by MAJ Jeff Girard
There�s no clearly defined Army doctrine that governs the missions and employment of a division�s automation soldiers. This should change, since recent experiments with personnel and materiel at Fort Hood, Texas; Fort Campbell, Ky.; and Fort Drum, N.Y. � as well as the National Training Center, Fort Irwin, Calif., and Joint Readiness Training Center, Fort Polk, La. � have indicated that automation planning and engineering is an important component in a communications-support architecture�s design.
This article outlines how 10th Signal Battalion has organized and equipped the division automation office to meet 10th Mountain Division�s current and future automation needs. Our reorganization is modeled after concepts that have been time-tested in industry for many years.
The reorganization process began with a close examination of the complete automation and network-engineering process. Our examination resulted in defining five primary subject areas for which the "new" DAO would be responsible. These areas are:
|All aspects of data-network engineering;|
|All aspects of engineering, installing, configuring and managing the routed backbone;|
|All aspects of server management;|
|Installing, operating and maintaining the physical layer/local-area networks in the three division-level command posts; and|
|Managing automation acquisitions, to include establishing the division baseline hardware and software.|
The following list defines tasks within this new organization�s purview:
|Plan, engineer and manage the entire router network within 10th Mountain Division;|
|Plan, engineer and manage the nonsecure Internet protocol routed network�s extensions into the division area using network-encryption systems;|
|Plan, engineer and manage the secure Internet protocol routed network�s extensions into the division area using NESs;|
|IOM and respond to a network intrusion-detection system;|
|IOM domain servers on the tactical Internet protocol routed network;|
|IOM mail servers on the TIPRNET;|
|IOM webservers on the TIPRNET;|
|IOM domain-name servers on the TIPRNET for the non-Standard Army Management Information System hosts;|
|IOM domain-name servers on the TIPRNET for the STAMIS hosts;|
|IOM a web-based reporting system on the TIPRNET;|
|IOM the common-tactical-picture server;|
|Plan, engineer, install and manage configuration of a multiparty voice and collaborative workspace application;|
|Man a tactical help desk;|
|Manage the automation-procurement system for the division, to include capability-requests processing;|
|Plan, engineer, install, troubleshoot and manage the LAN with the three division CP elements. Responsibilities for this LAN are bounded by Layer 1 of the seven-layer International Standards Organization�s open-systems interface model; and|
|Assist with implementing and transitioning to Defense Message System.|
The next step after defining these missions was to align personnel within the organization to meet these missions. The 10th Signal Battalion commander (LTC Kent Woods) decided to align the information-services-support office (modified tables of organization and equipment Paragraph 109) under the division automation officer. The key to this alignment is that these eight soldiers, military-occupation specialty 74C, would be cross-trained to become tactical networkers and would fill a crucial role in LAN management at the three division-level CPs.
The following organizational chart depicts these soldiers� battle positions.
|Assignment of tasks and responsibilities in the division automation office (objective state) for tactical operations.|
Working from left to right along the organizational chart, I�ll start with soldiers at the division-main CP. The reader sees we�ve populated this CP with MOS 74Cs, the soldiers we chose to identify as tactical networkers. These soldiers have been cross-trained in a variety of skills dealing with the physical layer (the OSI model�s Layer 1). They�re completely responsible for installing and maintaining the LAN within DMAIN and for all branch lines to various CPs that surround DMAIN (military-intelligence battalion�s tactical-operations center, air-defense-artillery battalion�s TOC, division artillery�s TOC).
The MOS 74C soldiers aren�t responsible for wiring these additional battalion-level CPs, as those battalions have their own communications soldiers who are responsible for doing this. The tactical networkers are responsible for the LAN cable to the point it terminates to the subscriber�s equipment. Also, these tactical networkers are responsible for the -20 level troubleshooting and maintenance on the automation systems within the TOC.
As the automation system is simply another weapon system, the operator is defined to be the -10 level and is expected to know and understand how to use his weapon system.
Finally, these soldiers are expected to install and maintain the data-management facilities (outlined in a later paragraph) and servers located at their site.
There are about 100 computer systems located within DMAIN proper, including systems within the division�s analysis-and-control element. Our tactical networkers must also deal with network segregation since most systems are connected to the TIPRNET, a secret-high system, while the vast majority of the rest are connected to the SIPRNET through the Trojan Spirit system. The tactical networkers must also deal with a small quantity of computer systems connected to the unclassified NIPRNET which support unclassified-data support for the command group.
Moving to the right in the organizational chart, tactical networkers at the division tactical-operations center have the same responsibilities and tasks as those defined for DMAIN. Currently there are some 30 computer systems on the LAN at DTAC. Normally there�s neither a direct SIPRNET nor NIPRNET feed at DTAC. SIPRNET is provided to DTAC by way of a gateway our higher headquarters installs. The feed is then extended to DTAC through the TIPRNET.
I�ll skip the systems control (the Signal battalion�s operations center) for the moment and move onto the division rear-operations center. Again, soldiers at DREAR have the same responsibilities and tasks as those at the other two division-level CPs. However, at DREAR, these tasks are accomplished by MOS 74Bs, not tactical networkers. The data-processing-technician warrant officer�s main mission is to maintain the suites of servers located at various positions on the battlefield (outlined in a later paragraph), plus the various network-encryption devices, a tactical help desk and LAN management for the DREAR LAN.
Also, DREAR soldiers are responsible for managing the NIPRNET extensions that tunnel through the TIPRNET by way of NES. DREAR soldiers monitor both the NES encrypted and unencrypted sides.
Finally, DREAR soldiers are also responsible for establishing a tactical help desk, modeled after industry. When users have problems with their client machines or have network issues, they can call a mobile-subscriber-equipment phone number, where they can obtain MOS 74B soldiers� support. The 74B soldiers log each call and attempt to troubleshoot over the MSE phone circuit by talking the user through the problem.
A second-order effect of this system is that we�re simultaneously training our users and instilling in them self-confidence as they fix their own problems.
If the help-desk soldiers are unable to resolve the issue over the phone, the trouble call is logged and a team is dispatched as time, resources and battlefield conditions permit.
Finally, there are two captains located at DREAR from division automation. Their mission is to function as the deputy G-6 representatives at DREAR. This entails all battle-staff planning, reporting and integration with the deputy G-6 located at DMAIN. They also provide oversight for all automation activities at DREAR.
In this scheme, the data-network-engineering team locates at the Signal battalion. The 74B soldiers at SYSCON are totally responsible for engineering, managing and configuring all routers within 10th Mountain Division�s architecture. This includes routers installed in MSE switches as part of the tactical high-speed data network�s fielding, as well as more routers being used as edge devices in the three division-level CPs and the SYSCON. The gateway routers ensure that three critical CPs have dual and redundant data paths.
The DNE team manages the data network by sitting side-by-side with soldiers who are managing the MSE network. In this manner, we achieve total integration of both data and voice circuitry. Also, these soldiers IOM and react to a network IDS whose management console is located in the SYSCON. Finally, DNE soldiers are jointly responsible for managing the battlefield videoteleconferencing system with the MSE network technicians located in the SYSCON.
As for command and control of DAO, the automation officer (a major) locates at the Signal battalion SYSCON to overwatch and influence the entire data-engineering and management effort. The senior noncommissioned officer in DAO positions himself at DREAR, although he has the same global responsibilities as the major. In this manner, the division automation-management office is able to effectively manage all assets and personnel to ensure data networks and systems are meeting commanders� needs.
Prior to THSDN�s advent and the inclusion of routers into MSE equipment shelters, the only data capability MSE provided was the packet-switch network. Packet switches didn�t require any engineering or programming to operate. As a result of this simplistic data network, the automation officer historically positioned himself at DMAIN, where his main function was customer relations and client-machine troubleshooting.
Currently, and for the foreseeable future, the environment has completely changed. DNE is now an important component of developing and maintaining any communications network. I refer now to a favored analogy Woods and I use: the MSE Signal battalion is the plumber laying the pipes. In the plumbing analogy, the MSE links � or shots as they�re commonly called � are the pipes, and the routers function as both the connectors and valves � connecting data paths together and determining which path (pipe) the data will take. Data-network engineers must now determine location of the subscriber�s computers (where are the toilets, showers and sinks located); analyze the data rate and bandwidth requirements for each subscriber (what water pressure is needed at the toilets, sinks and showers); and engineer a plumbing system that will meet the homeowner�s needs. (I�ll need a six-inch main feed line here, a two-inch auxiliary line here, a shutoff valve here, etc.).
Continuing with this analogy, it�s imperative that the plumber who�s engineering, installing and maintaining the valves and connectors works alongside the plumber who�s installing the actual pipes. The two plumbing contractors must work side-by-side, working from the initial house drawings and blueprints to design the entire plumbing system. They supervise their labor force through installation of the system, consult with each other to find and fix leaks, and consult once again when the homeowner desires to move a bathroom from downstairs to upstairs.
Doctrine has already determined for us who the pipe-laying plumbing contractor is: the operations section of the division Signal battalion, supervised by the S-3. The MSE-network-technician warrant officer assigned to the section normally accomplishes most of the engineering work. As routers are a new addition to the MSE shelter, there�s no clearly defined doctrine as to who�s responsible for engineering and managing these routers. The 10th Signal Battalion assigned that responsibility to the division automation officer.
Based on this, it logically follows that DAMO establishes a DNE section to work closely with the S-3 personnel, particularly the MSE-network technician, in all MSE network engineering, installation and restoration. The result: DAMO moved from DMAIN, where it performed a customer relations/client-machine troubleshooting function, to the Signal battalion�s SYSCON to perform a DNE and management function.
On a related issue, 10th Signal Battalion has expanded use of routers within the division. We�ve installed routers into the dismounted-entry switches. DESs are housed in transit cases and previously had no data capability � not even packet switching. This deficit severely limited their utility on today�s battlefield. By adding routers, the Signal battalion commander has effectively created four more small extension nodes with which to operate.
So, where do we draw the lines on network management? At what point does the network technician work an outage, and at what point does the DNE section � since both work side-by-side in the SYSCON � work the outage?
In 10th Signal Battalion, we use the ISO�s seven-layer OSI model as a guide. Layer 1, the physical layer, falls completely under the MSE-network technician�s purview. The network technician is responsible for establishing a physical layer connection between the two routers. This includes physical cabling within the shelters; switches on the special circuit-card assemblies within the THSDN-capable MSE switches; and establishing the shot between the two switches.
This area of responsibility also includes determining the use of forward-error correction and setting the correct configurations on the CCAs. Layer 1 is confirmed when the two routers see each other as Cisco Discovery Protocol neighbors.
The DNE section is responsible for Layers 2 through 7.
Although the "lanes" are clearly defined, the net tech and the DNE overlap and assist in resolving all outages. The net tech has full access, via password control, to all routers, while the DNE soldiers have been sufficiently trained to identify FEC mismatches and cabling issues with the shelters.
As mentioned earlier in this article, there�s a requirement to have LAN-management trained personnel in digital TOCs, as validated by the wealth of data gathered from each of the many experiments in digitizing the force. In the future, we should expect to see changes to the force structure adding these soldiers to the organization. The issue, however, is in the near term. Our TOCs are becoming ever-increasingly digitized without the requisite force structure to establish and maintain LANs.
The 10th Signal Battalion�s solution is to cross-train MOS 74C soldiers in the basic skills of LAN installation and management. They work for DAMO and are trained on RG-58 and RJ-45 cable fabrication; designing a wiring plan for a TOC; basics of hubs and routers; LAN installation; and client-machine troubleshooting. Teams of these soldiers are task-organized to each of the three division CPs. They�re totally responsible for installing and maintaining the LAN�s health of their respective CPs.
Each team is provided a footlocker containing a quantity of pre-made 10Base2 and 10BaseT cables, as well as the raw materials to build more. The footlockers also contain cable testers, terminators, cable tags and all the hubs needed to build LANs. Each team also has a laptop with a diagnostic program loaded on it so they can visually monitor the health of client machines within their TOC. Finally, each team has reference materials to assist them in troubleshooting client-machine problems.
A different but related aspect of the DAMO reorganization plan was including sheltered vehicles fielded to the battalion as node-management facilities. These systems consist of a heavy humvee carrying a S-250 shelter and towing a 10-kilowatt generator trailer. The intent of this system is to provide a place for the nodal platoon leader to manage his node-center switch and other systems on his site. Historically, platoon leaders don�t use these systems; they manage their operations from a tent located outside their NCS. The 10th Signal Battalion commander decided to reallocate four of these resources to the DAMO section to be converted and used as DMFs.
Inside these shelters, the data-engineering section installed industry-standard 19-inch racks. Into these racks, the DNE section installed rackmount-styled server processors, flat-screen drawer-type monitor/keyboard/trackball combinations, universal power supplies, a 12-port hub, a router, media converters and a mini patch bay. The DNE section fabricated and mounted a signal-entry panel with BNC through-type connectors.
One of these DMFs deploys to each of the division CPs and to the SYSCON. Each DMF contains the gateway router for its respective CP and most of the servers for the entire division. These DMFs provide a secure and reliable means of transportation for the data-networking equipment and a clean, reliable power source by means of generator power and UPS. Finally, the DMF provides an electrical, physical and logical transition point where the TOC LAN interfaces with the MSE network�s wide-area network.
Another aspect of the division-automation arena�s complete transformation is again modeled after industry. This is the area of servers and server distribution. Historically, 10th Signal Battalion has maintained one set of servers providing a domain controller, a mail server and a webserver hosting a web-based reporting system. There was only one set of servers normally located at DMAIN, along with DAMO. There was no continuity-of-operations plan, nor were there any backup plans. This created a single point of failure for these critical assets.
Industry solved this problem years ago with a concept known as clustering: multiple dislocated servers providing the same service and replicating their data with each other. This provides continuity of operations in case of single-server failure. It also provides improved responsiveness to client requests by moving servers closer to users, thereby reducing latency created by network traffic.
Using the clustering concept, we�ve installed server processors into our DMFs. We now have multiple domain controllers across the battlefield, as well as multiple webservers and electronic-mail servers. We also have several servers running domain-name resolution services as well as WINS service. These provide more rapid name resolution, which reduces the latency users within the division perceived. We�re installing servers at all three division CPs as well as the SYSCON.
There are several other actions we have yet to implement to complete our transition. The first is to establish a virtual collaborative-planning-environment server/tool for the division. The XVIII Airborne Corps� standard is a product known as InfoWorkSpace. The 10th Mountain Division is still testing this product to determine whether it, or some other product, will be chosen as our standard.
Whatever the outcome, the server for this system will become one of many servers that DAO will IOM. We�ll install this server hardware in the DMF at the SYSCON, and it�ll be managed by DNEs located at the SYSCON.
Also, we plan to IOM an IDS within 10th Mountain Division�s TIPRNET. This will involve establishing a security zone between the division network and all foreign networks. In this case, I define a foreign network as one for which I don�t have control. A reachback link to XVIII Airborne Corps would meet the definition of a foreign link. The management console for this IDS system would again reside within the DMF at the SYSCON, as this is the location with the soldiers and network wide visibility as well as has the best ability to react to a threat.
We�re experimenting with a system to provide a secure wireless LAN extension to the infantry and artillery battalions. These units don�t have doctrinal MSE support and therefore don�t have any means to access services on the TIPRNET. Although the bandwidth is comparatively small (16 kilobytes per second), it�s enough to support to the number of processors in a battalion TOC.
Finally, we plan to migrate from router-based LANs at the three division CPs to switch-based LANs. The large number of hosts at these locations dictates that a switch-based solution would provide a much faster network than the current router-based architecture. Also, adding switches as edge devices in the division CPs would allow us to create and use virtual LANs to support these clients.
Technology is evolving rapidly and won�t slow down for the foreseeable future. As a result of these changes, the DAO/DAMO � a once-unimportant staff section � has undergone its own evolution. DNE and support has become a critical component to any communications-support architecture. The 10th Signal Battalion commander codified this idea by modifying his mission statement from "provide voice and data networks" to "provide data and voice networks."
This article has outlined how one Signal battalion commander, unencumbered by the constraints of what was done in the past, analyzed the mission, attacked the problem and accomplished the mission by "thinking out of the box" and using unorthodox concepts and ideas. This solution may not be the best, but it certainly meets the needs of our commanders today and for the future.
MAJ Girard is 10th Mountain Division (Light)�s DAMO. His previous assignments include a year as 10th Signal Battalion�s executive officer. He has also participated in three rotations to NTC and two rotations to JRTC in positions as a Signal platoon leader, mechanized-infantry battalion S-6, light-infantry brigade S-6 and division automation officer. Girard has a master�s degree in artificial intelligence from Duke University and has been developing artificial-intelligence applications since 1984.
Back issues on-line | "Most requested" articles | Article search | Subscriptions | Writer's guide
Army Communicator is part of Regimental Division, a division of Office Chief of Signal.