Deployment Review: Carlton Complex Fire + Cybersecurity
-
Upload
cisco-tactical-operations -
Category
Technology
-
view
375 -
download
0
description
Transcript of Deployment Review: Carlton Complex Fire + Cybersecurity
Carlton Complex Response
Cisco Tactical Operationswww.cisco.com/go/tacops
8/15/2014
Deployment Overview (w/Security deep dive)
Cisco Public 22© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Largest fire in WA history (256,000+ acres or 5x size of Seattle)
Multiple Zones, IMTs. Extremely complex management challenge.
Media reports: “significant communications challenges” for incident command teams (LA Times 7/21/2014)
The Carlton Complex Wildfire
Image: KHQ TV
Cisco Public 33© 2013-2014 Cisco and/or its affiliates. All rights reserved.
TACOPS / DIRT response: 3 TACOPS (2 SJ, 1 RTP) + 1 DIRT (SJ) volunteer on scene
Vehicles: NERV-2, Utility-2 + VSAT Trailer
Kits: Two ECKs (not used), Warrior 141, RRK 101 & RRK 102
The Cisco Response
Cisco Public 44© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Similar scenario to 2012 Waldo Canyon Fire response: Type I Incident Management Team support, other mission critical teams, and a morale network for firefighters & support staff.
New capabilities enabled us to deploy +users +security +reliability vs 2012
Two mesh networks deployed at first site + RRK, Mesh network deployed at second site.
Across our networks, we supported over 673 unique devices, transferred 60+ GB of data
Network Deployment
Cisco Public 55© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Clean Air (1550) / Meraki Air Marshal (MR 66, MR 62) Wifi enabled strong signals even in the face of significant RF congenstion (55 rogue APs at site one!)
Multiple backhaul: 4G LTE backhaul primarily used, VSAT as secondary.
First deployment by TacOps of Meraki tech: MX60W (RRK), MX60, MR66/62 – all worked amazingly well!
Strong QoS / Traffic Shaping: Allowed for efficient useof b/w by mission critical and non-mission critical users. 750+ usersat site one, 100 users at site two. Layer 7 firewall for permitted traffic.
Active Security Management: Ironport WSA, Meraki + SourceFire enabled us to activelyidentify and protect against hostile traffic in real time. 30+ “high risk” attacks stopped against the IMT at Site 1.
Enhanced Capabilities
Cisco Public 66© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Hastily formed networks (HFN) often overlook security – no such thing as a CSO in a disaster.
A huge risk for first responders.
TACOPS capabilities have integrated security atmultiple levels to protect our customers:firewall, VPN, IDS/IPS, etc.
At Carlton Complex, we used Ironport for mission critical security management,Meraki + Sourcefire cloud solution formorale wifi networks
Important to have buy in from COML/agency support!
Managing Infosec In Emergencies
Cisco Public 77© 2013-2014 Cisco and/or its affiliates. All rights reserved.
RRK 102 @ Firefighter Maintenance Support RRK 101 @ Incident Management Team
Real-time reporting enabled real-time response
Cisco Public 88© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Layer 7 firewalls – application level inspection & policy.
We implemented policy to block inappropriate content, prioritize mission critical traffic over morale traffic, had deep knowledge about who was using the network, and for what.
We don’t control the end devices: true “BYODD” (Bring Your Own Device to the Disaster) support. Policy is in the network, not the end devices.
Cisco Public 99© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Thank you.