Email this Article Email   

CHIPS Articles: NMCI Continues to Provide Solutions for Sailors and Marines

NMCI Continues to Provide Solutions for Sailors and Marines
Services Include Convertible Laptops, a Hosted Virtual Desktop, Win 7
By Naval Enterprise Networks (PMW 205) Public Affairs - January-March 2012
With all of the excitement surrounding the release of the Next Generation Enterprise Network (NGEN) Request for Proposal (RFP), the operation of the Navy Marine Corps Intranet (NMCI) continues to mature with the implementation of new solutions and security measures designed to help Sailors and Marines perform their mission critical tasks more effectively and efficiently.

The Naval Enterprise Networks (NEN) program office, which manages the NMCI and NGEN programs, is deploying a number of new Navy initiatives including tablet laptops for Navy recruiters, a Hosted Virtual Desktop (HVD) capability, expanded support for smartcards used to authenticate the identity of NMCI users, an enterprise-wide operating system upgrade and improved end user hardware delivery times.

All of these items pace with today's technology and support the Department of the Navy's (DON) efforts to develop mobile solutions to provide access to the right data at the right time and in the right place.

"The importance of the current network to the DON is not lost on the program office," said Capt. Shawn P. Hendricks, NEN program manager. "We are focused on continuously improving NMCI to make it more agile, flexible and useful to our users. NMCI is critical to the day-to-day operations of supporting our Sailors and Marines."

Mobile Recruiter Initiative

In early 2011, the Navy Recruiting Command (NRC) approached the NEN program office with a request for a highly capable tablet-style laptop with a sufficient "wow factor" to be on par, if not exceed, the devices used by the Army, Air Force and Marine Corps recruiters in the common quest to recruit today's tech-savvy youth. Attempting to impress potential candidates with years-old laptop technology proved to be ineffective — Navy recruiters needed state-of-the-art technology to help them convey the image that today's Navy knows how to effectively utilize modern information technology.

The new Navy recruiter laptops also had to be highly capable in hardware computing power with built-in Wi-Fi and 3G (third generation mobile telecommunications) broadband radios, a tablet form factor to support taking candidate applications in the field, strong security with full-disk encryption that is Department of Defense (DoD) Common Access Card (CAC) enabled, electronically configurable and maintainable via the Internet. The mobile recruiter laptop had to fully support the needs of the Navy recruiter corps.

Working with the NRC, the NEN program office agreed to equip recruiters with a convertible laptop, one in which the screen can swivel 180 degrees into position to function as a tablet device with touch screen capabilities while retaining the full computing power and functionality of a traditional laptop. Apple's iPad and other dedicated tablet devices were considered, but ultimately the recruiters decided that tablets do not deliver the computing power and security capabilities that they need.

For security and maintainability, the Mobile Recruiter solution includes the capability to remotely manage and update recruiter laptops in the field, wherever they are being used. Through an agent-based (i.e., software installed on the laptop), mobile network access control (NAC) capability, security policy updates, software configuration changes and even new applications are electronically "pushed" to laptops over the Internet, while transparent to users.

The Mobile Recruiter initiative has essentially expanded the reach of the NMCI enterprise to the Internet-based mobile platform.

Three potential devices were identified and field tested by the NRC. In the end, the NRC chose the Hewlett-Packard (HP) Elitebook 2740p Tablet PC because it met the wow factor criteria, as well as ease of use, ample computing power, long battery life and price point. The NRC's initial order was for more than 4,800 Elitebook laptops.

Since the task order was awarded in May 2011, HP, the prime contractor for the NMCI, finished developing the solution and achieved Interim Authority to Operate (IATO) in just three months. HP ramped up production at its Mechanicsburg, Pa., staging facility to more than 105 seats per day, and seat shipments to the Navy Recruiting Districts (NRD) commenced soon after.

The NRC began rolling out Elitebooks to recruiters in early September 2011. The feedback from recruiters has been positive; the tablet laptops are appealing to potential recruits and are effective in increasing the recruiters’ productivity.

The device has been so popular that NRDs not slated to receive seats until later in the deployment schedule have asked to receive their laptops earlier.

“High school students are impressed when they see the technology I am using and can’t help but wonder what other futuristic technologies the Navy is using,” Naval Aircrewman 2nd Class Mickey Blasingame reported to the Chief of Naval Personnel following a demonstration of the Mobile Recruiter Initiative Kit, a convertible laptop, printer, scanner and speaker.

“The capabilities of the Mobile Recruiter solution have allowed us to complete double the tasks in literally half the time, boosting production and improving morale by allowing recruiters to shorten the average workday, all while saving countless dollars in travel and man-hours,” Blasingame said.

Hosted Virtual Desktop

In April, the NEN program office will begin a limited deployment of the Hosted Virtual Desktop solution, which is more commonly known as a thin client.

The HVD will use a new thin client device that is basically a keyboard, monitor and mouse with a CAC reader and Universal Serial Bus (USB) ports for local devices. The HVD connects to a server where all of its software and data are stored.

The difference between a regular workstation, also known as a thick client, and an HVD is the lack of a hard drive. It is replaced by a flash memory module, which contains a small, solid state drive. Each user will have an HVD and up to 30 gigabytes (GB) of network storage, replacing the traditional, stand-alone computer hard drive.

The advantage of an HVD is improved security, accessibility to data files and operational efficiency while decreasing operational costs. Benefits include:

• Deploys security patches and software updates on the server level rather than the individual workstation level, thereby increasing the productivity of users.

• Simplifies the day-to-day management of calls to the NMCI service desk. Currently, if a user has a problem with the computer system or an application, a service desk technician takes control of the user’s computer for remote repair. With the HVD, the issue can be fixed on the server level without affecting the user.

• Decreases the threat of a security breach because servers are equipped with more stringent security protocols than an individual workstation.

The key to making the HVD a viable replacement for a regular workstation is ensuring that the user experience — processing speed and access to storage, applications and the Internet — is equal to or better than a standard workstation.

Applications are one of the biggest challenges in implementing the HVD. Every application that an HVD user needs must be certified, virtualized and loaded on the server. Due to the certification and virtualization requirement, the HVD deployment will begin with unclassified desktop users who primarily rely on Microsoft Outlook and the Microsoft Office suite of applications.

Win 7 Deployment

The NMCI team completed a limited Navy deployment pilot (450 seats) of the Windows 7 operating system. Lessons learned from this pilot will benefit the enterprise deployment of Win 7. Applications and peripheral device drivers are being certified and the Navy’s enterprise-wide deployment began in January 2012.

The transition to Win 7 begins the NEN program office’s efforts to transition all NMCI seats from Windows XP to Win 7 prior to Microsoft’s April 8, 2014, end of life cycle support date. All seats with Win XP must be removed from the network after that date.

The initial Win 7 deployment will be to Non-secure Internet Protocol Router (NIPR) desktops deployed via seat refresh or new seat delivery processes. Other assets, including NIPR laptops, Secure Internet Protocol Router (SIPR) seats, “Deployable” seats, etc., will be Win 7 certified following the NIPR deployment.

Once all of the Win 7 solutions are available, user migration to Win 7 will become mandatory. An in-place upgrade is also under development to support those users on NMCI seats not eligible for technology refresh in the next two years.

With Win 7, users should expect enhanced NMCI user capabilities, such as faster file copying and the ability to multitask without affecting system performance through the new technologies, tools and software available on a Win 7 seat.

Increased Smartcard Support

The security side of NMCI has also improved via efforts to increase the use of smartcard credentials used for network authentication on both unclassified and classified NMCI seats. In August 2011, the NMCI team — working with Naval Network Warfare Command (NETWARCOM), Fleet Cyber Command (FLTCYBERCOM), the Navy Designated Approval Authority and the Naval History and Heritage Command (NHHC) — successfully demonstrated interoperability with Personal Identity Verification (PIV) smartcards issued by non-DoD agencies and departments.

A Department of Homeland Security (DHS) user assigned to NHHC successfully utilized the DHS PIV smartcard to enable a NMCI account and access the NMCI network.

The ability to utilize a DHS or other federal agency PIV to access the NMCI increases productivity and efficiency since a separate CAC would not need to be issued to a user.

Prior to the successful support of DoD-approved external identity credentials, it would have taken several days for the DHS user to be issued a DoD CAC. With FLTCYBERCOM and NETWARCOM now managing certificate trusts in NMCI, users issued non-DoD PIV credentials can access the NMCI and smartcard-enable their NMCI account as soon as their account is provisioned.

This accomplishment is also a significant milestone toward complying with Homeland Security Presidential Directive (HSPD) 12 and numerous DoD, DON and U.S. Navy policies that require the use of a standardized PIV identity credential to access government information systems.

On the classified side, the NMCI recently became the first DoD enterprise network to fully support the SIPRNET smartcard token for user authentication.

NMCI actively participated in a DoD initial operational test and evaluation (IOT&E) for a DoD-issued smartcard that will be issued to all SIPRNET users over the next two years. The smartcard will be used for authenticating user identity to SIPRNET networks and digitally signing and encrypting SIPRNET email, similar to how the CAC is used on the NIPRNET.

The DoD IOT&E also involved members of the Program Executive Office Command, Control, Communications, Computers and Intelligence (C4I), Space and Naval Warfare Systems Command (SPAWAR) System Centers Pacific and Atlantic, NETWARCOM, FLTCYBERCOM and the Office of the Deputy Chief of Naval Operations for Information Dominance (N2/N6).

The new SIPRNET capability resulted in the NMCI SIPRNET deployment of smartcard middleware, 90Meter’s Smartcard Manager, and a Web-based tool which enables a user’s account for use with a SIPRNET smartcard.

By implementing two-factor authentication using a SIPRNET smartcard token, network security is increased since a user must present something they have (the SIPRNET token) and something they know, the SIPRNET token’s personal identification number (PIN), prior to being granted access to the network. From a network user perspective, this capability also provides end users with an opportunity to contact the NMCI service desk and “enforce” their account for smartcard authentication, thereby eliminating the need to remember and frequently reset their SIPRNET account password.

The DoD Chief Information Officer released an Oct. 14, 2011 memo, “DoD SIPRNET Public Key Infrastructure Cryptographic Logon and Public Key Enablement of SIPRNET Applications and Web Servers,” which describes the plan to mandate enforcement of SIPRNET token authentication in mid-2013.

Five-day Seat Deployment

In September 2011, the program office began testing a five-day seat deployment initiative to speed up the delivery time of new workstations to Navy commands that did not require an installation of infrastructure.

When the NMCI Continuity of Services Contract (CoSC) began in October 2010, it took an average of 64 business days for a new seat to be delivered under the new contract (versus 25 business days under the original NMCI contract that ended Sept. 30, 2010) because under the CoSC workstations were procured as commands ordered them and were no longer forward supplied in a warehouse.

Hendricks and his staff worked with prime contractor HP Enterprise Services to identify an acceptable accelerated delivery timeline resulting in a “five-day deployment” from the time a new seat is ordered.

Many challenges were overcome in developing the five-day deployment initiative, including the development creation of a new request and delivery process. To date, two pilots with a total of 63 seats have been completed, validating the feasibility and success of a five-day deployment.

The program office is still analyzing and tweaking the process, but the five-day seat deployment initiative is expected to be available enterprise-wide in early 2012.

The NMCI team remains dedicated to continuous improvements in security, reliability, agility and effectiveness through the implementation of emerging technologies. While NGEN has the attention of the DoD, DON and industry, NMCI continues to provide the mission critical network services that support the men and women of the U.S. Navy and U.S. Marine Corps.

For more information contact the PEO EIS public affairs office at

Mobile Recruiter Initiative Kit--a convertible laptop, printer, scanner and speaker.
Convertible laptop--the screen can swivel 180 degrees into position to function as a tablet device with touch screen capabilities while retaining the full computing power and functionality of a traditional laptop.
Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer