Military MessagingServer, Gateway and Client Software for Standard and Constrained Networks
Isode provides the products needed for a complete high functionality Military Message Handling System (MMHS) system. This includes a Web Client and server support for STANAG 4406, ACP127 and SMTP protocols, including gateways between these protocols following ACP145 and MIXER. Isode products are ideal for deployment on high speeds networks, over HF Radio and in other degraded and constrained bandwidth environments.
What Isode Provides
Isode provides clients, gateways and servers for deployment as a Military Message Handling System (MMHS):
- ACP127: M-Switch products provide full support for ACP127 and related protocols.
- STANAG 4406: Isode's M-Switch X.400 includes full support for STANAG 4406 (including Annex E for Constrained Network Environments).
- ACP145: Isode M-Switch MIXER can, together with M-Vault (an ACP133 military directory) be configured as an ACP145 Gateway to convert between national variants of STANAG 4406.
- MMHS over SMTP: M-Switch SMTP can provide full MMHS capabilities based on the industry standard SMTP mail protocol.
- MMHS Client: Isode's Harrier web based military MMHS client is a modern interface to military messaging compatible with Isode's server products and Microsoft Exchange.
- HF Radio: M-Switch products support a number of MMHS protocols over HF, most of which operate over STANAG 5066. These may use Isode's Icon-5066 is a modem-independent STANAG 5066 server. This supports NATO BRASS ACP 127 operation and NATO BRE1TA with modern protocols..
All Isode MMHS Server products can be deployed as a Local MTA providing one or more of Isode's supported protocols or as a gateway between any of the listed protocols as well as SMTP and X.400.
Products are additionally optimised for operation in Constrained Network Environments including support for:
- ACP 142 (both S4406 Annex E and MULE (RFC 8494 SMTP Multicast Email), providing NATO BRE1TA support.
- ACP127 over HF, including NATO BRASS (Broadcast and Ship to Shore).
- CFTP (sometimes known as Battle Force Email/BFEM).
ACP127 is a text based protocol for formal military messaging. M-Switch provides full support for ACP127 and related military protocols, including ACP126, ACP128, JANAP128 and DOI103S. This includes gateway capabilities to SMTP and STANAG 4406. Isode also provides full support for operation over HF Radio and in particular for BRASS (Broadcast and Ship to Shore) deployments. More details can be found on the M-Switch ACP127 add-on page.
STANAG 4406 is the NATO Standard for formal military messaging. Used for both Strategic and Tactical messaging, STANAG 4406 has a number of special protocols to support tactical messaging, in particular to support very low bandwidth links such as HF radio (STANAG 4406 Annex E) and to support receivers in Emission Control (EMCON) mode who can receive but not send data.
Isode's M-Switch X.400 is fully compliant to the STANAG 4406 standards and architecture and can additionally be configured as a gateway to all other messaging standards supported by M-Switch X.400 and M-Switch STMP. More details can be found on the M-Switch STANAG 4406 Military Messaging page.
National variants of military messaging protocols have led to a situation where interoperability between national MMHS systems is not guaranteed. ACP145 has been defined in order to overcome this problem, and is a complete protocol definition for international inter-working. The ACP145 specification has led to a requirement for "ACP145 gateways", which convert between the national variants of MMHS and ACP145. M-Switch MIXER, alongside M-Vault (an ACP133 Military Directory) can be deployed as an ACP145 Gateway, and including support for Security Labels and Message Digital Signatures.
Use of M-Switch MIXER also enables national networks using SMTP and S/MIME to be connected using ACP145. Further details can be found in the Isode whitepaper [ACP145: Isode Support of International MMHS Gateways].
MMHS over SMTP
Full military messaging can be provided over the widely used and industry standard SMTP (Simple Mail Transfer Protocol) protocol. SMTP infrastructure can be shared between MMHS and informal email, reducing management overheads and to support communities where only partial MMHS capability may be required, or communities where a small subset of users require MMHS capability, without the requirement of deploying a separate MMHS infrastructure.
M-Switch SMTP features support for the wide range of Open Standards necessary to deliver military messaging over SMTP, including:
- RFC 6710: SMTP Extension for Message Priorities
- RFC 6477: Registration of MMHS Header fields for use in Internet Mail
- RFC 7444: Security Labels in Internet Mail
- RFC 8494: Multicast Email (MULE) over Allied Communications Publication (ACP) 142
This is described in the whitepaper [Military Messaging (MMHS) over SMTP].
Harrier MMHS Client
Harrier is Isode's web based military messaging client. Developed from the ground up with the needs of military messaging in mind, Harrier brings a modern user interface to military messaging and can be deployed as part of a solution using any of the messaging protocols supported by Isode's M-Switch family of MTAs and Gateways.
Harrier provides all of the features needed for MMHS, including Security Labels, Action/Info Priority, DTG, Reply-By, Expires, Processing Time Warning, SICs (Subject Information Code), Message Type, Handing/Message Instructions, Digital Signature using S/MIME, Encryption using S/MIME Triple Wrap and Draft and Release. More information on Harrier can be found on the Harrier product page.
MMHS Server Capabilities
The M-Switch server and associated management tools provide a number of capabilities available for all protocols:
- Security Label Access Control. Security labels extracted from any of the supported protocols can be used to control delivery and routing.
- Security Label Conversion. Security labels can be converted between different formats and policies.
- Digital Signature and Encryption Conversion. Messages can be signed at the boundary to support protocol conversion and transfer between different security domains.
- Message Tracking. Supports end to end tracking based on delivery reports and read receipts.
- Message Vetting.
- Message Correction in support of "Fire and Forget".
- Message Distribution, including: STANAG 4406 Distribution Lists; SMTP Distribution Lists; ACP127 AIGs and CADs; Military Address Lists.
- Operational Statistics.
- Alerts to show local and remote operators when messages are delayed or components need attention.
- Operator Support. GUI support for Message Operators, which is important for support over slow and unreliable networks, and is particularly important where ACP 127 is used.
HF Radio Support
M-Switch contains specific support for HF Radio, in particular to support the NATO BRASS environment as described in [Isode's Solution for BRASS (Broadcast and Ship to Shore)].
Isode recommends the ACP 142 protocol described in [ACP 142: SMTP & STANAG 4406 Messaging for Constrained Networks], which gives efficient multicast and EMCON support. ACP 142 is used in NATO BRE1TA, described in [From BRASS to BRE1TA: Improving HF Communications Now and in the Future]. Other HF messaging protocols are described in [Messaging Protocols for HF Radio].
Apart from some BRASS protocols, these protocols operate over STANAG 5066 and may use Isode's Icon-5066 is a modem-independent STANAG 5066 server. STANAG 5066 provides a link layer optimized for HF Radio and described in the whitepaper [STANAG 5066: The Standard for Data Applications over HF Radio].
Constrained Network Environments
Isode’s MMHS products have a range of capabilities to support Denied Degraded Communications and Control Environments (D2C2E), which includes but is not limited to HF Radio. M-Switch supports efficient operation over a range of networks, including EMCON support.
Isode's core approach is to provide optimized server-to-server communication, as this enables maximum efficiency to be obtained from the underlying networks, and isolates clients from those underlying networks. This allows use of standard clients, as specialized functionality is provided by the servers. Clients can connect directly to the Isode servers, or indirectly via other servers.
For more information see the M-Switch Constrained Networks product page.