The National Security Agency — Operates more than 500 separate signals intelligence platforms Em...
1. Large domestic operating field sites
1.1. Columbia, MD
1.2. Friendship Annex, Linthicum, MD
1.3. Finksberg, MD
1.4. Bowie, MD
1.5. College Park, MD
1.6. Ft. Belvoir, VA
1.7. Fairfax, VA
1.8. Washington, DC
1.9. Ft. Detrick (Site R)
1.10. Camp Williams, UT
1.11. NSA Georgia (Ft. Gordon)
1.12. NSA Texas (Lackland AFB, San Antonio)
1.13. Greenville, TX
1.14. NSA Hawaii (Kunia)
1.15. NSA Denver (Aurora), co-located with CIA's National Resources Division
1.16. NSA Oak Ridge (Tennessee)
1.17. Yakima, WA
1.18. Winter Harbor, ME
1.19. Formerly: Sugar Grove, WV, Rosman, NC
2. NSA Product Lines
2.1. S2A: South Asia
2.2. S2B: China and Korea
2.3. S2C: International Security
2.4. S2D: Counter-foreign intelligence
2.5. S2E: Middle East/Asian
2.6. S2F: International Crime
2.7. S2G: Counterproliferation
2.8. S2H: Russia
2.9. S2I: Counterterrorism
2.9.1. S2IX: Special Counterterrorism Operations
2.10. S2J: Weapons and Space
2.11. S2T: Gelolocation — ?? ?? STJ TEG SIG GEO S4S
2.12. S2T3: NSA/CSS Threat Operations Center
2.13. S2X: ??
3. Main Databases
3.1. Aquador — Merchant ship tracking tool
3.2. NUCLEON — Global telephone content database
3.3. AIRGAP — Priority missions tool used to determine SIGINT gaps
3.4. HOMEBASE — A tactical tasking tool for digital network identification
3.5. SNORT — Repository of computer network attack techniques/coding
3.6. WIRESHARK — Repository of malicious network signatures
3.7. TRAFFICTHIEF — Raw SIGINT viewer for data analysis
3.8. TWISTEDPATH
3.9. BANYAN — NSA tactical geospatial correlation database
3.10. MAINWAY — Telephony metadata collection database
3.11. AGILITY
3.12. ASSOCIATION — Tactical SIGINT social network database
3.13. CREEK
3.14. MESSIAH/WHAMI — ELINT processing and analytical database
3.15. MARINA — Internet metadata collection database
3.16. SPITGLASS
3.17. PINWALE — SIGINT content database
3.18. FASCIA YELLOWSTONE
3.19. JOLLYROGER
3.20. TOYGRIPPE
3.21. SURREY
3.22. CADENCE
3.23. PROTON — SIGINT database for database for time-sensitive targets/counterintelligence
3.24. OCTAVE/CONTRAOCTIVE — Collection mission tasking tool
3.25. WRANGLER — Electronic Intelligence intercept raw database
3.26. ANCHORY — Main repository of finished NSA SIGINT reports (associated with MAUI)
3.27. GLOBALREACH
3.28. ONEROOF — Main tactical SIGINT database (Afghanistan), consisting of raw and unfiltered intercepts, associated with Coastline tool
4. NSA Field Stations — Remote collection and analytical facilities
4.1. F6: Special Collection Service HQ (Beltsville, MD) — Joint CIA/NSA field collection agency operating from embassies 600 employees
4.2. F7: Meade Operations Center — 24/7 SIGINT support to deployed military units
4.3. SORC/FP: Special Operations Readiness Cells (Focal Point) — Support to special operations forces as part of the Focal Point Special Access Program
5. Foreign Affairs Directorate — Liaison with foreign intelligence services, counter-intelligence centers, UK/USA and FIVE EYES exchanges
5.1. Office of Export Control Policy
6. NSA Acquisitions and Procurement Directorate
6.1. Program Executive Office — Oversees acquisition of major NSA backbone projects like TRAILBLAZER, CMM, REBA, JOURNEYMAN, and ICEBERG
6.2. Advanced Analytical Laboratory
6.3. Corporate Assessments Offices
6.4. Rebuilding Analysis Program Office
6.5. Knowledge System Prototype Program Office
6.6. Maryland Procurement Office
6.6.1. Acquisitions Program Manager for Signals Intelligence
6.6.2. Acquisitions Program Manager for Research
6.7. Acquisition Logistics Integrated Product Team
7. Information Assurance Directorate
7.1. IC: Cyber Integration Division
7.2. IE: Engagement Division
7.2.1. Client Engagement and Community Outreach Group
7.2.2. Interagency Operations Security Support Staff (OPSEC)
7.3. I2: Trusted Engineering Solutions
7.3.1. I2N: Office of National and Nuclear Command Capabilities — Provides the launch codes for nuclear weapons
7.3.1.1. Electronic Key Support Central Management Facility — Provides over-the-air code keying for the entire national security establishment
7.4. I3: Information Operations
7.4.1. Mission Integration Office
7.4.2. Technical Security Evaluations
7.4.3. Red Cell — Conducts surprise penetrations of U.S. government networks
7.4.4. Blue Cell — Conducts audits of U.S. government networks
7.4.5. HUNT: Advanced adversary network penetration cell — Monitors NSA networks 24/7 to detect advanced cyber penetrations
7.4.6. Joint Communications Security Monitoring Agency
7.5. I4: Fusion, Analysis, Mitigation
8. Research Directorate
8.1. R1: Math
8.2. R2: Trusted Systems
8.3. R3: LPS — Physical science lab
8.4. R4: LTS — Telecom science lab ( high-speed networks, wireless communications, and quantum key distribution)
8.5. R05: Center for the Advanced Study of Language
8.6. R6: Computer and Information Science
8.7. RX: Special Access Programs/Compartmented Research
9. Signals Intelligence Directorate
9.1. S1: Customer Relations
9.1.1. A&R Watch (K Watch Ops) 199
9.1.1.1. IBS
9.1.2. S11: Customer Gateway
9.1.3. S12: Information Sharing and Reporting Policy Services
9.1.4. S124: Staff Services Division
9.2. S2: Analysis and Production
9.2.1. Target Office of Primary Interest
9.2.2. FISA Special Adjudication Office — Provides 24/7 support to each product line shift to facilitate rapid FISA processing
9.3. S3: Data Acquisition
9.4. S31: Cryptologic Exploitation Servies
9.4.1. Signals and Surveys Analysis Division
9.4.1.1. Technical Exploitation Center
9.4.2. S3132: Protocol, Exploitation, and Dissemination Cell — Shunts SIGINT by type to databases
9.5. S32: Tailored Access Operations
9.5.1. Network Warfare Team — Liaison with military
9.5.2. Navy Remote Operations Center
9.5.3. S321: Remote Operations Center
9.5.3.1. Ft. Gordon Regional Operations Center
9.5.3.2. Network Ops Center
9.5.3.3. Operational Readiness
9.5.3.4. Interactive Operations Division
9.5.3.5. Production Operations Division
9.5.3.6. Access Operations Division — Works with CIA's Technology Management Office to break into hard-to-reach networks
9.5.4. FG322: NIE
9.5.5. S323: Data Network Technologies (researches how to penetrate secure networks)
9.5.6. FG3223: Media Exploitation and Analysis
9.5.7. S324: Telecommunications Network Technologies — Develops technologies to penetrate telecom networks
9.5.8. S325: Mission Infrastructure Technologies — Operational computer network exploitation and enemy infrastructure vulnerability mapping
9.5.9. S327: Targeting and Requirements
9.5.10. S328: Access Technologies Operations (computer network attack) — Works with CIA's TMO
9.6. S33: Link Access
9.6.1. S332: Terrestrial SIGINT
9.6.2. S333: Overhead SIGINT
9.6.3. S33P ISR Portfolio Management Office
9.6.3.1. S33P2 Technology Integration Division
9.6.3.2. S33P3 Tactical SIGINT Technology Office
9.7. S34: Collection Strategies and Requirements Center
9.7.1. S342: Collection Coordination and Strategies
9.7.2. S343: Targeting and Mission Management — Approves targets for analysts/makes sure that SIGINT targeting matches intelligence requirements
9.7.3. S344: Partnership and Enterprise Management
9.8. S35: Global Access Operations
9.8.1. Crosshair Net Management Center — Directing finding
9.8.2. Overhead Collection Management Center
9.8.3. S352: PRINTAURA — NSA unit involved in data filtering; program office for TRAFFICTHIEF tool
9.8.3.1. 35333: PRISM Program Office
9.8.3.2. S515: Morpheus Program Office — Unknown function
9.8.3.3. Community ELINT Management Office
9.8.3.4. OCEANSURF Program Office — $450m systems engineering hub
9.8.3.5. AIRSTEED Program Office — Cell phone tracking
9.8.3.5.1. Tactical Platforms Division
9.8.3.5.2. V34 -- Next Generation Wireless
9.8.3.6. VOXGLOW — Unknown major program office
9.8.3.7. CHASEFALCON — Unknown major program office
9.9. SV4: FISA Oversight and Processing Unit
10. T: Technical Directorate
10.1. TE: Enterprise Systems Engineering and Architecture
10.2. TS: Information Systems and Security
10.3. TT: Independent Test and Evaluation
10.4. T1: Mission Capabilities
10.4.1. T132 — The "scissors" team: division that physically separates traffic by type once it's been ingested
10.4.2. Strategic SATCOM Security Engineering Office
10.5. T2: Business Capabilities
10.6. T3: Enterprise IT Services
10.6.1. T3221: Transport Field Services
10.6.2. T334: National Signals Processing Center
10.6.3. T335: Deployable Communications Operations
10.7. T5: CARILLION — High performance computing center
10.8. T6: Technical SIGINT and Ground Capabilities
10.9. OTRS -- Office of Target Reconnaissance and Survey -- provides rapid technological solutions for tactical SIGINT problems
11. Information Technology Infrastructures Services (ITIS) System Office
12. L: Installation and Logistics
13. M: Human Resources — Q: Security and Counterintelligence
13.1. Q2: Office of Military Personnel
13.2. Q3: Office of Civilian Personnel
13.3. QJ1: HR operations/global personnel SA
13.4. Q43: Information Policy Division
13.5. Q5: Office of Security
13.6. Q509: Security Policy Staff
13.7. Q51: Physical Security Division
13.8. Q52: Field Security Division
13.9. Q55: NSA CCAO
13.10. Q56: Security Awareness
13.11. Q57: Polygraph
13.12. Q7: Counterintelligence
14. Cross-functional units
14.1. National Security Operations Center — Main NSA intelligence watch facility
14.1.1. DECKPIN — NSA crisis cell activated during emergencies
14.1.2. CMM — Cryptologic Management Mission program office
14.2. Integrated Broadcast Support Services Office — Provides SIGINT "RSS" feeds to customers
14.3. DEFSMAC: Defense Special Missile and Aerospace Center
14.4. NSA/CSS Commercial Solutions Center
14.5. NSA/CSS Threat Operations Center — Main cyber watch center
14.5.1. Office of Analysis
14.6. Unified Cryptologic Architecture Office
14.6.1. Integration
14.6.2. Systems Engineering/Architecture Analyses and Issues
14.6.3. Architecture
14.6.4. Process
14.6.5. Planning and Financial Management
14.7. Plans and Exercise Office
14.7.1. NSA Continuity Programs Office
14.7.2. Military Exercise Office
14.7.3. Continuity Engineering Office