 256 kbps NIPRNET) with different levels of encryption. Similar to the inefficiency of separate voice and video circuits, if users are not using the NIPRNET to its full bandwidth allocation, then the unused bandwidth gets wasted.
To address this inefficiency, the U.S. Army Special Operations Command developed the Scalable Internet Protocol Package (SIP2) architecture, which is completely EoIP-based and encrypts each classification of services with a Type I high assurance Internet protocol encryptor (HAIPE) compliant device. The plain text or encrypted IP traffic from each enclave then flows through a colorless core (private network) router, out through the transmission system to its decryption point and on to the Defense Information Systems Network (DISN) for routing. This architecture enables the supported unit to automatically reallocate unused bandwidth from other enclaves based on priority. Shown in figure 1 as Network C above, the efficiency of available resources under the EoIPbased architecture is unprecedented.
Using properly established QoS, SIPRNET traffic can take priority over NIPRNET traffic and use up to the aggregate data rate (in our example 2048 kbps) which provides commanders critical flexibility as conditions change on the ground. Surges or flexibility in bandwidth allocation are especially crucial during combat operations when the voice, video (targeting) and data requirements spike for an unpredictable period of time.
An additional benefit of the SIP2 architecture is that disruptions of service or a security compromise in one enclave do not affect the other enclaves. Some units in the SOF community implement a hybrid approach by tunneling services of one classification through a different enclave, which provides a more efficient network than traditional circuit-based architectures, but can be less reliable since the loss of the main enclave will cause a loss of the tunneled service as well (all or nothing).
IP-based networks are interoperable with existing circuit-based networks and are, by the nature of their design, exceptionally modular. Connectivity for an additional network such as a coalition network like Combined Enterprise Regional Information Exchange System (CENTRIXS) is simply a matter of adding another set of equipment (24-inch high transit case) and associated Ethernet cabling.
The engineering, certification and implementation of EoIP-based networks have significantly increased the capability of the systems, ensured interoperability with legacy systems and also decreased the size, personnel, training and cost of the communications packages.
Communications nodes have seen a significant size and power requirement reduction by replacing large circuit switches with software and large multiplexers with HAIPE-compliant encryption devices using generic routing encapsulation tunnels. Substantially smaller power requirements allow for smaller uninterrupted power supplies and smaller generators. In addition, packages are more agile on the battlefield and commanders can more easily shift assets based on current operations. With that in mind, mobile communications are another distinct requirement of military packages contrary to civilian counterparts. Commercial companies can operate and maintain large-scale fixed-site communications in operating room conditions, whereas battlefield communications necessitate down-sized, portable, ruggedized equipment sets to meet the warfighter’s requirements. Not only are they are smaller, lighter and more capable, but EoIP-based systems also lessen the training and maintenance requirements.
Circuit-based switchboards and multiplexers are complex devices with dozens of circuit cards for varying services and their inevitable proprietary quirks. EoIP-based equipment sets are much less complex. However, soldiers must have a much greater understanding of routing, GRE tunneling, IP security), QoS, servers, telephony, and a multitude of different protocols. In addition to less intricate equipment, the baseline cost and maintenance has substantially decreased. HAIPE-compliant encryption devices and VoIP software cost a fraction of their circuit-based counterparts.
Additionally, maintenance and replacement parts or software upgrades for routers and switches are all commercial off-the-shelf equipment as opposed to propriety items that could take weeks to acquire from a sole source vendor. SOF communications teams are deployed on missions that dictate a small footprint in a low profile environment and require high-capacity bandwidth and data. A smaller equipment footprint requires fewer personnel to install, operate and maintain, which is largely MOS independent. IP-based communications packages allow for force structure redesigns and reallocation of personnel to create more communications teams or have existing teams take on additional requirements and skill sets.
Although this article focuses on EoIP technology and its benefits, it is important to note that SOF units are employing acceleration devices as another way to maximize efficiency of limited satellite resources. The newest types of accelerators optimize traffic using, most notably, two methods: application-specific compression and eliminating redundant data.
Application-specific compression analyzes the type of data (i.e. Microsoft PowerPoint, Acrobat, Web/portal pages, etc) and streamlines it based on explicit algorithms resulting in less data needing to traverse the satellite path.
Conversely, traditional accelerators send the entire data packet faster (TCP/IP spoofing) and/or use generalized algorithms to compress files, which while effective, can be accomplished more efficiently.
Another method new accelerators employ is to eliminate redundant data sent by storing downloaded files on the local network and sending changes made to these files when requested again. With this approach, once one user downloads a file it is saved locally. Whenever anyone else on the network requests that file, it is quickly analyzed with the distant end file and if unchanged, it is immediately accessible. If changed, only the minimal changes are sent and the file is once again saved locally.
Users employing this acceleration method experience a near LAN-like response when downloading files and notice web/portal pages opening in mere seconds compared to minutes. When combined, the results of these two methods are astonishing since significantly less data is sent across the satellites the effective throughput can be boosted up to 1,600 percent. Unfortunately, these acceleration techniques only optimize TCP/IP traffic; however, they drastically free up bandwidth for critical applications like voice and video.
In conclusion, satellite resources are limited and the requirements for more bandwidth and additional services continues to grow. The tactical implementation of COTS equipment and commercial solutions using an EoIP-based architecture enables an increased capability in services and an unprecedented efficiency of bandwidth provided to the warfighter while simultaneously downsizing equipment sets, personnel manning, maintenance and cost. Implementing EoIP technology is an example of communicators capitalizing on commercial solutions and integrating them into Army-common equipment to ensure commanders on the ground have a flexible and responsive communications network. The role of communicators is to provide reliable, robust and responsive communications to meet the warfighter’s needs; the use of EoIP technology in IPbased systems maximizes resources and meets these needs to enable SOF elements to kill or capture enemy combatants. ♦