The C3I&N Directorate is responsible for executing, developing, acquiring, deploying and sustaining cyberspace, communication, and cryptologic capabilities across Air Force as well as Joint and inter-Agency communities. Our focus is on delivering solutions to drive dynamic integration of information/systems in support of air, space, and cyberspace domains.
The C3I&N Directorate is responsible for executing, developing, acquiring, deploying and sustaining cyberspace, communication, and cryptologic capabilities across Department of the Air Force as well as Joint and inter-Agency communities. Our focus is on delivering solutions to drive dynamic integration of information/systems in support of air, space, and cyberspace domains.
### What We Provide
### What We Provide
...
@@ -28,7 +28,7 @@ Digital Trinity is meant to foster a virtual acquisition process that centers on
...
@@ -28,7 +28,7 @@ Digital Trinity is meant to foster a virtual acquisition process that centers on
Our digital storefront and engagement process is meant to enable customers to easily find and take advantage of our enterprise IT services.
Our digital storefront and engagement process is meant to enable customers to easily find and take advantage of our enterprise IT services.
Our Digital Transformation Engagement Team supporting this effort is run by AFLCMC/HN out of Hanscom AFB. We help match your organization’s IT requirements to the best HN service offerings. Acting as a sort of concierge, our DTE Team leads the engagement from initial consultation through configuration and delivery.
Our Digital Trinity Transformation Team (DT3) help match your organization’s IT requirements to the best service offerings. We help match your organization’s IT requirements to the best HN service offerings. Providing concierge service, DT3 leads the engagement from initial consultation through configuration and delivery. Our DTE Team leads the engagement from initial consultation through configuration and delivery.
AF7 system is a network of geographically dispersed user video teleconferencing (VTC) sites operated at three security levels cleared for special access required (SAR) VTCs: Secret//SAR Level 3, Top Secret//SAR Level 4, and Top Secret//SAR-SCI Level 5.
AF7 system is a network of geographically dispersed user video teleconferencing (VTC) sites operated at three security levels cleared for special access required (SAR) VTCs.
## Benefits & Features
## Benefits & Features
- Approved for all DoD SAPs.
- May be installed at contractor sites.
- Can be installed at contractor sites.
- Deployment approval signed off by PM and ISSM.
- No ATC required. Deployment approval signed off by PM and ISSM.
- Significantly cuts TDY costs.
- Significantly cuts TDY costs.
- Endpoint Tech Refresh (Gov' t/Con tractor) paid for by AF7 PMO.
- Endpoint Tech Refresh (Gov' t/Con tractor) paid for by AF7 PMO.
Air Force Special Enclave Network – Community Of Interest Network (AFSEN-COIN) is designed to provide a standardized means of information transportation to improve service and connectivity between locations.
Air Force Special Enclave Network – Community Of Interest Network (AFSEN-COIN) is designed to provide a standardized means of information transportation to improve service and connectivity between locations.
AFSEN-COIN is a Virtual Private Network (VPN) service provided through the Defense Information Systems Agency (DISA) Global Information Grid (GIG). AFSEN-COIN provides the transport pipe for Secret//Special Access Required (SAR) up to Top Secret Sensitive Compartmented Information (SCI)//SAR traffic that is National Security Agency (NSA) Type-1 encrypted using DISA’s Layer 3-VPN service for long-haul transport. AFSEN-COIN provides customers with dedicated transport/bandwidth for Special Access Program (SAP) missions without having to compete with existing NIPRNet bandwidth.
Provided through the Defense Information Systems Agency (DISA) Global Information Grid (GIG). AFSEN-COIN a dedicated transport/bandwidth pipe for long-haul transport of classified digital information.
@@ -12,9 +12,9 @@ excerpt: 'A suite of multi-level web applications that provide file sharing and
...
@@ -12,9 +12,9 @@ excerpt: 'A suite of multi-level web applications that provide file sharing and
updated:April 1
updated:April 1
---
---
Common Operating Environment (CORE) is a suite of multi-level web applications that provide file sharing and webmail services enabling secure data and communication exchange between S//SAR, TS//SAR, and TS//SAR-SCI networks and users.
Common Operating Environment (CORE) is a suite of multi-level web applications that provide file sharing and webmail services enabling secure data and communication exchange between between networks and users.
DoD, USAF and industry partners can utilize the capability.
DoD, DAF and industry partners can utilize the capability.
## Benefits & Features
## Benefits & Features
...
@@ -36,5 +36,5 @@ DoD, USAF and industry partners can utilize the capability.
...
@@ -36,5 +36,5 @@ DoD, USAF and industry partners can utilize the capability.
## Requirements
## Requirements
All necessary forms are provided by the Core Connections Team
All necessary forms are provided by the CORE Connections Team
Combat Air Force Networks (CV2) is a Special Access Program (SAP), Microsoft Windows-based, Wide Area Network hosted at three security levels: Secret//SAR Level 3, Top Secret//SAR Level 4, and Top Secret//SCI//SAR Level 5.
Combat Air Force Networks (CV2) is a Special Access Program (SAP), Wide Area Network hosted at three security levels.
There are three distinct and separate systems with one at the S//SAR and the other at the TS//SAR//SCI level. The system is managed by the MSC and all hardware (desktop, switches, routers, servers, etc) are under a strict configuration management policy centrally implemented and enforced.
The system is managed by the MSC and all hardware (desktop, switches, routers, servers, etc) are under a strict configuration management policy centrally implemented and enforced.
EVE is a government owned/government operated hardware solution that provides a basic compute and store capability in a PL-3 environment.
EVE is a government owned/government operated hardware solution that provides a basic compute and store capability.
This infrastructure-as-a-service (IaaS) model allows EVE to host virtualized systems and field services supporting the USAF and DoD. EVE supports both Level 3 and Level 4/5 production mission systems.
This infrastructure-as-a-service (IaaS) model allows EVE to host virtualized systems and field services supporting the USAF and DoD.
Information Support System (ISS) is a compartmented WAN that includes trusted MLS services, specifically providing an integrated PL-4 desktop environment with Automated Information System tools and functions.
Information Support System (ISS) is a compartmented WAN that includes trusted MLS services, specifically providing an integrated desktop environment with Automated Information System tools and functions.
## Benefits & Features
## Benefits & Features
- PMO managed ATO; minimal burden to site cybersecurity
- PMO managed ATO; minimal burden to site cybersecurity
- Can be installed at contractor sites
- Can be installed at contractor sites
- ID Access Management automatically updated by JADE
- ID Access Management automatically updated by JADE
- Allows connections to existing PL-2, PL-3 and PL-4 systems via Trusted Gateways, High Assurance Controlled Interfaces and Trusted Domain Interfaces
- Allows connections to existing systems via Trusted Gateways, High Assurance Controlled Interfaces and Trusted Domain Interfaces
- Support to Windows Single Level LANs
- Support to Windows Single Level LANs
- Transport via JWICs, NIPR, SIPR or Commercial (transport agnostic)
- Transport via agnostic
- Managed to the desktop by the Enterprise Management Center (EMC)
- Managed to the desktop by the Enterprise Management Center (EMC)
## Requirements
## Requirements
ATC is required to connect an existing network to ISS and must be signed off by AO (SAF/AAZ).
ISA is required to connect an existing network to ISS and must be signed off by AO.
The Cloud Native Acess Point is available on Cloud One to provide access to Development, Testing, and Production enclaves at IL-2, IL-4, and IL-5 that use Platform One DevSecOps DevSecOps environments by using an internet-facing Cloud-native Zero trust model.
The Cloud Native Access Point is available on Cloud One to provide access to Development, Testing, and Production enclaves at IL-2, IL-4, and IL-5 that use Platform One DevSecOps DevSecOps environments by using an internet-facing Cloud-native Zero trust model.
CNAP brings a full Zero Trust tech stack enforcing device state, user RBAC, and Software Defined Perimeter / Networks based on Google BeyondCorp concepts and allows access to Cloud One (AWS GovCloud and soon Azure Government) and Platform One without a BCAP or IAP. CNAP allows thick client access from BYOD Government-owned devices (both mobile and desktop) through AppGate Zero Trust clients to enforce device states.
CNAP brings a full Zero Trust tech stack enforcing device state, user RBAC, and Software Defined Perimeter / Networks based on Google BeyondCorp concepts and allows access to Cloud One (AWS GovCloud and soon Azure Government) and Platform One without a BCAP or IAP. CNAP allows thick client access from BYOD Government-owned devices (both mobile and desktop) through AppGate Zero Trust clients to enforce device states.
@@ -18,10 +18,10 @@ SEITaaS Summit delivers End User Services, MLS applications, and NaaS to include
...
@@ -18,10 +18,10 @@ SEITaaS Summit delivers End User Services, MLS applications, and NaaS to include
## Benefits & Features
## Benefits & Features
- Modernize AF SAP IT enterprise services
- Modernize DAF SAP IT enterprise services
- Consolidate AF SAP IT systems and services
- Consolidate DAF SAP IT systems and services
- Better secure AF SAP IT systems and data
- Better secure DAF SAP IT systems and data
- Optimize AF SAP IT enterprise services
- Optimize DAF SAP IT enterprise services
- Validate the Government technical approach
- Validate the Government technical approach
- Rapidly meet urgent customer needs
- Rapidly meet urgent customer needs
- Gather comprehensive "as a service" data
- Gather comprehensive "as a service" data
...
@@ -31,7 +31,7 @@ SEITaaS Summit delivers End User Services, MLS applications, and NaaS to include
...
@@ -31,7 +31,7 @@ SEITaaS Summit delivers End User Services, MLS applications, and NaaS to include
## Network Transport options
## Network Transport options
SEITaaS network transport will be provided by a catalogue of service providers including both government and commercial internet providers.
SEITaaS network transport may be provided by a catalogue of service providers including both government and commercial internet providers.
During site surveys and end user requirements refinement the SEITaaS Summit team will evaluate all available options for connectivity at a site and use the best available option to meet the user requirements. Options considered will include government provided transport (NIPR, [COIN](/services/afsen-coin/), DREN, etc.) or locally available commercial ISP.
During site surveys and end user requirements refinement the SEITaaS Summit team will evaluate all available options for connectivity at a site and use the best available option to meet the user requirements. Options considered will include government provided transport (NIPR, [COIN](/services/afsen-coin/), DREN, etc.) or locally available commercial ISP.
Secure Global Network (SGN) allows sites to communicate by using VoIP phones, email, file sharing, and other capabilities.
Secure Global Network (SGN) allows sites to communicate by using VoIP phones, email, file sharing, and other digital capabilities.
SGN is an Air Force Special Access Program (SAP) network approved for TS//SCI processing. DoD, AF, and industry facilities can utilize the optional SGN Remote Client (SRC) console to access SGN. SRC is a fully accredited and deployable SGN network node. A separately accredited information system may be used to connect to SGN, if required.
SGN is an Air Force Special Access Program (SAP) network approved for TS//SAR/SCI processing. DoD, DAF, and industry facilities can utilize the optional SGN Remote Client (SRC) console to access SGN. SRC is a fully accredited and deployable SGN network node. A separately accredited information system may be used to connect to SGN, if required.
## Benefits & Features
## Benefits & Features
- Provides access to SGN capabilities and services to sites where a high degree of operational readiness is not required.
- Provides access to SGN capabilities and services to sites where a high degree of operational readiness is not required.
- Supports access to remote sites and users with different formal access approvals.
- Supports access to remote sites and users with different formal access approvals.
- Increases the ability to communicate SAP and SCI level information with AF, DoD, and Industry partners.
- Increases the ability to communicate SAP and SCI level information with DAF, DoD, and Industry partners.
- Reduces risk of classified information mishandling.
- Reduces risk of classified information mishandling.
- Consolidates disparate network architectures.
- Consolidates disparate network architectures.
- Reduces or eliminates the need to courier or fax classified information.
- Reduces or eliminates the need to courier or fax classified information.
- Reduces time and resource costs of building, deploying, and accrediting classified information system.
- Reduces time and resource costs of building, deploying, and accrediting classified information system.
- Communication and data transfers between AF, DoD, and Industry partners.
- Communication and data transfers between DAF, DoD, and Industry partners.
SVS is the AF's Enterprise SAP voice network, consisting of geographically dispersed user VOSIP sites (also called endpoints) connected to call managers and operated at three security levels cleared for special access required (SAR) VOSIP CALLs: Secret//SAR Level 3, Top Secret//SAR Level 4, and Top Secret//SCI//SAR Level 5. SVS VOSIP calls may cover any SAP or compartment, constrained only by the security level of the VOSIP call. SVS endpoints require implementation of an encrypter, firewall, and switch as well as internal fiber drops to each phone location.
SVS is the AF's Enterprise SAP voice network, consisting of geographically dispersed user VOSIP sites (also called endpoints) connected to call managers and operated at three security levels. SVS VOSIP calls may cover any SAP or compartment, constrained only by the security level of the VOSIP call. SVS endpoints require implementation of an encrypter, firewall, and switch as well as internal fiber drops to each phone location.
Jovany Espinoza authored623afca6