DISA rethinks its security strategies

Defense Department’s net-centric data policies expose weaknesses in operational awareness

DARPA explores future

As Defense Department officials seek to enhance their ability to detect service outages and security breaches on military networks, the Defense Advanced Research Projects Agency is looking for better ways to do that in the future.

DARPA said military networks’ increasing size makes it hard to identify security threats as soon as they occur. “As a result, many conventional approaches to defending our networks will not be sustainable,” according to a DARPA statement.

DARPA’s Scalable Network Monitoring program will develop new strategies that DOD can use regardless of a network’s size, officials said.

— Sebastian Sprenger

The Defense Department is taking new steps to detect traditionally hard-to-pinpoint performance outages and security breaches on DOD networks. Officials said a test program to
begin later this month is part of a departmentwide effort to improve awareness of network incidents or trouble spots.

The Defense Information Systems Agency will initiate the test program, which will lead to establishing an information sharing operations center (ISOC) early next year, said Anthony Montemarano, DISA’s program executive officer for information assurance and network operations.

The center’s purpose will be to collect data on the status of services that feed information to DOD networks for various applications.

The military is moving toward a services-based environment, but DOD’s ability to detect anomalies in the performance of each of those services is limited, said Michael Krieger, director of information policy in DOD’s Office of the Chief Information Officer.
The data that those services feed to applications could be as simple as the time of day or as complex as a geospatial map.

“You can’t go to a computing center and say, ‘It’s on, so it’s working,’” Krieger said. “It may be on, but it may not be responding to your requests.”

John Grimes, DOD’s CIO, recommended establishing an ISOC in an August 2006 progress report on the implementation of the department’s network-centric data strategy. DOD officials have traditionally used software agents, which are tiny computer programs, to monitor the performance of services on the military’s networks. The ISOC would attempt to monitor the health of a large number of those services simultaneously.

“There are two types of systems: systems that are down and systems that are going to go down,” Montemarano said, highlighting the need for a picture of the operational status of those systems.

He added that DISA plans to eventually integrate the ISOC with the agency’s Global Information Grid Common Operational Picture program.
In the past several years, DOD officials have accepted the notion that military networks will always operate in a somewhat degraded state rather than at peak performance and with uncompromised security.

That recognition has prompted officials to seek ways to improve their situational awareness of incidents on DOD’s networks.
“The focus has gone away from higher walls and wider moats with more alligators,” said Linton Wells, a former assistant secretary of Defense in the CIO’s office. Wells said projects such as the ISOC are essential for securing DOD’s networks.

DISA officials are evaluating sites for housing the ISOC, including an agency facility in Columbus, Ohio, and a secret facility that the intelligence community uses, Montemarano said.

The test program will begin in early October and continue for about 60 days. After that, officials will decide what kinds of equipment, how much money and how many employees they will need to create the ISOC.

During the testing phase, DISA officials will experiment with data and services from the Maritime Domain Awareness Community of Interest. That group is a collaborative effort by several federal agencies to collect and distribute data that tracks ships near U.S. coasts.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.