As a global command, NETCOM makes itself the network proving ground

MG Jennifer Napper has been the commanding general of Army Network Enterprise Technology Command (NETCOM) for just under two years, and in mid-August will take over her new assignment as director of plans and policy (J-5) for U.S. Cyber Command, Fort Meade, Md.

Replacing Napper as commanding general at NETCOM is MG Alan Lynn, who has been the Army’s Chief of Signal for the last two years.

Napper spoke with Defense Systems Editor-in-Chief Barry Rosenberg just before her reassignment to discuss the major challenges facing military networks.

DS: With enterprise email, what’s the end game? Is it just about migrating x-millions of users? What comes next?

Napper: If you think about how industry looks at which things should be local and which things should be at an enterprise level then you can see where we were going. For instance, I am a global command, and there are some capabilities that if you put inside my domain of CONUS I can’t use in the Pacific for my other commands—one of those being collaboration capabilities. So we are engaging in a pilot [program] right now to put some collaboration capabilities in the enterprise or the cloud, so to speak, such as documents and workflow that will allow me to function globally so that the people in Europe or the Pacific or Southwest Asia can post documents to us.

DS: So you’re presently sharing documents through a cloud?

Napper: Correct, so it’s on my portal now, and all the subordinate commands can look at it the same time. It shows up on my portal a week before meetings, and addresses documents that need action or anything that needs to be signed off.

We are having some challenges right now with some of the technology, so we not ready to open that to everybody just yet. But we like to use our command as the pilot, because it is a global command, and because if it’s going to be bad I rather it be bad for my command so we can work through the technical issues or decide that it’s not the way we want to go—and that’s important.

DS: NETCOM is tasked with taking over operational control over all Army networks. What does that entail?

Napper: Operational control means enforcing standards, providing direction on configurations and giving authoritative direction necessary to accomplish the mission. In this case that mission is to build, operate and defend the network.

DS: Is operational control something you could take over tomorrow, like flipping a switch? What does it entail?

Napper: For those disparate stovepipe functional networks today there’s some coordination and synchronization work we have to do. I think it will take somewhere between three and four months to do it correctly, and phase in different commands at different times based upon how ready they are.

DS: The military spends a lot of time improving situational awareness for troops on the ground. How do you improve situational awareness for networks?

Napper: In any operational domain the first thing you do is learn how to see yourself and see who else is in the domain; we call it situational awareness, from which you then can draw some form of situational understanding. In this domain called cyber, where our networks built up the way they did (over time), we really cannot see everything that’s on the network. So we’re focusing this year and into next year on something called IT Asset Management.

We’ll look at the different pieces and parts of hardware and software currently running on our network, and consolidate that view so that we can understand everything that we’ve put on the network. That will allow us to start to build that situational understanding of what’s on the network, how it’s functioning and is it functioning like it’s supposed to.

We have pieces of parts of this at posts, camps and stations. I could have told you about everything on Fort Huachuca’s network, for example, but you probably couldn’t see it if you were off Fort Huachuca. If there is activity in Fort Huachuca’s network that we aren’t being told about, then we may not be able to correlate that with activity on Fort Bliss’s network

Unless you have visibility all the way across the enterprise then you can’t begin to collate events and decide whether or not you have a systemic problem or if you have malicious software in your network or another problem. So our big focus this year is continuing to develop that capability.

DS: What tools do you use to get that visibility into these networks and tie together the stovepipes?

Napper: I cheated and didn’t buy any tools. What I did is say, ‘tell me all the tools you have on your network and what kind of information that they already produce.’ When you buy a router it comes with software that tells you the current status of your router, but where is it reporting to…probably nowhere very high (up the network).

And so what we do differently is put connectors on the network and pull that data out that you already have so that we can correlate it. You find out some interesting things when you do that. When I put a router on the network at Fort Huachuca, for instance, I may have named it Router One, Building Two. But I may have a router on the network at Fort Bliss that is also named Router One, Building Two. So we don’t have (the necessary) standards when naming devices, and the second phase of this is to go back and clean up the data.

DS: And that naming issue can happen 50 times over with dozens of different pieces of hardware.

Napper: Correct. My last update of what percentage of the network that we are seeing…since we’re getting pretty healthy…I would say it’s better than 70 percent of the network today globally, and we have over four million different devices to look at.

DS: What have you learned about the network that you didn’t know two years ago when you became NETCOM commander?

Napper: There is no aspect of our operations today that we can’t improve by using the network more effectively. It doesn’t matter if we are talking about pay or taking about ordering bullets down range. There is no aspect of operations that the network cannot enable and do better. My concern with that is the one thing we can’t do with the network is to prevent human error.

From my perspective we have a network-enabled Army, and that means soldiers at every level are all on the network. And soldiers make mistakes, they’re human, the same as civilians, so we need to focus on affecting the least amount of the network when humans make mistakes.