Mission Critical Access for Remote Workers, How Cross Domain Solutions Improve War Fighter Communications, Part 1 - Ep. 85
Part I: Major General Joe Brendler, U.S. Army (retired) discusses Multi-Domain Operations and how Cross Domain Solutions have improved communications.
Episode Table of Contents
- [01:34] Cross-Domain Solutions, an Area of Expertise
- [07:50] Cross-Domain Solutions Versus Multi-Domain Operations
- [13:54] A Forced Entry Operation
- [09:17] How Cross-Domain Solutions Are Fundamental to Technology
- About Our Guest
Cross-Domain Solutions, an Area of Expertise
Carolyn: Today we have Major General Joe Brendler, retired US Army, and a Principal at Deep Water LLC. How are you doing, Joe?
Joe: I'm doing great, Carolyn. Thank you. How about you?
Carolyn: I'm good. Super excited to have you here today. I was reading through your bio, I see that you have 31 years as a Cyber Signal Officer.
Joe: Almost 32. Finished up my career at Fort Meade, Maryland, where I was the Chief of Staff of US Cyber Com before I retired. Before I forget to do so at the appropriate point, I'd ask you to just please call me Joe.
Eric: I'm going to General Brendler, Joe. I know we're here to talk about multi-domain operations, an area of expertise. But you're also an expert skier. And we just learned you hiked the entire Appalachian Trail after retiring.
Joe: I did. I wasn't sure of course that I was going to be one of the 23% of people who start out on that endeavor that would actually end up finishing. At my retirement ceremony, I announced to the audience that part of my intent in retirement would be to hike at least a portion of the Appalachian Trail.
Joe: After about 30 days in, I decided to try to continue and see how far I could get. Over the course of about five months of narrowly continuous hiking, I finished at Springer Mountain in Georgia.
Eric: You went North to South?
Joe: I went from Harpers Ferry, North, to Maine first.
The Long Trail
Joe: And then because it was about 105 degrees in Virginia in August, instead of going back to Virginia and continuing South at that point, I took a little extra time and hiked a different trail in Vermont called the Long Trail. Which actually predates the existence of the Appalachian Trail.
Joe: It's the Southern 105 miles of the Long Trail coincide with the Appalachian trail. I've already done that earlier. I went back to Killington, where the two trails diverge. I continued North on the Long Trail to the Canadian border at what they call Journeys End is the Northern terminus of that trail.
Joe: I took a little time off, then spent some time with my parents. Then got back on the trail going South after a few miscellaneous chores associated with the fact that our movement out of quarters at Fort Meade and into the house that we had in Northern Virginia for some time was done in stages.
Joe: A couple of the other breaks that I had taken from the hiking were associated with my daughter's graduation from a small school in Southern Vermont which just happened to coincide with my arrival hiking North at about the same place in Vermont.
Joe: So I got off the trail, got a rental car in Manchester, Vermont, drove over to her school and she was proud to tell her friends, "My dad walked here."
Carolyn: I have this image of you showing up like Grizzly Adams to your daughter's graduation.
Joe: That's not far off. I was able to get into a hostel overnight before I got the rental car. So I was cleaned up and didn't smell like a hiker who'd been going for five days with no kind of hygiene.
The Appalachian Trail
Joe: But my clothing had been scratched from about 700 miles of walking at that time. I wasn't dressed in a suit and tie like some of the other attendees were.
Eric: What made you do this?
Joe: It had been an objective since some point in my childhood. I had done some extended multi-day hiking, but not much. Just in the Adirondack Mountains near where I grew up. I heard stories about the Appalachian Trail. I heard it's walking, it's long, it's almost 2,200 miles total and thought, "I don't know, can I do that?"
Joe: Just the thought of undertaking something and then completing it and driving a sense of satisfaction from that became an objective. Also, it is an opportunity to get out and connect with nature. So you could be as alone as you want.
Joe: Or because there are so many other people hiking the Appalachian Trail, there's no reason you can't join up with other people. I did that several times.
Joe: I had periods of a couple of weeks at a time where I hiked with another group of folks that become what we call a trail family. Then at some point schedules and hiking rates diverge, and you end up separating.
Eric: And you go off.
Joe: Yes, everybody has to do what we'd say hike your own hike. You don't try to do it under the expectations or methods of anybody else. You got to do it your way to be successful.
Eric: That makes sense. So Carolyn, I know we're here to talk about multi-domain operations, but I'm so fascinated. It's something I've thought about. I've never heavily considered.
Cross-Domain Solutions Versus Multi-Domain Operations
Eric: Let's talk cross-domain though. Multi-domain operations.
Carolyn: 31 years Cyber Signal, has cross-domain always been a part of that?
Joe: Cross-domain has been a part of that in my awareness. Since probably the time I was a Captain working significant operations and support with VII Corps in Germany. But multi-domain operations is a newer term. That's something that grew out of the evolution of doctrine.
Joe: Following the transition from an extended period of operations against terrorism that threatened the United States. And a recognition that we needed to focus on the adversaries who'd executed their own modernization programs while we were focused on that terrorism.
Joe: We were now at risk of them having advanced beyond where we were in some areas. So, that focus required a change of strategy.
Carolyn: This is going to show my ignorance, but haven't we always had multi-domain like secret? Top secret, all those different domains? We haven't always addressed it that way?
Joe: Well, no. The term multi-domain operations does not refer to the same domains in the term cross-domain solutions. Cross-domain solutions talk about security domains for information. Multi-domain operations talks about the integration of capabilities. Actually they use the term convergence.
Joe: The calibration of forces of different types in order to combine the capabilities from multiple domains of warfare in an optimal fashion relative to the adversaries. So, you accomplish the basic intent of US Military strategy, which has always been assuring our allies and deter our adversaries.
Joe: You assure and deter by optimizing the combination of capabilities you have across several domains. The traditional domains are land, air, sea power.
A Combination of Overwhelming Combat Power
Joe: When I was a young officer, we learned about what was called AirLand Battle. Which was the rebirth of the modern US Military force following the Vietnam era in which we invented new doctrine.
Joe: We came out with new kinds of weapons systems. We produced a doctrine for the combination of the effects from those weapons systems in an optimized fashion. Which still applies the basic principles of war that we were taught as young officers in a fashion that we referred to as massing effects.
Joe: So mass refers to converge, concentrate, apply at the right place and time a combination of overwhelming combat power. You may have remembered Colin Powell referring to the overwhelming combat power that we could bring to bear during the first Gulf War.
Joe: This is a natural evolution of those same thought processes. There's a couple of new vocabulary terms. I mentioned convergence instead of the massing of fires. It's the convergence of effects from across all of the domains.
Joe: That now includes the application effects from operations in the information environment. The acronym there, of course, OIE is relatively new. Not all that well known, information operations, IO, is a little bit more well-known. That consists of cyber capabilities used for information effect, which could be to conduct an influence operation to get the adversary to do something.
Joe: Deception is also part of information operations as is psychological operations. Even public affairs is part of that set of capabilities. We want to converge effects from all domains, land, air, sea operations in the information environment, space, et cetera in a fashion that serves to assure our allies and deter our adversaries.
The Combined Action Capability of Cross-Domain Solutions
Joe: The calibration of forces necessary to do that is where strategy meets planning, meets for structure. Some of which is deployed, and some of which is stationed in the continent of the United States.
Joe: But designated as available for operations and support of a particular geographic combatant command. Think Europe or Pacific predominantly in the framework we were talking about with near-peer adversaries of war.
Eric: I was an infantryman. All I wanted were my radios to work. As a career signals officer, though, what you're talking about is really the enhanced complexity of the battlespace in 2020. And making all systems work, whether it's space or cyber or radio or whatever it may be. So that we have a combined action capability, correct?
Joe: Yes, there's a built-in dilemma in the application of technology. Fundamentally, you want the application of technology to serve as a military vantage. That's why we do it, in order to gain that advantage. We need to be able to protect our systems in order to retain that advantage.
Joe: When things start getting so complex that it's hard enough just keeping these things working in order to be able to use them. Then you bring into question whether you're actually gaining an advantage from them.
Joe: So design principles have to include the notion that you're trying to abstract the complexity away from the soldier who has to use it. That as far as the soldier is concerned, it's a relatively simple thing. It just works.
Eric: I just want my radio to work or my headset to show me where the Op For is. Or whatever it may be these days.
A Forced Entry Operation
Carolyn: We're talking a lot about telework right now, but the military is like the ultimate teleworkers from forever. You guys are dispersed all over the world. So how do you handle that? How do you make sure that you can communicate?
Joe: I have a story that I tell about what I call the expeditionary life cycle for communications and IT support to a deployment. It starts with what might be a forced-entry operation. If you're going someplace in order to pursue the national security interests of the United States and in order to get there, you have to fight in order to put capability on the ground.
Joe: Then that forced entry operation may involve the destruction of communications infrastructure that exists on the ground. You have to bring with you everything that you're going to use in order to communicate.
Joe: It may be that you have to jump it out of an airplane with you and use it as soon as you hit the ground. Or it may be that you have to roll it off the back of the first plane that can land on the airfield you've been able to secure once you conducted some fighting on the ground.
Joe: Then you start to mature the environment from an information perspective. As more equipment arrives, you set up a more sophisticated network. Again, applying the principle of abstract the complexity away from the soldiers.
Joe: So that they don't see it as something that is complicated and hard to use. But is available and functions as a technological advantage relative to the adversary that they're facing.
Tactical Communications Gear
Joe: Then as time goes by and things become more mature, you shift from using the tactical equipment that the soldiers had to bring in to the employment of modern commercial off-the-shelf equipment. You can bring in and transition from employment by soldiers, to employment by a contract at workforce that you bring in to augment the tactical force.
Joe: So that the tactical force is available to conduct tactical operations with its tactical communications gear. And that tactical communications gear isn't bogged down or tied down in providing the communications associated with the operating basis you're establishing.
Eric: I imagine that's very difficult in the modern battlefield. To keep those comms up and running as the enemy is trying to do deny that and keep people in systems communicating.
Joe: It is difficult. One of anything is nothing, if the adversary is trying to take it away from you and succeeds at one point in time. But the adversary is not the only thing that could potentially take your communications capability away from you. Mother nature always does a great job with that.
Joe: With the presentation of threats like sandstorms or huge rainstorms, cables lying in mud. All of those natural outdoors factors come into play. It's a lot of work to just keep it running.
Joe: But as I mentioned before, you want it simple, you want it available. In order for it to be available, you have to also secure it against the actions of an adversary who might be trying to take it away from you. That threat can be presented in a kinetic fashion where they might try to blow up your communications node or shoot it in some fashion.
Cross-Domain Solutions Communicating Across Multiple Networks
Joe: They may try to use cyber capabilities today to either deny your ability to use it. Or when you use it to cause it to function in a fashion other than you intended.
Carolyn: What about communication across multiple networks? Back to my original, confusing across-domain with the different domains. In the field, I imagine you have to have communication from different networks. Is that true?
Joe: Absolutely. And thanks for focusing us on that, Carolyn. The reality today is that almost every operation we do is going to be a combined operation conducted by US forces and our allies. Just among the US forces, we're always going to use more than just one network.
Joe: We typically have an unclassified network. And we have various classified networks for handling information of different levels of sensitivity. But when we're operating as a coalition, we then add complexity to that mix by having to put together a way to share sensitive information that we've agreed to share among our allies. That first step is nontechnical. That is a matter of diplomacy among nations to agree that, "Hey, we're after this altogether.
Joe: We're going to work together. And in order to optimize our ability to work together, we're going to agree to share some of what we would consider a secret with each other." Then you have a new security domain associated with that network. Which is different from the security domains of your unclassified network or your US classified networks.
Joe: To get the information that you agreed to share with allies onto the network you're going to use for that purpose, you actually have to use cross-domain solutions. This is where the term domain applies to the security domain.
How Cross-Domain Solutions Are Fundamental to Technology
Joe: Not to the domain of warfare that we were talking about with MDO. But cross-domain solutions are the fundamental technology. It makes it possible to share information between those different security domains in a fashion that mitigates the risk of doing so.
Carolyn: Cross-domain solutions haven't been around your whole career, right? What did you do? What did it look like when Eric was in the field and he had to get comms out. And there were multiple networks he was dealing with, what did that look like? And what does it look like now?
Eric: We're bouncing SATCOM or HF Radio back in the day. The teams I worked on were bouncing that back to a tactical operations center, headquarters, something. That's all one classification out where I was at in those days.
Eric: We're talking almost 40 years ago, 30 years, 35 years ago, let me not date myself too much. But then that's when we really had to get down to dissemination of that information.
Joe: In my experience, it was at some point in the '90s when I first encountered an operation and it was a training event. In which, it was necessary to transfer information from networks of different levels of classification in order to have the information that you needed to operate.
Joe: That for me was the introduction of the requirement for what we call a transfer guard device functioning as a cross-domain solution.
Eric: That would be right around the time when we were sending information back. Obviously, I know where it went, but I didn't know exactly what they did with it after that. Interesting. And then access guards came around after that.
Multiple Independent Levels of Security
Joe: That's an interesting technology too. Had we had something like that, it would have simplified the situation that I had during my last deployment in Afghanistan where I was the CJ6, the Coalition J6 for ISAF, the International Security Assistance Force, which was a NATO-led operation.
Joe: We have 50 different nations in the coalition. There was an existing network that had been established in order for ISAF nations to share classified information with each other. But in order to create that security domain, we applied a set of dedicated encryption devices to a cryptographically isolated network.
Joe: Then we used a dedicated set of computing here on that network. On my desk, I had a computer for that network. I had a computer for the US classified network, I had a computer for the US unclassified network. And I had just as many phones as I had computers.
Eric: One for each network essentially.
Joe: An access cross-domain solution would have essentially allowed me to use one device if it is credited to simultaneously process Multiple Independent Levels of Security. That MILS acronym is the go-to there. When I was a younger officer, we just call it MLS, Multi-Level Security.
Joe: But a multilevel secure access device would have reduced the cost of the technology footprint at each user's desk. Such as mine, by significant factor.
Carolyn: This week's conversation with Joe required more time than we have in a normal episode. We decided to continue the conversation, but break it into two episodes.
Carolyn: This week is part one. Tune in next week for part two to hear what Joe has to say about how the pandemic has changed communications. And the internet of things has made the military think differently about cybersecurity.
About Our Guest
Joe Brendler Principal, Deep Water Point, LLC and Major General U.S. Army (Retired). MG (ret.) Joseph Brendler is a senior executive and thought leader with more than 30 years of experience managing large organizations. Specializing in delivery of information technology, networks, and cybersecurity solutions.
Prior to starting his consulting business, MG Brendler was Chief of Staff for the United States Cyber Command (USCYBERCOM). And prior to that the Director of Strategic Planning, Policy, and Partnerships for USCYBERCOM. In those roles, he participated in the oversight of operations and the development of US military cyber doctrine and of DoD and national cyber policy.
Prior to those assignments, he served as US Army Director of Architecture, Operations, Networks and Space under the Army CIO/G6. He was Chief of C5ISR, US Forces J6, and NATO Forces CJ6, for ISAF, in Kabul, Afghanistan. MG Brendler also served as the Chief of Staff for the Defense Information Systems Agency.