Provides for the Procurement of Secure Communications Equipment to Navy Ships, Shore Sites, Aircraft, Marine Corps, and United States Coast Guard
Total Page:16
File Type:pdf, Size:1020Kb
UNCLASSIFIED BUDGET ITEM JUSTIFICATION SHEET DATE May 2009 APPROPRIATION/BUDGET ACTIVITY P-1 ITEM NOMENCLATURE SUBHEAD OP,N - BA2 COMMUNICATIONS & ELECTRONIC EQUIPMENT 3415 Information Systems Security Program (ISSP) 52DA FY 2008 FY 2009 FY 2010 FY 2011 FY 2012 FY 2013 FY2014 FY2015 TO COMP TOTAL QUANTITY COST (in millions) 121.319 100.855 119.054 Continuing Continuing Spares 0.442 0.425 0.319 PROGRAM COVERAGE: The Information Systems Security Program (ISSP) provides for the procurement of secure communications equipment to Navy ships, shore sites, aircraft, Marine Corps, and United States Coast Guard. ISSP protects information systems from unauthorized access or modification of information, and against the denial of service to authorized users or provision of service to unauthorized users. Information Assurance (IA) is a layered protection strategy, using Commercial Off-The-Shelf (COTS) and Government Off-The-Shelf (GOTS) hardware and software products that collectively provide an effective Network Security Infrastructure (multiple level security mechanisms and ability to detect and react to intrusions). IA is critical in protecting our ability to wage Network Centric Warfare (NCW). The following ISSP specific efforts will be funded under this program: SECURE VOICE: The Secure Voice program procures equipment that provides secure voice communication capabilities. Equipment to be procured in FY10-FY11 includes various secure voice strategic/tactical products (VINSON/Advanced Narrowband and Digital Voice Terminal (VACM), KSV-21, Next Generation Internet Protocol Phones (Next Gen IP Phones), Call Manager, Internet Protocol Tactical Shore Gateway (IP TSG), Navy Certificate Validation Infrastructure (NCVI) cards, and Secure Communication Interoperability Protocol (SCIP) Inter-Working Function (IWF). Tactical secure voice products include Tactical Shore Gateway (TSG) to allow communication between telephony users and tactical radio users as well as secure conference capabilities. The SCIP IWF provides sea-shore secure telephony communication capabilities. Associated ancillary items for Secure Voice products include handsets, power supplies, upgrade kits, production support, and installation. SECURE DATA: The Secure Data program procures equipment to secure record and data communications. Equipment to be procured in FY10-FY11 includes Computer Network Defense (CND) and Cryptographic Communication Security (COMSEC) equipment. The CND program procures equipment to secure Navy network information systems. Procurements within the CND equipment line include: Firewall components which provide protection for networks from unauthorized users, Virtual Private Networks (VPNs) which provide encrypted "Point-to-Point" virtual communication networks, IPS' (Intrusion Prevention Systems), Administrator Access Control, Network Security tools and Filtering routers. CND procurement will also include DoD Information Assurance Certification and Accrediation Process (DIACAP) end-to-end Certification and Accreditation Support Tool (CAST), to provide enterprise-wide visibility into security posture. Procurements within the COMSEC equipment line include various family of crypto products to include KIV-7M (replacing WALBURN, SAVILLE DATA, KW-46 and KL-51 crypto devices), Cryptographic Universal Enclosures (CUE), KGV-136B, KG-3X (KG-333, KG-334, and KG-361), In-Line Network Encrypters (INE): KG-175A and KG-175D, KOV-26 (TALON), KIV-54, KG-45A, KGV-135A, KL-51 (Laptop, Suitcase and Components), Link-16 Common Crypto Module (CCM), Link-22, associated ancillary testers, rack mounts an parts, production support, integration, and installation are also included. Electronic Key Management System (EKMS) / KEY MANAGEMENT INFRASTRUCTURE (KMI): EKMS provides for cryptographic key management with the Department of Navy (DON). This program provides for the procurement, fielding and sustainment of software and hardware management system, which consists of Interoperable Joint Service and Civil Agency key management components. The National Security Agency (NSA) established the EKMS program to meet multiple objectives which include supplying electronic key in a secure and operationally responsive manner and providing EKMS / COMSEC managers with an automated system capable of ordering, generating, distributing, storing, security, accounting, and access control. Equipment to be procured in FY10-FY13 includes Local Management Devices (LMDs), Local COMSEC Management System (LCMS) software, Common User Application Software (CUAS), EKMS Upgrades (hardware and software), Tier 3 Simple Key Loader (SKL), Tactical Key Loader (TKL), Tier 3 Data Management Device (DMD), advanced Key Processor (KP), and other next generation EKMS Phase V products. Associated ancillary, production support and installation are also included. KMI is the next generation key management system that provides for net-centric, web based architecture for the ordering, management and distribution of all cryptographic key material to support Department of the Navy (DON) users. KMI is an NSA program, with the services procuring and deploying the Manager Client (MGC)/Advanced Key Processor (AKP) or Manager Only Clients to replace the EKMS LMD/KP platforms in the out years. The LMD is a Commercial Off-the-Shelf (COTS) computer that runs Santa Cruz Operations (SCO) Unix and LCMS/CUAS software which controls the Key Processor (KP) and provides the EKMS/COMSEC manager with improved security and enhanced management capabilities. The SKL stores, manages, transfers and loads cryptographic key material and COMSEC data through automatic loading of End Crypto Units (ECUs). Specifically, the SKL and its predecessor Data Transfer Device (DTD) provides the next generation DTD, which is based on a Personal Computer Memory Card International Association (PCMCIA) card (crypto engine) and COTS notebook / palmtop computer running GOTS software. DMD provides for intermediate key management to incorporate Mission Planning capabilities to the key packages. TKL- Begin procurement of TKL, a modernized KYK-13, in FY 10. Development of the TKL resulted from Special Warfare (SPECWAR) and United States Marine Corp (USMC) requirements for a new tactical fill device. Production scheduled to begin FY10. In FY11, begin procurement of KMI products, specifically the MGC / AKP and High Assurance Internet Protocol Equipment (HAIPE). Exhibit P-40, Budget Item Justification P-1 Shopping List - Item No. 86 Unclassified Page 1 of 18 Classification UNCLASSIFIED BUDGET ITEM JUSTIFICATION SHEET DATE May 2009 APPROPRIATION/BUDGET ACTIVITY P-1 ITEM NOMENCLATURE SUBHEAD OP,N - BA2 COMMUNICATIONS & ELECTRONIC EQUIPMENT 3415 Information Systems Security Program (ISSP) 52DA Public Key Infrastructure (PKI): PKI provides digital certificate management to authenticate the identity of users on networks as well as to encrypt electronic information flowing over those networks. Procurements include: Real-Time Automated Personnel Identification System (RAPIDS) capability on Integrated Shipboard Network Systems (ISNS) platforms. Card/Token readers & middleware (including Homeland Security Presidential Directive-12 (HSPD-12) and Secret Information Protocol Router Network (SIPRNet) development, Online Certificate Status Protocol (OCSP) hardware and software including server hardware, responder/repeaters hardware security modules, Secret Information Protocol Router Network / Non- Classified Information Protocol Router Network (SIPRNet / NIPRNet). Alternate Token Personal Identification Number (PIN) reset workstations, SIPRNet, Middleware, Navy Proxy Certificate Authority (CA) and Tactical Registration Authority (TRA) In addition, this includes procurement of smart card (system administrator) capabilities along with other PKI modernization efforts such as Internet Protocol Version 6 (IPv6). JUSTIFICATION OF BUDGET YEAR REQUIREMENTS: The procurement profile has been phased in accordance with validated requirements for Navy, Marine Corps, and Coast Guard implementation plans and availability of National Security Agency (NSA) procured key management items. FY10 procurements include procurement and fielding of Secure Voice Secure Communication Interoperability Protocol (SCIP) Inter-Working Function (IWF); Computer Network Defense (CND) firewalls, Intrusion Detection/Protection Systems, Gateway virus scanning hardware and software tools, DoD Information Assurance Certification and Accrediation Process (DIACAP) end-to-end Certification and Accreditation Support Tool (CAST); Cryptographic devices; Electronic Key Management System (EKMS) Tactical Key Loaders (TKLs), Key Management Infrastructure (KMI) workstations, and Simple Key Loaders (SKL); and Public Key Infrastructure (PKI) RAPIDS workstations, servers and security tokens. FY11 procurements include procurement and fielding of Secure Voice SCIP-IWF; CND firewalls, DIACAP end-to-end CAST; Intrusion Detection/Protection Systems, Gateway virus scanning hardware and software tools; Cryptographic devices; EKMS TKLs, KMI workstations, SKL; and PKI RAPIDS workstations, servers and security tokens. INSTALLING AGENT: The Information System Security Program (ISSP) equipment will be installed by the In-Service Engineering Activity (ISEA). Exhibit P-40, Budget Item Justification P-1 Shopping List - Item No. 86 Unclassified Page 2 of 18 Classification UNCLASSIFIED DATE COST ANALYSIS May 2009 APPROPRIATION ACTIVITY SUBHEAD OP,N - BA-2 COMMUNICATIONS AND ELECTRONIC EQUIPMENT 52DA TOTAL COST IN THOUSANDS OF DOLLARS PY FY 2008 FY 2009 FY