Services provided by the NORDIS-S Platform

1. Overview

The Norwegian Defence Information Services Secure (NORDIS-S) will fuction as a host for a vide variety of services and specialised functions, e.g. e-mail, groupware, web, C2 services (NORCCIS II and national procued MCCIS), MMHS, conferencing/collaboration, IP-telephone. This section will give you an in depth overview of the various servises provided by NORDIS-S.

2. Node Firewall

Central to the NORDIS-S node configuration is an EAL-4 certified Firewall, the Symantec Enterprise Firewall Version 7 in a node protection and node partitioning role. The Norwegian JWID node at SHAPE consists of 5 local LANs:

• 6-Eyes User LAN
• 6-Eyes Publishing LAN
• 10-Eyes User LAN
• 10-Eyes Publishing LAN
• 6-Eyes-to-10-Eyes Mediation LAN

The two WAN-side interfaces of the firewall are connected to the SHAPE JWID LAN 6-Eyes and 10-Eyes LAN respectively.

On the 6-Eyes and 10-Eyes user LANs a standard NORDIS-S server-client configuration is installed with two Windows 2000 domain controllers and two Windows 2000 member/application servers and 5 Windows/XP clients each. On the 6-Eyes partition a NEC CCIS Solaris Server is also installed. Three clients on each user LAN are equipped with a video camera and headset for participation in Distributed Collaborative Planning conferences. Two IP phones are included on each user LAN for engineering and demo coordination.

The two Web servers are placed on the two Publishing LANs.

The mediation LAN contains a certified B1+ MLS X.400 e-mail and MMHS Server and Guard, an accredited partitioned MMHS Server and an accredited data transfer server.

The Firewall is configured to only pass approved services between network interfaces and hosts. The 6-Eyes and 10-Eyes sides are in principle symmetric.

 

3. Windows 2000 Server Platform including Terminal Services

The Windows 2000 Server platform is the NORDIS-S with approved security System High settings. The 6-Eyes and 10-Eyes implementations are independent, i.e. in different Windows 2000 Forests. Each Forest consists of an Empty Root Domain and a User Domain. Both implementations contain the Windows/Citrix Terminal Server with “portioned” security settings in the Server and Clients disallowing moving information in/an out of the Client Window, allowing secure 6-Eyes - 10Eyes cross-domain Terminal Access from within the Node. The EAL-4 Firewall controls the connectivity, connection A3/B3 on figure 1 above, which may be allowed either way or blocked.

A member server for Web services is placed on the node publishing LAN for both the 6-Eyes and 10-Eyes implementation. The SHAPE Node is independent of the Windows 2000 Nodes on CFBLNet in Norway in order to not be critically of the implementation of this network in time for JWID 2003.

4. Windows XP Client

The Windows XP Client is the NORDIS-S client with approved Security Settings.

5. E-Mail System

The e-Mail system is Exchange 2000 Enterprise Version. Within 6-Eyes and 10-Eyes SMTP/Mime is the mail standard. The Trend Microsystems Enterprise Virus Protection System will scan all mail to and from the e-mail server.

The Outlook Client is the end-user e-mail tool. The Mark Wilson Software Classify mail security labeling/marking tool will be used to put JWID-wide agreed security labels/markings in every e-mail sent. These labels/markings will be used in all the JWID Mail Guards, i.e. US, UK and Norway and by all mail users who will e-mail between domains.

The Exchange 2000 X.400 connector and gateway capability will be used to route and relay mail traffic to/from the Thales Mail Guard within the node. All 6-Eyes to 10-Eyes cross-domain e-mail to and from the Norwegian Node will also pass through the Thales Mail Guard and a Thales/Norman cross-domain e-mail/messaging virus-checker. This checker will only allow the JWID-03 permitted cross-domain attachments to be passed.

The Exchange 2000 connector Access Control List capability will be used to only allow mail users authorized to e-mail cross domain to do so. All 10-Eyes users it has been decided will be allowed to e-mail to 6-Eyes users made visible to them, while only a subset 6-Eyes users will be allowed to email to the 10-Eyes users made visible to them. For demo purposes both kinds of users will be defined within the Norwegian Node. The Directory described below is augmented to contain information about which mail users that can do that and this information will be used to generate the ACLs. The Thales Mail Guard does not support this kind of ACLs and making use of the capability inherent in Exchange 2000 will contribute towards the JWID-03 cross domain mail routing policy.

The Trend Microsystems Enterprise Virus Protection System will scan all mail to and from the e-mail server. So-called contents based or “dirty-word” checking will be tested on mail delivered via the mail guard based on a “dirty word” list to be produced by the JWID Security Working Group. The Thales Mail Guard does not itself support “dirty word” searching.

6. Directory and Meta Directory System

The Norwegian Node Directory system consists of two services, an X.500 based Directory Server by Injoin and the MaXware Meta Directory System. These are the same products as used operational within Norwegian Defence today, supporting e-mail and messaging applications.

The Injoin X.500 Directory will hold the Norwegian Border DSA with a JWID-03 enhanced ACP-133 schema while the MaXware will be used to synchronize the information in the Border DSA with the applications in the Norwegian Node (i.e. e-mail, MMHS and PKI) and with the UK provided Directory Hubs. The LDAP V.3 protocol will be used to conduct the synchronization.

The Norwegian directory services are implemented on both 6-Eyes and 10-Eyes domains. There is no cross-domain transfer of directory data within the Norwegian Node. The UK provides the Directory Guard synchronizing 6-Eyes and 10-Eyes Directories.

As indicated above the JWID-03 directory will contain “tag” information about which users (i.e. directory user entries) can be visible cross-domain and which users may pass information cross-domain. The Norwegian Directory solution will make use of these features to automatically maintain the mail system Access Control Lists and the SMTP-X.400 gateway mapping entries allowing the X.400 based Thales Mail guard to be used between SMTP Mail systems. The ACLs and mapping entries generated will also be manually reviewed to ensure that they are consistent with the authorizations given.

7. Military Message Handling System

MMHS will only be implemented on the 6-Eyes environment. Norway will provide an enhanced version of the national MMHS for JWID-03, supporting STANAG 4406 Edition 1 (PCT) and ACP-145, allowing participation in the US MMHS CIT. PCT and ACP-145 supports signed messages.

The Norwegian MMHS also contains a transfer/relay level virus checking solution integrated with the X.400 Message Transfer Agent, based on the Norman Defence Virus Tools. E-mail in the X.400 P1/P22 format to and from the Thales MLS Mail guard will be routed through this Virus Checker in order to demonstrate cross-domain/border area virus checking.

8. PKI System

The Baltimore UniCERT V 3.5.3 PKI product will be used to support the MMHS trials in the 6-Eyes domain. Only the algorithms necessary supporting the digital signatures of PCT and ACP-145 will be used. The Baltimore PKI is in use in Pilot Project in Norwegian Defence.

Limited participation with one client in a US trial with the SIGABA e-mail encryption solution is also planned.

9. Distributed Collaborative Planning System

Within both the Norwegian 6-Eyes and 10-Eyes Node User LANs, a small Click-to-Meet Express end-node conferencing server (formerly CUSEEME) supporting four users in installed on a Windows 2000 Server. There is no cross-domain connectivity between the 6-Eyes and the 10-Eyes DCP systems provided by any nation in JWID-03.

The servers will be connected the federated JWID-03 conferencing configuration, the 6-Eyes server to the NATO DCP Server in the Hague and the 10-Eyes Server to a US DCP Server. These servers are so-called MCUs (Multipoint Control Units) or DCP switches.

DCP is a CFBLNet/JWID Core Service since several years and is critical to the coordination and execution of JWIDs. DCP provides multipoint videoconferencing, voice conferencing, chat and shared application space. Norway has previously only been clients on US provided DCP servers at SHAPE (in JWID 2001 and JWID 2002). DCP provides multipoint videoconferencing, voice conferencing, chat and shared application space. The video camera will be equipped with a visible cover for when it is not in active use and the microphone will be equipped with a switch as well.

10. IP Telephone System

IP Telephony is a CBLNet/JWID Core Service used for network engineering and coordination purposes. It is independent from the DCP system & service. The US centrally provides the IP Phone call managers. Two standard CISCO IP Phones on both 6-Eyes and 10-Eyes LANs are provided in the Norwegian node configuration.

11. Mail and Messaging Guard

The B1+ MLS certified Thales XOMail Version 8.6.2 p7 mail guard in installed on the Firewall mediation/DMZ LAN. It has X.400 connectors to servers on the node user LANs mediated through the node EAL-4 Firewall. For e-mail mediation between 6-Eyes and 10-Eyes, the mail guard is configured in filter mode where the mediation is based on the Classify label/marking in the mail body. The e-mail guard product and configuration is the same as the mail guard configuration used by NATO between Cronos NATO Secret Network and the SFOR and KFOR Mission Secret Networks with Non-Nato Troop Contributing Nations since several years (1998).

The two mail guard X.400 connectors (System Units) are linked together back-to-back with the filter function placed in between. Only e-mail with allowed Classify label/markings is allowed to pass through, e-mail with missing or illegal security marking are rejected with a non-delivery report. The mail guard is configured to log and archive all traffic passing through it and to audit the actions. An XGuard monitoring application provides a customized view of the traffic flow and enables security staff to see a summary of the traffic as well as fully inspect any message that has been mediated, including attachments.

The Thales Mail Guard also supports a manual review and release mode. This mode is nor seen as practical for the 6-Eyes to 10-Eyes e-mail mediation.

12. Data Transfer Server

The data transfer server placed on the mediation LAN is a Windows 2000 Server in an independent forest from the 6-Eyes and 10-Eyes Windows 2000 systems. Mediated by the EAL-4 firewall, a user with accounts in both partitions («paired accounts») can transfer files between these accounts via the intermediate file transfer server. In order to avoid NTK-related issues, a user can only transfer files between his/her personal accounts. The file transfer is logged and archived by the file transfer service. This functionality is realized through implementation of dedicated software. The protocol used for mounting the share on the transfer server is CIFS (Common Internet File System tcp445). The transfer server resides in a domain in the separate Active Directory forest. One-way non-transitive trust is set up between the transfer domain and the 6-eyes and 10-eyes domains the node belongs to respectively. The next figure illustrates the trust relationships.

The data transfer server has an interim approval to operate in a bi-level Defence system between National Restricted and the Internet within Norway and is part of NORDIS-S. It is planned submitted for a formal evaluation at CC EAL-4. The data transfer server is not critical to the Norwegian JWID-03 demo but it included in order to demonstrate cross-domain capabilities as per JWID-03 objectives.

13. Socket to MMHS Gateway

Integrated with the MMHS User Server on the node User LAN is a newly developed gateway capability, translating between TCP/IP socket calls (containing formatted messages or tracks in systems like NATO MCCIS and US GCCS) and military messages as primarily used within the NORCCIS II system. The gateway operates as a System High device and will label the MMHS messages created by the gateway with the security level of the system it is implemented within, i.e. Secret in this case.

14. Message Processing System

The Systematic IRIS Message Processing System is a local application within the Norwegian node implanted in both a server and in clients. It is used to parse and validate formatted messages standards such as ADatP-3, OTH GOLD and US MTF.

15. Map System

The Teleplan Maria is a local application within the Norwegian node, implemented on clients. It displays digital maps and integrates with the NORCCIS II to provide the Situation Display/Common Operational Picture.

16. Database System

Oracle 9i Server Enterprise Edition v. 9.2.0.1 for Windows 2000 is the database system. It primarily supports the NORCCIS II CCIS application, holding the military operational database for the Common Operational Picture.

There are no database connections outside the Norwegian JWID node, data base contents is exchanged in formatted messages.

17. Web System

The Web client used is the Internet Explorer 6.0. The Web server used is the Microsoft IIS and the Microsoft Portal Server. A Web server is installed on both the 6-Eyes and 10-Eyes network domains. Consistent with the NORDIS-S network architecture, the eb Servers are placed on publishing LANs. The so-called Maria Web application is also placed on the Web server. It provides a consumer-oriented COP display of the situation maintained in the NORCCIS II system to external users.

18. Virus Protection

The Trend Micro Enterprise Antivirus product provides the virus control for clients, servers and Exchange 2000 within the Norwegian JWID node.

The Norman Defence Antivirus Solution is integrated with the MMHS to provide X.400 e-mail and military message virus protection.