Microsoft Windows NT Server Supports Secure Communications for NATO Operations

Quickly implementing a robust network used to transmit sensitive data can prove to be a challenging task. And when NATO was responding to the Bosnia crisis in 1995, time was critical and the network needed to be available for deployment in weeks. Supreme Headquarters Allied Powers Europe (SHAPE) needed a network that could be used to securely transmit tactical military data up and down the chain of command between the field and SHAPE headquarters. NATO's technical arm, the NATO Consultation, Command, and Control Agency (NC3A), moved quickly to implement Cronos, a wide-area network based on Windows NT® Server 4.0. NC3A got what it needed: an infrastructure that is secure, robust, and easy to use and administer for 5,000 soldiers and staff under SHAPE command. Plus, it could be deployed at less cost and in less time than one based on UNIX. Today, Cronos is deployed in nearly 90 percent of SHAPE's headquarters and field sites in Europe.

On This Page

Solution Overview

Solution Overview

Industry

Military

Architecture

Client/Server

Products Used

• Microsoft Windows NT Server 3.5.1 and 4.0

• Microsoft Exchange Server

• Microsoft SQL Server™ 6.5

• Microsoft Office 95 and Office 97

The NATO Consultation, Command and Control Agency (NC3A) is the organization that provides technical support to the Major Nato Commands (MNCs) and the Nations in the area of system engineering, particularly for communication and information systems.

During the 1990s, the North Atlantic Treaty Organization (NATO) has reinvented itself to meet the new challenges posed by the post-Cold War world. While its core mission remains collective defense, its organization, military capabilities, and structures have been adapted for new tasks, especially crisis management and cooperation with nonmember countries. This new role was put to the test when the Dayton Peace Accords were signed in December 1995 and NATO was charged with implementing and enforcing them. The deployment, coined Operation Joint Endeavour, was NATO's largest military operation ever. Initially deployed as the Implementation Force (IFOR), the deployment was phased out a year later and replaced by the Stabilization Force (SFOR), whose primary mission was to contribute to the secure environment necessary for the consolidation of peace in the region.

Bosnia Mission Focuses NATO's IT Decisions

Among the challenges of deploying a multinational military force was the need for secure, fast, reliable communications up and down the NATO chain of command and streamlining the communications capabilities that are crucial to all its operations. The result was Cronos, a system built on the Microsoft Windows NT operating system and currently in use at nearly 90 percent of NATO's headquarters and field operations.

"From December 95 with IFOR, to December 96 with SFOR, we began building up our information systems structure," says David Steakley, Cronos Project Leader at NC3A. "When NATO moved troops into Bosnia, we needed a cohesive, manageable, and secure information system that would enable the exchange of information between the Bosnian operations and NATO headquarters and other sites throughout Europe and the U.S."

Cronos consists of local LANs deployed at each NATO command in Bosnia and throughout the chain of command. Each LAN consists of several servers running Windows NT Server version 4.0 and Exchange 5.5 and 20-300 workstations running Windows NT Workstation and Office 95/97. All of the computers are commercial, off-the-shelf (COTS) 486- and Pentium-based PCs. The LANs are interconnected into a WAN via TCP/IP links encrypted using high-grade cryptography. In total, 5,000 users access Cronos using nearly 3,000 PCs, with 150 servers distributed throughout NATO member countries and in Bosnia-Herzegovina.

When originally deployed, Cronos provided office automation functions, along with a variety of application software to support specific staff functions. "The goal was to allow the commands down in Bosnia to put together information and forward it all the way up the chain until it got to SHAPE (Supreme Headquarters Allied Powers Europe), who would then have a clear picture of what was going on, up-to-date briefings, and the like," says Steakley. However, Cronos has expanded to become a primary communications network for NATO, providing users with electronic mail and shared data, military maps in digital form, document search and retrieval capabilities, and the Cronos Wide Web (a World Wide Web look-alike). "The field views the system as their lifeblood. They can't live a minute without Cronos," says Steakley.

Most significantly, Cronos is now carrying military messaging-commands from NATO's headquarters to its field units. Cronos interfaces to TARE, a torn-paper tape relay system. "It took hours to get messages through on TARE," says Steakley, but now takes only minutes. "On the battlefield, updated information like that delivered by Cronos could help our troops out-guess and out-fight the enemy."

Security of Windows NT Crucial to Cronos

Because Cronos carries classified information, security was a top requirement. Specifically, NATO regulations required that Cronos use an operating system that carried the imprimatur of an independent security evaluation. "We had to have assurance that security rules could be enforced-to make sure that when anyone logs onto the system, he is authorized to log on and has security clearance at the level the system requires," says Steakley.

"We insist that all of our systems meet the C2 level of security when they're used for classified information, on both the client and the servers," says Steakley, referring to a security rating level in the US Government's Trusted Computer Security Evaluation Criteria. Windows NT 3.5 has been successfully evaluated by the US Government at the C2 level and Windows NT 3.51 has been successfully evaluated by the UK Government at a comparable level of E3/FC-2. Because of this lineage and the fact that Windows NT 4.0 had been submitted for its own C2 evaluation, Windows NT 4.0 met NATO's security requirements.

Additional Benefits: Simplicity, Fast Deployment, Cost

In the past, UNIX systems have been a common choice for secure networks. NATO, however, found that in addition to providing robust security, Windows NT offered a number of other advantages that made it a better choice. "We have a low number of qualified systems administrators and operators, and there's tremendous turnover, especially in Bosnia," says Steakley. "Our people can use and administer Windows NT [-based] systems with very little training." In addition, Windows NT offered a familiar suite of office automation products for users. "Our people knew how to use Windows® and Microsoft Office applications, but they didn't know how to use UNIX applications," says Steakley. Because Windows NT runs on COTS hardware, it could be deployed faster during a period when time was critical. "We had most of the Windows NT-based equipment on hand, configured, and ready to deploy in less than three months," says Steakley. "Just finding a source for 300 UNIX workstations would have been tough, and getting them delivered within 30 days would have been even harder." Moreover, says Steakley, "Putting UNIX workstations and servers in as many locations as we required, all at once, would have been a lot more expensive."

Cronos Expansion Continues

Cronos continues to expand in both scope and size. As of October 1998, it was installed in more than 47 locations, including five national headquarters (two in the UK and one each in Germany, Italy, and the U.S.). "We have achieved our goals to date with Cronos, but there's more to accomplish," says Steakley. Near-term goals include installing server clusters to provide high availability, adding a capability to provide digital authentication and encryption of e-mail, and providing the ability to transmit video and voice messages over the network.

"Cronos is fulfilling one of our primary goals: to make sure that the Commander in Chief is informed in a timely and effective manner about what's happening in the Bosnia operations-before he sees it on CNN," says Steakley. "We see an important role for Windows NT[-based] systems in the long-term future of Cronos, and NATO."