In many military deployments, it is often necessary to run messaging systems over constrained networks (sich as HF, Wideband HF and SatCom). The low-bandwidth and/or high-latency nature of these networks makes use of standard messaging protocols impractical. Isode's Constrained Network Gateways enable the exchange of email and instant messages between standard messaging protocols and the constrained bandwdith variations of these protocols.
Isode's core approach to constrained networks is to use server-to-server communications, for two main reasons:
- It enables the use of standard clients products, without the need to adapt to constrained networks, with special protcols or configuration.
- It isolates the client from the network, and so isolates the user from network related performance issues.
In the diagram below, we can see a typical deployment scenario using standard messaging protocols where high quality links are available and specialised protocols (such as STANAG 4406 Annex E for military High-Grade/Formal Messaging and the optimzed server-to-server protocol for XMPP services) for diadvantaged, intermittent, high latency networks.
Isode provides gateways to mediate between standard and constrained links for both Email Messaging and XMPP services.
M-Link Constrained Network Gateway
M-Link, Isode XMPP server product, includes special capabilites to enable robust and reliable services over diadvantaged, intermittent and high latency networks, such as those running over HF Radio and SatCom connections. These are described in detail on the product page for M-Link Constrained Network Operations and include support for Federated Multi-User Chat (FMUC), stream compression, roster versioning, presence stripping and use of an optimized server-to-server protocol.
Configured as a constrained bandwidth gateway, M-Link can mediate traffic between XMPP services running on constrained networks and those running on internet quality links. The gateway, which does not support local directly attached users, acts as a single management point between standard and constrained bandwidth services including management of peering controls and security policy rules.
Isode provides a GUI tool, M-Link Console (MLC), with all M-Link variations to manage configuration over XMPP, and to provide server control and monitoring services.
MLC enables setup of strong authentication, routing configuration, filtering and controls associated with the peer, including security labels and the use of special protocols such as Optimized S2S to reduce handshaking on slow links, STANAG 5006 for use over HF Radio and custom integration for use with High Assurance Guards.
MLC additionally provides a range of monitoring capabilities including general service status & uptime, information on connected users & peers, general server statistics and detailed performance information. Multiple XMPP services can be monitored, including limited monitoring of XMPP servers other than M-Link. SNMP support is included, to enable monitoring of key server performance metrics with network management tools such as OpenView, or with Web applications.
M-Switch Constrained Network Gateway
Configured as a Constrained Network Gateway, M-Switch can be used as a Fixed Gateway interconnecting stategic and tactical networks (as shown in the diagram at the top of this page) or as a Mobile Gateway at a field HQ or onboard a ship, connecting between the radio/SatCom network and local messaging servers supporting users independent of the gateway.
The gateway provides constrained bandwidth support for Formal Military Messaging using STANAG 4406 (Annex E), ACP127 Formal Military Messaging and the US "DOI 103S" variant (using STANAG 5066), Internet Messaging (using BSMTP and ACP142), directory replication (using incremental update over email) and File Transfer by Email as set out in Applications for Military Radio & Satellite.
Like the core M-Switch product, the M-Switch Constrained Bandwidth Gateway features support for message precedence, digital signatures using S/MIME for SMTP messages and STANAG 4406 ed2 signatures, security labels, security label mapping and message tracking for reliable messaging. More information can be found on the page M-Switch: Constrained Networks & HF Radio.
Configuration of the ACP 142 channel and use of constrained networks is handled by Isode’s general configuration in MConsole, which also provides advanced monitoring. This monitors the M-Switch queues, giving additional information on ACP 142 traffic, including partially received and transmitted messages.
Management of M-Switch for constrained networks is discussed further in the whitepaper [The Architecture of Isode's STANAG 4406 Annex E Solution].
We welcome evaluations of our products and will make support resources available to you for the duration of your evaluation. Evaluation guides for all packages can be found on the relevant product evaluation page. You will need an evaluation password and a licence file which can be obtained by filling out this evaluation application form.