DOD on the hunt for security solutions

Recent RFIs focus on virtualization-based security strategeies and commercial solutions for defending against denial-of-service attacks

The Defense Department is asking industry to provide input on two potential initiatives aimed at improving the security of the department's systems.

In a request for information issued earlier this month, the department is asking industry vendors whether virtualization technology might make it easier to secure networks and systems.

In a virtualization-based infrastructure, multiple networks and systems are treated as one common pool of technology in terms of how they are managed and allocated to users.

In theory, virtualization could make it easier to secure those systems. For example, administrators could manage servers used to browse Web sites or handle e-mail -- both of which can expose a network to security risks -- separately from other systems. Likewise, servers that handle sensitive information or operations could be placed in virtual trusted enclaves.

Modern operating systems and many applications in traditional data centers might be too large to secure effectively, according to DOD.

“It may be that the era of monolithic general-purpose operating systems is nearing its end and could be replaced by a cluster of modules or virtual appliances acting in concert to perform services traditionally supplied by operating systems,” the request states.

The Defense Industrial Base Cyber Security/ Information Assurance Task Force, which the department created in 2007, will review the industry information and determine whether virtualization is a viable strategy, according to the RFI.

Meanwhile, the Defense Information Systems Agency wants to deal with a more tactical problem: distributed denial-of-service attacks.

In such attacks, an individual or group attempts to bring down a Web site by overwhelming it with traffic. Distributed denial-of-service attacks attacks made headlines earlier this month when government and private sector sites in the United States and South Korea came under attack.

The agency has issued an RFI looking for solutions that could give administrators a clear and timely picture of what is happening on their networks, alert them in the event of suspicious activity and provide options for mitigating attacks, the notice states.

“The goal of this solution is to detect and mitigate all DDOS attempts to disrupt [Defense Department] network communications and to detect internal assets displaying anomalous behavior across the Internet-to-NIPRnet boundary,” the notice states.

DISA said it’s interested in a tool that can report distributed denial-of-service events within five minutes of the start of the attack. Officials also want the solution to monitor inbound and outbound traffic at 11 worldwide access points to the Internet from the Unclassified but Sensitive IP Router Network (NIPRnet).

The RFI asks vendors to provide details on their proposed solutions’ capabilities for detection, mitigation, monitoring, logging, reporting and alerting. DISA also wants information on proposed systems’ security, administration, architectures, and cost and schedule estimates.

About the Authors

Ben Bain is a reporter for Federal Computer Week.

Doug Beizer is a staff writer for Federal Computer Week.


  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.