Joint Staff J7 Cyberspace Environment Division / Joint Information Operations Range (JIOR) Overview Approved for Public Release by Joint Staff Public Affairs - Hampton Roads 18 Dec 15
JIOR Background DoD requires an integrated test range to increase confidence and better assure predictable outcomes. The test range supports exercises, testing and development of Computer Network Attacks (CNA), EW and other IO capabilities. FY05 2003 DoD IO Roadmap IOC: 10 nodes; 3 use cases 11 events; PL-3 Designation FY06 DepSecDef England designates JFCOM as LA 40 nodes; 18 events FY07 57 nodes; 33 events FY08 PACOM AIR FORCE NSA Australia 64 nodes; 45 events FY09 NAVY ARMY USMC 70 nodes; 62 events FY10 75 nodes; 49 events FY11 Transitioned to JS - aligned under S&I / JOSE CENTCOM STRATCOM AFRICOM EUCOM United Kingdom 82 nodes; 56 events FY12 Aligned under DDJE / CED $ reduction 90 nodes; 60 events FY13 DepSecDef Memo Detailing governance Of the JIOR to JS - SEP 2011 FY14 Aligned under DDJT / CED Recommendation: Develop a network of IO & CNA ranges USD(I) USD(AT&L) DOT&E 2
JIOR Enterprise (U) Key Attributes Currently, 110 access points in five countries Closed-loop, scalable and transportable DIA accredited secure training & test environment Distributed environment Ability to train at home station Both persistent environments (PE) and tactical event environments (U) Provides Access to: (U) Essential Elements of a Training Environment Threat Environments Critical Infrastructure and Key Resources (CIKR) Traffic Generation BLUE Forces BLUE Friendly AGILE RESPONSIVE SECURE JIOR RED Threat Systems Red Teams RED Forces Network Emulation Blue Offensive & Defensive Cyber Capabilities Exercise Control WHITE Control Assessment GRAY (.com/internet) Internet NOISE
Transport, Integration, Planning & Security Transport Closed-loop & distributed live-fire cyber range complex Leveraging existing and extended networks (DISN, DREN, JTEN, ESNet, etc) Integration Network engineers to build and integrate complex user architectures Event Planning Subject Matter Experts coordinate and design Persistent & Tactical environments to meet Combatant Command, Service and Agency cyber and IO requirements Security DIA accredited to operate from unclass to TS/SCI SAP/SAR/STO Standing policy to execute SAP/STO within the JIOR
The JIOR Planning Cell Tier II NOSC Tier III Engineering Rack Mounted Service Delivery Point Pico Service Delivery Point
Boundary, Red/Black Distinction Combatant Command Assessment Exercise Ctrl WHITE Internet Replication GRAY DoD IA Range Traffic Generation BLUE RED OPFOR Intel Community Carnegie Mellon JIOR Service Delivery Point Firewall / Crypto / Routers DREN/DISN GRAY Web/Social Media GRAY DISA GIG Replication BLUE Virtual C2 Systems RED Target RED TSMO BLUE Service Networks 24th AF 6
7
Simulation Training Exercise Platform -- STEP STEP: One aspect of the Persistent Training Environment. A hands-on lab for individual students & team-exercise game-space topologies. STEP ensures multiple concurrent, isolated projections can be deployed and accessed by different teams simultaneously -- Red, blue, gray space with scenarios for training CED s Role: Centrally manage the platform for decentralized use 1) Cyber mission force training 1,000/2,000 /3,000 2) Capstone level events e.g. Cyber Flag/Guard/Knight 3) TS instantiation for OPFOR training -- Located in Suffolk in 116B (Annex) USCC s Role: Content of training / Funding 8
FY16 Program of Work Projection MAJOR SPONSOR COMBATANT COMMAND 15 SERVICE 39 AGENCY 4 COALITION 2 TOTAL 60 COALITION 3% AGENCY 7% SERVICE 65% COMBATANT COMMAND 25% JIOR in FY16 Execute 60 environments (+/-10%) Expand footprint to 120+ nodes worldwide 110 access points in five countries ENVIRONMENT PURPOSE COMBAT/MISSION RELATED 7 TRAINING 26 OPERATIONS SUPPORT 10 TEST & EVALUATION 11 EXPERIMENTS 6 TOTAL 60 TEST & EVALUATION 18% EXPERIMENTS 10% OPERATIONS SUPPORT 17% COMBAT & MISSION RELATED 12% TRAINING 43% Key Points: Growing number of large/extra large environments (>600 man hours each to plan/execute) More participants leveraging established persistent environments JIOR footprint will expand to new user communities (e.g., National Guard, Interagency, coalition)
Segregation of JIOR Activities IO Range architecture supports multiple segregated activities at different classification levels Patch panels enable sites to control connections to IO Range One-for-one relationship between ports and Type-3 VPNs 10
Traffic Management Can Be Risky Business Shown is a Type-1 Bulk Encrypted Tunnel (VPN) that carries several Type-3 Encrypted VLANs between Client and Vendor Sites. (No passing / Crossing Lanes Permitted) (VLAN) Yellow-SCI.. Red-Secret Blue-Other 11
Questions/Discussion