FAS | Intelligence | Programs | Disseminate |||| Index | Search |


FAS Project on Intelligence Reform

Defense Data Network (DDN)
Defense Secure Network (DSNET)

The Defense Information Systems Agency (DISA) operated the Defense Data Network (DDN) for the purposes of supporting wide area data communications requirements of the Department of Defense. Because the packet switch nodes (PSN) of the DDN were not trusted to simultaneously support traffic of different classification levels, four worldwide sub-networks were deployed. The PSNs of different classifications are physically separated. The classified circuits are encrypted so they may share a common trunking infrastructure.

The four sub-networks of the DDN are: While MILNET and DSNET 1 were common user networks, DSNET 2 was dedicated to supporting the Worldwide Military Command and Control System (WWMCCS) and DSNET 3 was dedicated to supporting the DoD Intelligence Information System (DODIIS). All networks were operationally controlled by DISA. However, for the sake of convenience, DISA had an Memorandum of Agreement (MOA) with DIA to physically manage the day-to-day operations of DSNET 3.

In September 1991, OSD directed DISA to implement the Defense Information Systems Network (DISN). In addition to consolidating all service agency transmission multiplexor infrastructures, it called for the consolidation of all service and agency Internet Protocol (IP) router networks. The transmission infrastructures would be consolidated by converting all service and agency multiplexor networks to the same hardware base, the NET IDNX. While the specifics of consolidating the router networks vary between DISA and the various router network managers, DISA is centrally operating at least two worldwide IP router networks, one for the sensitive but unclassified (N) environment, NIPRNET, and one for the secret (S) environment, SIPRNET.

The NIPRNET is comprised of the former DLA Corporate Network (DCN) in the CONUS, the former DDN Pilot Network, also in the CONUS and extensions into the Pacific and Europe. The former Pilot Network portion of the NIPRNET has been renamed the Joint Interconnection Service (JIS) because it serves as a central network with which routes are available to facilitate reachability with the various router networks to include the Global Internet.

As the SIPRNET was being deployed, there did not appear to be a sufficient subscriber population to warrant a TS IPRNET. The TS/SCI requirements were integrated in the DIA sponsored Joint Worldwide Intelligence Communications System (JWICS). Ultimately, the JWICS will come under DISA control.

All circuits to the maximum extent possible are routed over the IDNX multiplexor infrastructure. Line speeds for the IP router networks vary from 9.6 kbps to T-1. Interfaces supported include all primarily serial and ethernet connections. The networks are managed by centers located in Columbus OH, Vaihingen, GE, and Wheeler AAF, HA. The networks offer Domain Name Service and will support GOSIP protocols. The Defense Message System is supported on the IPR router networks. All classified networks are appropriately protected with a combination of physical protection at the router and KG encryption for exposed circuits.

In Fall of 1992, a study was conducted and it was determined that the DDN should be phased out and its requirements be satisfied by IPR router networks. As a result, DISA orchestrated an effort to phase out the four sub-networks of the DDN to be completed by October 1995.

Sources and Methods



FAS | Intelligence | Programs| Disseminate |||| Index | Search |


http://www.fas.org/irp/program/disseminate/ddn.htm
Created by John Pike
Maintained by Steven Aftergood

Updated Friday, February 11, 2000 5:40:06 AM