83rd NETWORK OPERATIONS SQUADRON
83 NOS Perspective:
AFNETOPS and the
AFNET Migration
Lt Col Eric P. DeLange
Commander
This Briefing is:
UNCLASSIFIED
Chain of Command &
AFNETOPS Organization
AFSPC
AF Network
Integration Center
(Scott AFB)
24 AF
624 OC
689 Combat Comm Wing
67 Net Warfare Wing
688 Info Ops Wing
Combat Comm & Comm
Maint/System Tech Eval
(Robins AFB)
Net Ops & Monitoring, CND/A
(Lackland AFB)
Info Ops & Net Engineering
(Lackland AFB)
26 NOG
690 NSG
67 NWG
(Lackland AFB)
(Lackland AFB)
(Lackland AFB)
26 NOS (Gunter Annex)
33 NWS (Lackland AFB)
26 OSS (Lackland AFB)
352 NWS (Hickam AFB)
426 NWS (Vogelweh GE)
68 NWS (Brooks CB, TX)
83 NOS (Langley AFB)
561 NOS (Peterson AFB)
690 NSS (Lackland AFB)
690 ISS (Lackland AFB)
91 NWS (Lackland AFB)
315 NWS (Fort Meade)
299 NOSS (KS ANG)
310 CF (CO AFR)
622 CF (VA AFR)
Base Network
Control Ctr’s
(NCCs)
UNCLASSIFIED
Standards = Success
---- AFNETOPS C2 Process
67th Network Warfare Wing
67 NWW
690 NSG
Net Ops
•
•
•
26 NOG
Net Defense
67 NWG
Full Spectrum
USAF’s Cyberspace Force – Combat Wing, Global Presence
Mission:
• Operate, Manage, & Defend Global AF Networks
• Train and Ready Airmen to Execute Computer
Network Exploitation and Attack
• Perform Electronic Systems
Attack
Security Assessments
Conducts the Full Range of Network Warfare
• Network Operations (Establish)
• Net Defense (Control)
• Full Spectrum (Use)
UNCLASSIFIED
Standards = Success
Operate
Operations
Of and On
the Network
Defend
Mission
Command, Control, Operate, Sustain, and Defend assigned Air
Force networks to assure global cyber supremacy and enforce Air
Force network standards and to develop Airman as cyber warriors.
UNCLASSIFIED
Standards = Success
The AFNET Platform Delivering…
Career Email
Address
Standardization
and
Consolidation
Single Sign-On
Reduced Cost
and System
Complexity
Air Force Wide Enterprise
Standardized and Secure!
UNCLASSIFIED
Standards = Success
AF-Wide
Collaboration
UNCLASSIFIED
Services in the AFNET
Management Tools
Network Account Management
Security Policy Enforcement/Management
Application Monitoring
Network Monitoring
Functional Services
C2 and
Functional
Systems
•
•
•
•
•
•
•
•
SharePoint
MS Office Communication Server
List Servers
Fax Servers
Project Management Servers
FTP Servers
Enterprise–wide VPN
Storage
AF Enterprise
Forest
Capabilities
E-mail
Mobile Devices
ESD
UNCLASSIFIED
Standards = Success
Security/Authentication
Directory (AD)
Anti-Virus
Security Patching (SCCM)
CAC Certification
What the AFNET
Migration is NOT!
 AFNet is not a “full” tech refresh of base equipment
 AFNet does not “reprogram” PMO systems
 AFNet does not provide C&A of base enclaves
 AFNet Enterprise Service Desk (ESD) was not not established to
handle all communication issues (LMR, IPTV, etc)
 AFNet does not provide Continuity of Operations (COOP)
 AFNet does not “restructure” AF boundaries; Completely separate
but related effort
 AFNet does not remove Single Points of Failure (SPOF)
 AFNet does not “fix” existing network issues
 AFNet does not physically “move” base level functional systems
to the APC
UNCLASSIFIED
Standards = Success
7
Components of Migration
• Initial Coordination
•
•
Programmatic Coordination
Begins 210 days prior to migration / Duration ~15 days
• Infrastructure Preparation
•
•
Circuit Upgrades, Facility Improvements, AQ processes
Begins ~180 days prior to migration / Duration up to 150 days (or more)
• Source Environment Preparation
•
•
Prepare the legacy environments for migration (Administrative & Technical)
Begins ~90 days prior to migration / Duration ~60 days
• Target Environment Preparation
•
•
Prepare AFNET to support migration of site
Begins ~60 days prior to migration / Duration ~60 days
Legacy
shutdown
actions occur
concurrently
during
migration/post
migration
actions
• Migration
•
•
Move Legacy Active Directory resources to AFNet
Duration varies from 15 days - up to 150 days (or more)
• Post Migration
•
•
Initial
Coord
Environment Clean up, Legacy Func App Transition & Shutdown
Begins ~180 prior to migration / Duration up to 150 days (or more)
Infrastructure
Prep
Source
Env Prep
Target
Env Prep
Migration
Post
Migration
Legacy Shutdown
Migration Organizational
Roles/Responsibilities
‘Key’ stakeholders and what each contributes to the
migration of an organization
MAJCOM
AFSPC
24 AF/67 NWW
(Includes 690 NSG, 83 NOS,
561 NOS)
AFNIC
Base
•Coordinate Base Support
•Coordinate Migration Schedule
•Facilitate Strategic Communication
•Funding for Hardware and Allied Support
•Contracting Support
•Core Migration Team
•O&M for the AFNet
•Operational Issue Resolution
This is a
TEAM Sport!
• Project Management
• Operations
• Legacy Shutdown
• Executes Checklist
• Coord Local Support/Info Dissemination
• Provides Dedicated CST Support
UNCLASSIFIED
Standards = Success
UNCLASSIFIED
Entrance Criteria
•
•
•
•
•
•
•
Complete all pre-migration checklists
Key servers in-place, configured, and operational
Proper, documented certification and accreditation
Support orgs prepared to accept responsibility
<1% user accts over mailbox size limit
XP machine POA&M
Cyber Readiness Review (CRR)
AFNIC/ECSO
FACILITATION
Programmatic
Pre-Migration
Administrative Checklists
Feedback
CRR
Technical Checklists
Execution
Feedback
CRR represents formal hand-off from programmatic actions to operations
LESSONS LEARNED
690 NSG
Operations
UNCLASSIFIED
Standards = Success
Exit Criteria
•
•
•
Migrate user/machine accts, E-mail, public folders & other
services
All mission systems operational pre-migration are still operational
post-migration
• Accessible via trust or in the AFNet
<1% minor (user-level) tickets and no major (exec/base-level or
higher mission impact) tickets related to MIGRATION
• Outstanding Help Desk tickets related to Other Services will
transfer to the ESU/ESD
Exit criteria will be reviewed during outbrief
UNCLASSIFIED
Standards = Success
Post Migration Support
Environment
•
•
•
•
•
Tier 0
Tier 1
Tier 2
User
ESD
I-NOSC/ESU/APC
MCCC/NCC/CFP
“Self-service”
TT Submission/Status
Load own printer
Load appr S/W apps
Etc.
Tier 1
• Create/assign/track TTs
• Initial troubleshooting
• AD User Acct Mgmt
Tier 2
• Admin/Assist
• EITSM Acct Mgmt
• Etc.
• More complex HW/SW
problems
• Requires specific
construct attention
• Netwk Transport, Server,
Boundary issues
• Local Touch MX req’d
Enterprise Service Desk
DSN 510-HELPDESK
(510-435-7337)
“owns” lifecycle
management
Tier 3
• Highly specialized
expertise required
- Engineers
- System integrators
- 3rd-party providers
- Vendors
- FSEs/SMEs
• PMO-managed systems
- AFPKI
- AFDS
- ADLS
- AFNet Response Ctr
Lessons Learned
Adherence to
Checklist
Completion
Dedicated Migration
CSTs
Security
Permissions for
Mapped Drives
Strategic
Communications
Selecting Pilot
Users
Identifying Network
Bandwidth Issues
AD Groups and
Exchange
UNCLASSIFIED
Identifying Alt
Token,
Blackberry/Good
Mobile, VIP Users
Standards = Success
Ensuring ATO and
CR Process
Questions?
UNCLASSIFIED
Standards = Success