Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

File

Matt Runyan
Network Consulting Engineer, Cisco Systems – Tactical Operations
matrunya@cisco.com
March 2014
© 2013 Cisco and/or its affiliates. All rights reserved.
1
Thanks to:
Rakesh Bharania
NCE,Cisco TacOps
For initial Networked EOC
whitepaper, available upon
request
© 2013 Cisco and/or its affiliates. All rights reserved.
2
• Network Consulting Engineer,
Cisco Systems - Tactical Operations
• Volunteer Firefighter / EMT-B,
Apex (NC) Fire Department
• Communications Unit Leader (COML),
NCTF-4 USAR (Type III)
© 2013 Cisco and/or its affiliates. All rights reserved.
3
3
• About Cisco Tactical Operations
• Connected EOC
Concept and Design
• IT/Security Considerations
• EOC Communications Suite
Resiliency
Redundancy
Voice/Video/Data
Interoperability
• Testing Your Solution & Training People
• Q&A
• Conclusion
© 2013 Cisco and/or its affiliates. All rights reserved.
4
© 2013 Cisco and/or its affiliates. All rights reserved.
5
Team Mission
To deliver a unique level of
service in corporate and
individual risk mitigation,
critical network availability,
and rapid recovery from
natural or man-made
disasters through a highly
skilled team of operational
and technical experts.
© 2013 Cisco and/or its affiliates. All rights reserved.
Team Focus Areas
 Corporate Social
Responsibility /
Emergency Response
 Internal Support
 Industry Influence and
Thought Leadership
 Business Enablement
and Consulting
6
• Network Emergency Response Vehicle (NERV)
• NIMS Type II Mobile Communications Center
• Large scale network services core
• Emergency Communications Unit Trailer (ECU)
• NIMS Type III Mobile Communications Center
• Large scale network services core
• C17 airlift capable
• Mobile Communicator Vehicle (MC2 / MCV)
• NIMS Type IV Mobile Communications Center
• Medium scale network services core
• Emergency Communications Kit (ECK)
• Rapidly deployable communications capability
• Airline check-in or carry-on form factors
• Each platform evolves as technology improves!
“Respond locally, communicate globally”
© 2013 Cisco and/or its affiliates. All rights reserved.
7
• Satellite, BGAN, 4G Cellular
• Land Mobile Radio (LMR)
• Cisco IPICS
• Cisco Wireless LAN (Mesh)
• Cisco Unified CME (VoIP)
• Cisco TelePresence (over
satellite!)
• Cisco Video Surveillance
• Cisco Digital Media Encoder
• Cisco ISR routers (DMVPN, IPsec, WAAS)
• Security (Firewall and IDS / IPS, Web Security Appliance)
© 2013 Cisco and/or its affiliates. All rights reserved.
8
 Portable self-contained kit
 Cisco Branch Office Router
 Rapidly deployable
 Wired and wireless IP phones
 Ruggedized shock-mounted case  Switch
 Easily integrated with satellite or
other Internet backhaul
© 2013 Cisco and/or its affiliates. All rights reserved.
 Wireless access points
 UPS
9
© 2013 Cisco and/or its affiliates. All rights reserved.
10
Coordinating Resources
Policy Making
Operations
Information Gathering
Public Information Dissemination
Hosting Visitors
© 2013 Cisco and/or its affiliates. All rights reserved.
11
• Location and potential hazards
First you must survive the disaster, then respond
• Building layout and Personnel support
• IT and Information Security in Critical Path
• Understanding workflows & NIMS Requirements
•
Within EOC (individuals / teams)
•
EOC to outside agencies & entities - interoperability
• The EOC Communications Suite:
•
•
•
•
•
Resiliency and Redundancy of key functions / systems
Information Security in the EOC
IP Telephony and Video Systems
Wireless Networks
Remote Access and Interoperability Systems
© 2013 Cisco and/or its affiliates. All rights reserved.
12
Implication:
Engage your IT and Information Security resources
early and often!
© 2013 Cisco and/or its affiliates. All rights reserved.
13
• Example: “Watch Desk” -> IC -> Operations -> Logistics ->
Finance/Administration
• Have backup points of contact or
line of succession for key positions.
• Workflows can influence physical layout of building
(video walls, breakout rooms, separate area for media)
• Individuals may be grouped by ICS Position, Branch or other
function (Logistics, Law Enforcement / Fire / Public Works, etc.)
• Smooth flow of information for best situational awareness is
critical for crisis decision-making
© 2013 Cisco and/or its affiliates. All rights reserved.
14
• Information Sharing for Situational Awareness
• Mutual Aid / Resource Requests
• With whom do I need to talk to and share information?
•
•
•
•
Peer Level: Adjoining Cities / Counties
Higher Level: County -> State, State -> Federal
Lower Level: State -> Regional, Regional -> County
Other Organizations: Military, Utilities, Red Cross,
VOAD, Fusion Centers, Businesses
• Public Information: News Media,
Social Media (value in two-way conversation)
© 2013 Cisco and/or its affiliates. All rights reserved.
15
© 2013 Cisco and/or its affiliates. All rights reserved.
16
• Telephone (internal PBX systems, PSTN and NAWAS)
• Land Mobile Radio Systems
• Email, file sharing and group collaboration
(Intranet websites, wikis, chat tools, web-based meeting tools)
• Specialized apps, incident management tools and databases
(WebEOC, E-Team, CAD, NCIC/DCI, resource catalogs, HR,
finance, digital signage, EAS/IPAWS, etc.)
• Video tools (Video Teleconferencing, video surveillance, analytics)
• Remote access (VPN, Email and Web)
• Mobile Apps for Smart Phones & Tablets
• Wireless Intranet and Internet access for employees and guests
© 2013 Cisco and/or its affiliates. All rights reserved.
17
• Typical Threats:
Service Disruption
Network abuse
Unauthorized access
• Defense in Depth
(policies, awareness, firewalls, AV, content filters, IDS, etc.)
• Suite of tools
(detection, reporting, alerting, mitigation, auditing)
• Maintain some ease of use
- otherwise, users will circumvent security
© 2013 Cisco and/or its affiliates. All rights reserved.
18
• Redundant network hardware and
cabling
• Independent A/B Power feeds
• Server clustering for High Availability
• Data backup and restore
• Cloud services – do your homework!
• Sometimes,
less complex = more reliable
• Cost vs. reliability tradeoffs
© 2013 Cisco and/or its affiliates. All rights reserved.
19
• Converged IP voice and data network = flexibility
• Remote access for alternate locations and mobile workers
• Stable Power required for stable communications
- Redundant generator / UPS systems with aggressive PM
• Redundant circuits – diverse media
e.g.: DS-3 and VPN on business-class cable modem, 4G, VSAT
• Physical path diversity: backhoe example
• Good relationship with service providers. Know escalation paths!
• TSP on critical circuits
http://www.dhs.gov/telecommunications-service-priority-tsp
• Document and test “failover” processes
© 2013 Cisco and/or its affiliates. All rights reserved.
20
• Resiliency: Where does my data live? Known hazards?
• Resiliency: Backup and Restore documented and tested
• Redundancy: Redundant HW, network, power, etc.
• Redundancy: Options for local production and cloud DR instances
• Security: Who has access and control?
• Security: Do provider’s security measures meet requirements?
© 2013 Cisco and/or its affiliates. All rights reserved.
21
• Increased Flexibility
• Decreased TCO
• Unified Communications
(voice, video, chat, voicemail, fax)
• “Survivable” solutions
resilient to server failures
• Cloud services – do your homework!
• Proper design is imperative
(Capacity, Quality of Service)
• Underlying network must be stable
© 2013 Cisco and/or its affiliates. All rights reserved.
22
• Enhanced collaboration experience
• Real-time information for situational
awareness (CCTV surveillance /
traffic cameras, analytics)
• PC Desktop screen sharing
capabilities
• Dedicated VTC units, PC,
smartphone, tablet apps
• Web-based services for meetings
• Video walls for common
operational picture
© 2013 Cisco and/or its affiliates. All rights reserved.
23
• VPN Software allows Work-from-Anywhere flexibility
• Hardware Solutions for single, multi-user sites or vehicles
© 2013 Cisco and/or its affiliates. All rights reserved.
24
• BYOD (Smartphone / Tablet)
• Laptops and USB Dongles
• Backup connection methods
• Guest vs. Trusted user access
• Interference mitigation technology
• WiFi:
2.4/5.8 GHz - shared
4.9 GHz Public Safety Exclusive
• 4G/LTE:
Commercial networks
FirstNet 700 MHz for Public Safety
© 2013 Cisco and/or its affiliates. All rights reserved.
25
• More than just radios!
• Voice, Video and Data sharing
• 5 Rights of Emergency
Communications:
•
•
•
•
•
Right Information
Right Time
Right Person
Right Format
Right Device
• Many solutions: choose carefully
(and implement even more carefully)
• Poorly implemented interop solutions cause more harm than good
© 2013 Cisco and/or its affiliates. All rights reserved.
26
© 2013 Cisco and/or its affiliates. All rights reserved.
27
• Give employees (and volunteers) the proper training to operate in
sub-optimal environments
• Ensure periodic opportunities to learn updated processes and
technology
• Set goals for each individual in what they are expected to do in
each situation
• Seek feedback on how to improve processes after exercises and
actual events
© 2013 Cisco and/or its affiliates. All rights reserved.
28
• Design realistic scenarios:
Success can build morale, and stress helps find weaknesses
• Develop exercise injects based on real-world issues
• Include EOC Building evacuation scenarios often overlooked
(e.g. fire alarm, hazmat, bomb threat)
• Involve your PIOs and IT and other support staff
in addition to traditional responders
• Test failover and relocating to alternate sites:
Do all critical processes and tools still work?
• Document results, seek feedback and work to improve
for “next time” - on a real incident or exercise
© 2013 Cisco and/or its affiliates. All rights reserved.
29
© 2013 Cisco and/or its affiliates. All rights reserved.
30
 On Cisco.com:
http://www.cisco.com/go/tacops
 Email: tacops-info@cisco.com
 Facebook: Cisco TACOPS
http://www.facebook.com/cisco.taco
ps
 Twitter: @CiscoTACOPS
 Slideshare.net: ciscotacops
© 2013 Cisco and/or its affiliates. All rights reserved.
31
• Cisco Tactical Operations: please
engage with us and tour our vehicles!
• Connected EOC
Concept and Design
• IT/Security Considerations
• EOC Communications Suite
Resiliency
Redundancy
Voice/Video/Data
Interoperability
• Testing your solution
© 2013 Cisco and/or its affiliates. All rights reserved.
32
Thank you.
© 2013 Cisco and/or its affiliates. All rights reserved.
33
Related documents
WWW+Internet+networking - Edulink
WWW+Internet+networking - Edulink
CCENT 640-822 ICND1 Exam Topics Review
CCENT 640-822 ICND1 Exam Topics Review
IoT EBC Deck - Cisco Communities
IoT EBC Deck - Cisco Communities
7 Survival Skills - 21st Century Schools
7 Survival Skills - 21st Century Schools
Cisco and Qualcomm offer the latest in Carrier Grade Wi
Cisco and Qualcomm offer the latest in Carrier Grade Wi
AIR-CAP3702E-EK910
AIR-CAP3702E-EK910
SPN-5300-K9
SPN-5300-K9
if not using preferred method of corporate MPLS circuits
if not using preferred method of corporate MPLS circuits
Download