Military XMPPServer, Gateway and Client Software for Standard and Constrained Networks
Isode provides XMPP server, gateway and client products ideally suited to military deployments over both internet quality networks and constrained networks (low-bandwidth and/or high-latency links such as SatCom and HF Radio).
What Isode Provides
Isode provides clients, gateways and servers for deployment as part of a military XMPP solution:
- M-Link User Server: Robust and scalable XMPP server with features important for military deployment.
- IRC Gateway: Gateway between XMPP Multi-User Chat rooms and Internet Relay Chat (IRC) Channels.
- XMPP Boundary Guard: M-Link Edge allows for the application of boundary controls on cross domain traffic, either independently or in conjunction with a High Assurance Guard.
- XMPP Messaging for Constrained Networks: Isode's XMPP products for constrained network operations enable efficient use of 1:1 and multi-user chat over HF and SatCom networks.
- Forms Discovery & Publishing: Publishing, share and subscribe for structured forms (such as MEDEVAC).
- XMPP Client: Swift multi-platform XMPP client.
Instant Messaging is becoming an increasingly important communication option militaries, particularly for sharing communication with a large number of users with Multi-User Chat capabilities. Voice and video communications are often impractical due to networking constraints and/or operational characteristics. Email or formal messaging are often too slow and cumbersome where information sharing and associated decision making need to happen very quickly.
M-Link User Server
Isode's M-Link User Server is a robust and scalable XMPP server for use over standard quality network links. Isode has incorporated into all M-Link products features that make them the natural choice for instant messaging and presence in military, intelligence and government deployments. These features include:
- Security labels according to XEP-0258: Security Labels in XMPP.
- Windows SSO.
- Strong Authentication (based on X.509 Public Key Infrastructure).
- Clustering to provide resilience against node and site failure.
- Short and long term message archiving and archive search.
The M-Link IRC Gateway functions as a gateway between XMPP Multi-user chat rooms and IRC channels. The Gateway server uses the IRC client to server protocol to connect to IRC, in order to maximise interoperability with different IRC servers. Connections to IRC channels are totally transparent to XMPP MUC users with no downgrade of security for XMPP users. Security label support is retained with translation to IRC users as FLOT (First Line of Text) labels in IRC messages.
XMPP Boundary Guard
Standard XMPP deployment assumes Internet-like direct connectivity with all servers. Military deployments typically need boundary and cross domain protection to work with partners. Isode's M-Link Edge product provides this capability for XMPP either operating on its own or in conjunction with a High Assurance Guard.
M-Link Edge can validate, constrain and transform the XMPP messages it handles. M-Link Edge enables boundary controls to be completely independent of the core XMPP service and, as a boundary service provided by M-Link Edge, can support multiple XMPP servers within an organisation.
XMPP Messaging for Constrained Networks
Many military deployments will use network links with poor and variable quality. High latency is a particular problem for XMPP deployment, because of the requirement to avoid handshaking. Two M-Link products are specifically designed to overcome the issues of working in such environments; M-Link Constrained Network Server and M-Link Constrained Network Gateway.
Product capabilities for constrained networks are described on the product page for these two products as well as in the whitepaper [Operating XMPP over HF Radio and Constrained Networks]. They include:
- Stream Compression.
- Roster Versioning.
- Presence Stripping.
- Optimized Server-to-Server Protocol.
Federated Multi-User Chat
In normal operation a multi-user chat (MUC) room is associated with a single XMPP server and can be joined by clients on local or remote servers. This architecture leads to a number of problems in constrained network situations, including users on servers other than the one hosting the MUC room being disconnected from the MUC in the event of a link failure.
Isode's solution to the problems of standardized MUC is to federate the provision of this service, just as the distribution of XMPP servers federates the provision of 1:1 chat and presence. A Federated MUC (FMUC) room can comprises two or more MUC rooms on separate servers. Participants in each local MUC Room will have the effect of participating in the single Federated Room. For more information, see the Isode whitepaper [Federated Multi-User Chat: Efficient and Resilient Operation over Slow and Unreliable Networks].
Forms Discovery & Publishing
Forms are widely used in military operations, where there is a need to handle forms (such as Medical Evacuation or "MEDEVAC" forms) quickly and share completed forms with a large number of parties who may need to take action, such as helicopter services, emergency vehicles and medical facilities.
Both the M-Link User Server and M-Link Constrained Network Server enable flexible Forms Discovery and Publishing (FDP) using the protocol described in XEP-0346. FDP provides a mechanism to allow M-Link to store a list of Topics and associated form templates that can be retrieved and completed by an FDP-aware client. Once the completed form is submitted back to the Server, interested parties who have subscribed to the Topic will be immediately notified that a new instance of the form has been completed.
Isode's Swift XMPP Client is a multi-platform, open source client for instant messaging and multi-user chat available for Windows, Linux and Mac OSX, with commercial support contracts available from Isode. Swift contains many features which make it ideal for use in secure environments, including:
- Security labelling of messages and MUC rooms.
- Message delivery acknowledgements.
- Strong authentication, which can be used with smart cards.
- Trellis display of multiple MUC rooms.
- Custom alerts and colour coded highlight rules based on keywords and sender.