06 September 2008
Search the site
Home
About Us
Contact Us
Sitemap
 
 
  News & Events Room News & Events Room
  Defence Defence
  Homeland Security Homeland Security
  Civil Aviation Civil Aviation
  Products And Services Products And Services
  Reference Library Reference Library
  SAFEmail SAFEmail
  SAFEchat SAFEchat
  Defence Gateways Defence Gateways
  Solutions Solutions
  Customers Customers
  Industry Associations Industry Associations
 
 

NATO Lite - NATO Compatible Military Message Handling System (MMHS) for Member Countries


NATO member states will require an MMHS which is capable of interoperating with NATO and other member countries. NMS (NATO Messaging System) is a STANAG 4406 compliant implementation, designed to support 10,000 users across 200 servers and it is a highly sophisticated and complicated installation. Boldon James NATO Lite is a simplified MMHS which provides full STANAG 4406 interoperability. Based on  Microsoft Exchange and Outlook Boldon James NATO Lite MMHS comprises a base set of components such as Messaging, Labelling, PKI, Signature and Encryption, Fire and Forget, Message Transfer Agents (MTA), Directory and Border functionality in one package at a cost effective price.

NATO Lite is built upon a scaleable architecture and has been designed to deliver NATO STANAG 4406 Edition 2 compliance and interoperability in a cost effective manner. The solution is based upon advanced commercially available software products such as Microsoft Exchange, Outlook, Windows 2003 Certificate Server (or alternative) and Boldon James SAFEmail. We also offer an implementation methodology, which our customers have used to reduce the complexities of MMHS, and enables local in-country Microsoft Silver or Gold Certified Partners to rapidly deploy working systems.

Rationale

Boldon James are currently supplying some of the worlds largest MMHS’s to approximately 1.3 million seats, and as such have developed NATO Lite to support NATO and PfP countries looking to implement STANAG 4406 messaging systems to smaller military forces. Over the last 3 years we have been able to identify a common set of functional requirements, from many customers, that provides an essential level of functionality, yet enables further expansion of capability as the funds become available.  

To re-emphasise our opening paragraph, STANAG 4406 support and interoperability does NOT require an implementation of Full NMS. For the majority of countries NATO Lite represents the ideal balance between functionality and cost-effectiveness, whilst still maintaining full STANAG 4406 interoperability.

Components and Functionality

NATO Lite comprises the following core components:

  • Microsoft Exchange Server (Provides STANAG 4406 compliant MTA, Message Store)
  • Exchange X.400 Bridgehead Server (Provides STANAG 4406 compliant P1 MTA to MTA interoperability)
  • Microsoft Outlook, combined with Boldon James SAFEmail.mil (Creates, Reads, Signs and optionally encrypts STANAG 4406 Edition 2 military messages and security labels).
  • Fire and Forget; an Exchange server component that monitors read reports on messages and automatically redirects messages to alternate addresses to help improve the timeliness of operational deliveries.
  • Windows 2003 Certificate Server (Creates and manages PKI certificates for use in signing and encrypting STANAG 4406 messages). Note: NATO Lite will work with all leading PKI solutions.
  • Windows 2003 Active Directory/ADAM (Provides STANAG 4406 addressing for internal communications).
  • Defence Directory (Provides an X.500/ACP133 border directory).

The above components provide the functionality required to deploy a STANAG 4406 MMHS that will provide full capability and interoperability with NATO NMS and coalition allies who support STANAG 4406. Additional functionality (See “Optional Extensions” below) may be included, but note that these items add extra functionality above that required for STANAG 4406 Edition 2 compliance and interoperability.

Operational Naval vessels at sea

Implementation Model

NATO Lite is delivered with a deployment “blueprint” that allows local Microsoft Silver and Gold Certified Partners to install and support the system with little additional effort beyond that required to deploy a commercial Microsoft Exchange/Outlook system.

The NATO Lite implementation model is a structured, layered approach with the base level being the deployment of a commercial Exchange and Outlook solution. Sitting on top of this are the required Boldon James components, including SAFEmail.mil which raises the compliance level to STANAG 4406 Edition 2.

The certificate server is used to create and manage certificates for message signatures and encryption, whilst the Boldon James security plug-in for Outlook handles all operational aspects of signature encryption and verification, including support for CRLs and OCSP.

Although NMS supports end to end (user to user) encryption we recommend a full assessment of the overall cost benefits and operational implications of this capability. Many organisations have found that end to end encryption creates an almost unmanageable burden in terms of long term Message Archive, Key Management, Key Escrow and Key distribution, so much so that its continued use in their next generation MMHS is being reviewed.

Benefits

Boldon James’ NATO Lite is comprised of Commercial off the Shelf (COTS) components throughout, and as such is simple to implement, providing:

  • Full NATO STANAG 4406 Edition 2 support and interoperability.
  • Organisational Messaging: Where user, role and organisational mailboxes are supported within the core Exchange, Outlook, SAFEmail architecture.
  • A low cost minimum subset deployment, with multiple additional functional options.
  • Future proofing for new technologies such as Chat, Collaboration, Unified Messaging, Digital Rights Management integration within Microsoft Office 2007, Exchange 2007, Vista and Longhorn.
  • Maximum use of Microsoft components to reduce costs of installation and support
  • Complete Multi-Grade (High, Medium and Basic as per STANAG 4406 Annex F) solution offering consistent interoperability between grades.
  • A simple prescriptive installation and deployment model negating the need for specialist skills.

Optional Extensions

There are a number of functional extensions possible with NATO Lite. To clarify, these extensions do not increase compliance to STANAG 4406, they add additional capability that some counties will find cost justifiable. These are:

  • Draft, Review and Release: A Boldon James Client/Server implementation of a powerful, flexible workflow process required to implement local practices for message creation, review, and release.
  • ACP145 Gateway: A Boldon James Exchange based implementation of the CCEB gateway for international messaging interoperability. Note this standard has not yet been adopted by NATO, but adoption seems likely in light of the 25 Gateways we have already sold.
  • Web Client: A zero footprint, STANAG 4406 web client built upon the excellent Microsoft Outlook Web Access
  • Chat and Instant Messaging: A hardened Chat solution, offering labelled, secure, auditable and persistent chat room conversations. The
  • Boldon James SIM product based upon Microsoft Live Communications Server (LCS) is easily integrated with the MMHS by simple Outlook Toolbar buttons.
  • Tactical Messenger: A Microsoft Exchange based implementation of the STANAG 4406 Edition 2 Annex E Tactical Gateway for use across variable network infrastructures and bandwidths such as high latency satellite and error prone links. Tactical Messenger also supports EMCON (silent mode) environments.
  • Profiling: An Exchange server component that automates some aspects of organisational messaging by automatically re-distributing messages sent to an organisational address. Boldon James’ SAFEAgent allows competent Microsoft partners to develop customer specific profilers using simple XML formats.
  • Address List Expander/Mail List Agent: An Exchange server component that improves MMHS performance and usability by expanding distribution lists at the most efficient point in the network to avoid duplicate message transmission.
  • Message Guard: Essentially this is a message firewall and is used on the boundary of domains to prevent inadvertent or illegal transfer of messages between domains across different classifications.
  • Legacy Gateways: A new MMHS is never implemented in a “Big Bang” there is always a need for gateways to legacy systems such as ACP127.

Further Information

Please contact us with your questions.
 
 
© Boldon James Ltd. All Rights reserved. Terms of use | Privacy Policy