Category: HF Radio

Posted on

Red/Black – 2.1 New Capabilities

Overview

This release adds important new functionality and adds further device drivers to Red/Black, a management tool that allows you to monitor and control devices and servers across a network, with a particular focus on HF Radio Systems.  A general summary is given in the white paper Red/Black Overview.

Rules

Red/Black 2.1 adds a Rules capability that allows rules to be specified in the Lua programming language, which allows flexible control.    Standard rules are provided along with sample rules to help creation of rules useful for a deployment.  There are a number of rule capabilities:

  • A basic rule capability is control based on device parameter values.   Rules can generate alerts, for example to alert at operator at selected severity when a message queue exceeds a certain size.
  • For devices with parameters that clearly show faults or exception status,  standard device type rules are provided that will alert the operator to the fault condition.   This standard rule can be selected for devices of that type.
  • Rules can set parameters on devices, including control of device actions.   For example, this can be used to turn off  a device when a thermometer device records a high temperature.
  • Rules can reference devices connected in the communications chain.  For example a rule can be created to alert an operator if the frequency used on a radio does not match the supported frequency range of a connected antenna.
  • Rules can be used to reconfigure (soft) connectivity, for example to switch in a replacement device when a device fails.

Snapshot

Configuration snapshots can be taken, reflecting the current Red/Black configuration, and Red/Black configuration can be reset to a snapshot. The capability is intended to record standard operational status of a setup to allow convenient reversion after temporary changes.

eLogic/Leonardo Radio Gateway driver

The eLogic/Leonardo Radio Gateway provides conversion between synchronous serial and TCP, with multiple convertors in a single SNMP-managed box.  A key target for this is data connectivity to remote Tx/Rx sites.  The Red/Black driver enables configuration as TCP to Serial and Serial to TCP modes, enabling a Red/Black operator to change selected modem/radios.  

Web (http) Drivers

Red/Black 2.1 has added an internal Isode framework which allows drivers to manage devices or servers via HTTP(S). This is being used in a number of new drivers, and is Isode’s preferred approach for managing devices. New drivers are:

  1. M-Link.   Allows monitoring of M-Link servers, showing:
    1. Number of connected users.
    2. Number of peer connections.
    3. Number of queued stanzas.
  2. Icon-5066.  Controlling  STANAG 5066 product:
    1. Enable/Disable node
    2. Show STANAG 5066 Address
    3. Show Number connected SIS clients
    4. Show If flow is on or off
  3. Icon-PEP.  Providing:
    1. Enable/Disable service
    2. Show number of TCP connections
    3. Show current transfer rate
  4. Sodium Sync.   Providing:
    1. Number of synchronizations
    2. Last synchronization that made changes
    3. List of synchronizations not working correctly
    4. Alerts for failed synchronizations
  5. Supported Modems.   This replaces drivers working directly with modems included in Icon-5066 3.0.   The new driver talks directly to Proxy Modem or to Icon-5066 where Proxy Modem is not used.  This displays a wide range of modem parameters.   Various modem types can be selected to display appropriate information from the connected device:
    1. Narrowband Modem.
    2. Narrowband Modem with ALE.
    3. Wideband Modem.
    4. Modem/Radio combined variants of the previous three types.

Other

  • Parameter Encryption.   Red/Black can securely store parameters, such as passwords, to prevent exposure as command line arguments to device drivers.
  • Device Ordering.   Devices are now listed in alphabetical order.
  • Alert Source.  Alerts now clearly show where they are generated (Red/Black; Rule; Device Driver; Device).
  • Link to device management.   Where Red/Black monitored devices have Web management, the URL of the Web interface can be configured in Red/Black so that the management UI can be accessed with single click from Red/Black.
Posted on

Icon-PEP 2.0 – New Capabilities

Icon-PEP supports operation of IP applications over HF networks using STANAG 5066 Link Layer

Listed below are the changes brought in with 2.0.

Web Management

A web interface is provided which includes:

  • Full configuration of Icon-PEP
  • TLS (HTTPS) access and configuration including bootstrap with self signed certificate and identity management.
  • Control interface to enable or disable Icon-PEP
  • Monitoring to include:
    • Access to all logging metrics
    • Monitoring GRE traffic with peered routers
    • Monitoring IP Client traffic to STANAG 5066
    • Monitoring DNS traffic
    • Monitoring TCP traffic with details of HTTP queries and responses

Authentication and Authorization

OAuth support added to control access to monitoring and configuration.

NAT Mode

A NAT (Network Address Translation) mode is introduced which supports Mobile Unit mobility for traffic initiated by Mobile Unit.   Inbound IP or SLEP (TCP) traffic will have address mapped so that traffic on shore side appears to come from the local node.  This avoids the need for complex IP routing to support traffic to Mobile Units not using fixed IP routing.

Other Features

  • Product Activation, including control of the number of Units
  • Filtering (previously IP client only) extended to SLEP/TCP
Posted on

Icon-Topo 2.0 – New Capabilities

Icon-Topo supports Mobile Unit (MU) mobility between HF Networks, enabling application communications over a wider area than can be achieved with a single ground station. It provides a way to schedule the movement from one HF network to another, ensuring that as an MU goes about its deployment the communications network is kept up and running.

The below is the list of changes brought in with version 2.0:

ACP 127 Support

Mobile Units (MUs) can be configured as “ACP 127 only” with routing over M-Switch ACP 127 broadcast circuits.  ACP 127 MUs can be moved between broadcast on different HFAPs using Icon-Topo schedules.  When messages are routed between HFAPs following routing change,  ACP 127 will be used to transfer messages between HFAPs if an ACP 127 circuit is configured.  Otherwise the message will be protocol-converted to SMTP or X.400 (and converted back to ACP 127 on the new HFAP).

This capability allows flexible MU movement between HFAPs.   Note that MU ACP 127 configuration must be done manually.

XMPP Support

Icon-Topo now supports configuration of M-Link XMPP routing for MU, HFAP and FAREP.  This requires M-Link 19.3 Edge (FAREP)  or M-Link 19.3 MU Gateway (HFAP and MU).  This provides full MU mobility for XMPP services.

General

Four important new features are provided:

  1. HTTPS (HTTP over TLS) access is provided for Icon-Topo configuration server.   Self signed certificate will be generated.  A standard certificate can be configured.
  2. Directory access using LDAP from configuration and update servers may be configured to use TLS
  3. M-Switch access from update server may be configured to use TLS.
  4. Isode Product Activation now controls both configuration and update servers.

Posted on

Red/Black 2.0 – New Capabilities

This major release adds significant new functionality and improvements to Red/Black, a management tool that allows you to monitor and control devices and servers across a network, with a particular focus on HF Radio Systems.  A general summary is given in the white paper Red/Black Overview

Switch Device

Support added for Switch type devices, that can connect multiple devices and allow an operator (red or black side) to change switch connections.   Physical switch connectivity is configured by an administrator.  The switch column can be hidden, so that logical connectivity through the switch is shown.

SNMP Support

A device driver for SNMP devices is provided, including SNMPv3 authorization.   Abstract devices specifications are included in Red/Black for:

  • SNMP System MIB
  • SNMP Host MIB
  • SNMP UPS MIB
  • Leonardo HF 2000 radio
  • IES Antenna Switch
  • eLogic Radio Gateway

Abstract devices specifications can be configured for other devices with suitable SNMP MIBs.

Further details provided in the Isode WP “Managing SNMP Devices in Red/Black“.

Alert Handling

The UI shows all devices that have Alerts which have not been handled by operator.   The UI enables an operator to see all un-handled alerts for a device and gives the ability to mark some or all alerts as handled.

Device Parameter Display and Management

A number of improvements have been made to the way device parameters are handled:

  • Improved general parameter display
  • Display in multiple columns, with selectable number of columns and choice of style, to better support devices with large numbers of parameters
  • Parameter grouping
  • Labelled integer support, so that semantics can be added to values
  • Configurable Colours
  • Display of parameter Units
  • Configurable parameter icons
  • Optimized UI for Device refresh; enable/disable; power off; and reset
  • Integer parameters can specify “interval”
  • Parameters with limited integer values can be selected as drop down

Top Screen Display

The top screen display is improved.

  • Modes of “Device” (monitoring)  and “Connectivity” with UIs optimized for these functions
  • Reduced clutter when no device is being examined
  • Allow columns to be hidden/restored so that the display can be tuned to operator needs
  • Show selected device parameters on top screen so that operator can see critical device parameters without needing to inspect the device details
  • UI clearly shows which links user can modify, according to operator or administrator rights
Posted on

Icon-5066 3.0 – New Capabilities

We are thrilled to announce the latest update to our STANAG 5066 server, Icon-5066. With this new release, we’ve incorporated a host of exciting features and enhancements, designed to not only add new functionality to your deployment but also increase the performance of your HF Radio Network.

The below is a list of the changes, and updates that can be found within Icon-5066 v3.0.

ALE Management

This major new feature enables management of ALE configuration independent of ALE implementation and allows easy sharing of configuration between nodes.  This capability is supported for modems where Isode provides ALE support.  Key features:

  • Web configuration of HF Network for each Icon-5066 node.
  • Configuration of Node ALE addressing, with support for 2G, 3G and 4G.
  • Support for fixed frequency (not using ALE for a network)
  • Configuration of HF Frequency list with options for narrowband and wideband
  • Configuration of schedules for used with ALE or fixed frequency.   This enables the frequencies used to be changed at configured times so that appropriate frequencies are used for an ALE network throughout the 24 hour cycle.
  • Import/Export of configuration, to enable easy sharing of configuration between nodes.   Model is that you configure ALE setup on one node and the transfer to other nodes.

Security

Two important security enhancements are included:

  1. Use of OAuth to control which operators can access Icon-5066.
  2. Support of TLS which includes:
    1. HTTPS Web Access
    2. TLS Support for GCXP to support Modem Proxy (crypto bypass) across a Red/Black boundary
    3. Web configuration of PKI setup of TLS

STANAG 5066 Ed4 Compliance

Icon-5066 is compliant to STANAG 5066 Ed4.   An overview of Ed4 is here.   Detailed Icon-5066 compliance is specified here

Most of these capabilities were in the previous release, but described as STANAG 5066 proposed extensions.   Interoperability has been tested with another Ed4 implementation.

SNR Monitor

A new option is provided to configure Icon-5066 as a modem monitor with a simple TCP monitoring protocol.  This is a general purpose capability, but is specifically targeted to support the ACP 127 FAB (Frequency Assignment Broadcast) capability in M-Switch to enable the FAB broadcast to report on measured link quality using a modem at a remote location. 

New Modem/ALE Support

The following ALE capabilities are added:

  • 3G ALE support for RapidM RM8 and RM10.
  • 4G ALE support for RapidM RM10

A new “Raw TCP” data option, which sends and receives data over simple TCP connection.   This generic capability can be used to exchange data with RapidM RM10 modem.

Management

Support for independent control of multiple STANAG 5066 nodes, so that on a system with multiple nodes nodes can be independently enabled and disabled by the Icon-5066 operator.

Red/Black Driver

A driver is provided for Isode’s Red/Black product to monitor Icon-5066.   Like the Red/Black driver for Isode supported Modems, this driver is distributed with Icon-5066, but will be picked up by a collocated Red/Black server.   It enables a Red/Black operator to enable/disable an Icon-5066 node and to monitor key parameters.

Product Activation

Icon-5066 servers are now controlled by Isode Product Activation.  This control includes:

  • Optional enabling of TLS.  This is helpful for export.
  • Control of the number of nodes available

Posted on

Successfully Managing HF Radio Networks

With the potential for new technologies to cause interference to traditional communications networks and even space itself at the risk of becoming weaponised, it is important to make sure that you always have a backup plan for your communications ready and waiting.

Should the worst happen and your primary network, typically SatCom, go down you need to ensure that you can still communicate with your forces wherever they are, and that communication needs to be fast,  simple and reliable. It also needs to be suitable for operation within degraded and denied environments.

That’s where HF Radio has a distinct advantage, utilising the ionosphere itself to relay communications and long-range radio signals. If you’re interested you can read more about the benefits of communications over HF Radio and how Isode is developing HF technology here.

When implementing new technologies, one of the challenges you can always expect to face is how you manage them and control how the important systems connect with one another. For HF Radio, that has always been a factor limiting its deployment, how do you ensure that mobile units remain connected to your HF network as they move from one location to the next?

This can now be done by our latest HF Radio enhancement product, Icon Topo. 

Icon Topo is a state of the art, web-based management system for HF Radio networks. The management system allows an operator to monitor and control the location of Mobile Units such as ships or aircraft, ensuring that as they move from one HF Access Point to another they can remain connected to your communications network.

The Icon Topo system allows you to manage your Mobile Units across multiple HF Networks, and plan a connection route for them as they do so, all from an easy forms-based interface. Removing any interruptions to service or downtime from applications as the MU moves across its intended path.

You can read more on Icon Topo here.

Alongside our HF management system, we have also recently developed our Red/Black solution to manage encrypted data over HF networks.

Red/Black is a Web-based server that can provide control and monitoring of different devices and servers. This is intended to complement, not replace, primary device management tools. Red/Black servers can operate in a pair, to monitor and control devices across a secure boundary.

Our Red/Black servers are designed to support HF radio systems through the display and management of communication chains, as seen below. They allow separation of, and passage for encrypted information across restricted networks from a ‘high’ side to a ‘low’ side. 

You can read more about our Red/Black solution here

The above two products give you full oversight over your HF networks so that you can be confident you will retain complete control over what gets to connect to your HF network and how exactly they do it.

If you’d like more information on our HF products, or are interested in a product demo then get in touch with us on sales@isode.com, alternatively you can fill out a contact form on our website and one of our team will get back to you.