DISA to pay $1.2B for network protection

Defending against insider threats puts squeeze on budget

Related Links


The Defense Information Systems Agency plans to spend $1.2 billion in the next three years to protect Defense Department networks from attacks. That spending is necessary to thwart insider threats and defend classified networks, according to DISA’s fiscal 2008 budget documents.

Such spending for network defense might sound staggering. However, Bernie Skoch, a consultant at Suss Consulting, said a billion-dollar network security budget could be a bargain if it protects networks essential to DOD’s global operations. Skoch, a retired Air Force brigadier general, was formerly principal director of customer advocacy at DISA.

The bulk of that proposed spending would be for DISA’s Information Systems Security Program. It would receive $959 million for fiscal 2007 through fiscal 2009, an amount that includes $819 million from operations and maintenance accounts and $140 million from procurement accounts.

DISA’s three-year network operations and defense budget also includes $147.5 million in operations and maintenance funding for network security in the Pacific and European commands and DISA field offices that support nine combatant commands. Another $41.3 million in three years would go to the Strategic Command to operate and defend the Global Information Grid. And DISA would spend $54 million on operating a Joint Staff Support Center.

It is well-known that DOD’s Non-classified IP Router Network (NIPRNET) is under increasing attacks from the outside. But DISA’s budget documents indicate that the agency has additional concerns about insider threats. DISA plans to deploy tools to 1,500 locations worldwide to analyze, detect and respond to insider threats against information and information systems.

DISA’s three-year budget would pay for increased security on the Secret IP Router Network, which is less susceptible to outside attacks than the NIPRNET because it does not connect to the Internet. DISA intends to deploy automated network access controls on the SIPRNET to prevent inadvertent or malicious connections of unknown or improperly configured devices, the budget documents state.

DISA also plans to deploy a departmentwide risk-management system to verify that connections to the SIPRNET come from valid DOD users. The agency will expand its use of subnets called demilitarized zones (DMZs) to isolate the NIPRNET and SIPRNET from unverified external networks. DISA said the DMZs will improve security and make it easier for authorized users to access DOD information.

Skoch said DMZs will help DOD maintain public Web sites that support activities such as e-commerce without compromising internal DOD networks and information.

Budget documents show that DISA has already deployed tools from Secure Computing and Blue Coat Systems for DMZ security.

Steve Schick, a Blue Coat spokesman, said the company’s tools provide protection from malware, spyware and viruses. A reporting tool analyzes incoming traffic. Because the use of such tools on the edge of a network often slows traffic, the Blue Coat tools include an acceleration engine that helps speed traffic, Schick said.

Secure Computing’s Cyberguard Web Washer scans incoming DMZ traffic. Phyllis Schneck, vice president of research integration at Secure Computing, said the company’s tools detect and block malware. They also detect global trends in malicious traffic and automatically forward that information to customers, such as DISA.

“Providing safety and security is priceless,” Schneck said.
A security project named CentaurThe Defense Information Systems Agency introduced a network security program in 2006 called Project Centaur. It collects, stores, retrieves and analyzes message header flow data and metadata from incoming traffic that is captured by border routers on secret and unclassified Defense Department networks.

Project Centaur is one of several new security programs disclosed in the agency’s fiscal 2008 budget request.

Bernie Skoch, an analyst at Suss Consulting, said the Centaur project is valuable to DISA because it conducts traffic analysis that helps the agency determine the origin of network attacks.

DISA did not respond to requests for additional information on Project Centaur. 

The Fed 100

Read the profiles of all this year's winners.


  • Then-presidential candidate Donald Trump at a 2016 campaign event. Image: Shutterstock

    'Buy American' order puts procurement in the spotlight

    Some IT contractors are worried that the "buy American" executive order from President Trump could squeeze key innovators out of the market.

  • OMB chief Mick Mulvaney, shown here in as a member of Congress in 2013. (Photo credit Gage Skidmore/Flickr)

    White House taps old policies for new government makeover

    New guidance from OMB advises agencies to use shared services, GWACs and federal schedules for acquisition, and to leverage IT wherever possible in restructuring plans.

  • Shutterstock image (by Everett Historical): aerial of the Pentagon.

    What DOD's next CIO will have to deal with

    It could be months before the Defense Department has a new CIO, and he or she will face a host of organizational and operational challenges from Day One

  • USAF Gen. John Hyten

    General: Cyber Command needs new platform before NSA split

    U.S. Cyber Command should be elevated to a full combatant command as soon as possible, the head of Strategic Command told Congress, but it cannot be separated from the NSA until it has its own cyber platform.

  • Image from Shutterstock.

    DLA goes virtual

    The Defense Logistics Agency is in the midst of an ambitious campaign to eliminate its IT infrastructure and transition to using exclusively shared, hosted and virtual services.

  • Fed 100 logo

    The 2017 Federal 100

    The women and men who make up this year's Fed 100 are proof positive of what one person can make possibile in federal IT. Read on to learn more about each and every winner's accomplishments.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group