Despite the problems being faced by those using SAAS–MOD,
the system has transformed ammunition management across the Army.
During our deployment to Operation Iraqi Freedom, the 13th Sustainment Command (Expeditionary) and units across the entire theater faced some significant challenges in working with the Standard Army Ammunition System-Modernization (SAAS–MOD). Most of those challenges were related to network configuration and lack of operator training.
SAAS–MOD is an automated ammunition management system that combines the functionality of theater and corps materiel management centers (MMCs), ammunition supply points (ASPs), ammunition transfer holding points (ATHPs), and a division ammunition office into two baselines. One baseline, SAAS MMC, is used for management functions, and the other, SAAS ASP, is used for storage functions.
The 8th software version of SAAS–MOD enabled secure file transfer protocol (SFTP) communication by means of either the Unclassified but Sensitive Internet Protocol Routing Network (NIPRNet) or a very small aperture terminal (VSAT) satellite dish. Most of the SAAS MMC computers were connected to the NIPRNET, and most of the SAAS ASP computers were connected to a VSAT. However, the mixture of these two networks, coupled with the unstable communications conditions in theater and lack of basic network knowledge by combat service support automation management officers (CSSAMOs) and users, resulted in several communications challenges throughout our deployment.
Communications Across Networks
The most common problem we encountered was getting computers that were on the NIPRNet to communicate with computers that were on the VSAT network. NIPRNet computers operate under much more intensive network security conditions, consisting of additional firewalls, intrusion detection systems, and closed ports on perimeter routers. The firewalls, in particular, make it hard for any computer outside the local network to connect to a computer inside the local NIPRNet. Most local network computers are set up with “private” Internet protocol (IP) addresses inside the firewall and a different “public” IP address on the outside. In order to connect two different computers, each must have a permanent public IP address and know the public IP address of the other machine. Some VSAT networks use a local mini-router that also has internal private IP addresses.
We discovered that many CSSAMOs do not know how to determine the public IP address of a machine. Some websites, such as http://whatismyip.com, can help determine your public IP address, but computers on a VSAT network are restricted from accessing “http” websites and can access only secure websites (“https”). Our logistics automation division chief coordinated with whatismyip.com to create a secure version of that webpage at https://whatismyip.com, allowing VSAT users to identify their public IP addresses. This measure significantly helped with the troubleshooting processes.
Once the public IP addresses are known, firewall exceptions must be submitted at both locations, each allowing the other public IP address to connect using bidirectional traffic, FTP on port 21 and SFTP on port 22. For computers on VSAT, the “local” directorate of information management (DOIM) is located at Fort Belvoir, Virginia. They must coordinate with their “local” DOIM and the network operations center to get intermediary firewalls cleared.
Configuring the ComSetup
The biggest training issue we found was that operators did not understand how to create accounts or how to configure their communications setup (ComSetup) to send and receive transactions. Having to set up two different accounts for each two-way data transfer is very confusing to most SAAS–MOD operators. First, in order to receive files from someone else, an account has to be created as a local user account in the Computer Management section of the Windows operating system, and this information (the user name and password) must be sent to all remote organizations that should be passing data to the operator. The remote organizations must enter that information in their ComSetups. In order for the operator to send data to someone else, the operator must get the user name and password from the remote organization (for the account that they create for the operator) and then enter that information in the operator’s
own ComSetup along with their Department of Defense activity address code (DODAAC) and IP address.
|The SAAS–MOD ComSetup window allows the operator to make the changes needed to allow the system to share information with a system on another type of network.
Interfacing With TAMIS
The last challenge we faced caught us unaware. It was initially unclear to CSSAMOs that ammunition requests flow up through a different system than SAAS–MOD. The Total Ammunition Management Information System (TAMIS) is the interface that allows SAAS–MOD to electronically request ammunition, reconcile and close out electronic documents, and provide accurate expenditure reports for Army ammunition managers. Because requests are electronically routed to designated ASPs and ATHPs, each ASP and ATHP must be electronically identified in TAMIS. In order for SAAS–MOD to correctly interface with TAMIS, entries must be made in the ComSetup window (see above) and the special four-character ASP identification code must be entered in the ASP profile. This is very confusing for operators who are not intimately familiar with the peculiarities of SAAS–MOD.
SAAS–MOD Configuration Guide
In an effort to solve these confusing training issues, the 13th Sustainment Command (Expeditionary) CSSAMO put together a comprehensive configuration guide, complete with screen shots and step-by-step instructions for units to properly configure their computers to send and receive data. The Ordnance Munitions and Electronic Maintenance School at Redstone Arsenal, Alabama, reviewed the guide and stated that it was the best guide on SAAS–MOD software change package 9 that they had seen. Anyone with an Army Knowledge Online account can obtain a copy of the guide at https://www.us.army.mil/suite/folder/7718450.
The guide, aimed at users in ASPs and ATHPs, walks the user through configuring entries in ComSetup so that they can send transaction data to the various SAAS MMC boxes above them. The graphic above shows the key boxes that must be filled in to configure SFTP correctly. (The information displayed is only an example.)
Although it has its challenges, SAAS–MOD has automated and transformed ammunition management across the Army. Nevertheless, a lack of understanding of the system can adversely affect the unit’s ammunition readiness and capability to fight. As leaders, we must understand the importance of logistics automation training in today’s modular Army. The SAAS–MOD configuration guide that the 13th Sustainment Command (Expeditionary) created has proven to be beneficial to units both in Iraq and across the Army.
Captain Martin Caban was the combat service support automation management officer for the 13th Sustainment Command (Expeditionary) during Operation Iraqi Freedom 06–08. He holds a bachelor’s degree in electronic engineering and is a graduate of the Signal Officer Basic and Advanced Courses.