All-seeing security program spreading throughout DOD

Record software deployment gives cyber command omniscient view

The implementation of a $9.7 million agreement with McAfee and Northrop Grumman to secure 5 million desktop and notebook computers and servers is bolstering military cybersecurity efforts via the host-based security system (HBSS) rolled out last month.

The program helps to secure DOD’s Secret Internet Protocol Router Network (SIPRNet), in addition to its Non-Classified Internet Protocol Router Network (NIPRNet), for which HBSS originally was rolled out through the Air Force Network-Centric Solutions contract last year.

Officials already are touting the benefits of the deal.

“HBSS is the new big thing. We are already deploying it on all our desktops,” said Dave Wennergren, the Defense Department's deputy chief information officer.

“The program is giving cyber command a top-level view,” providing critical information to organizations such as the newly created 24th Air Force at Lackland Air Force Base in San Antonio, which is responsible for Air Force cyber operations, said Tom Conway, director for federal business development at McAfee.

Conway said the HBSS deployment marks the largest single software mandate for DOD, security or otherwise.

The software is built on McAfee’s Host Intrusion Prevention Systems (HIPS) signature and behavioral protection, and a system firewall. HBSS also employs McAfee’s ePolicy Orchestrator management framework, a dedicated security management console.

HBSS "is the last line of defense, but also the first — it’s 360-degree protection, even from inside threats. It offers better visibility into what the network looks like and how it behaves,” Conway said.

According to Herb Galindo, department manager for the central region at Northrop Grumman Information Systems, HBSS also is supporting a Defense Information Systems Agency drive for capabilities that collect and correlate alarms as cyberattacks occur.

The HBSS program also reaches into outside agencies, including civilian agencies such as the Coast Guard, and the other branches of the military are beginning to implement the security standard as well, though officials say the Air Force has been the first military organization to make major strides with the software.

“The Air Force is ahead of the pack across DOD in implementing HBSS,” said Col. Russ Fellers, deputy director of the Air Force 753rd Electronics Systems Group, which focuses on net-centric and command and control capabilities for the Air Force.

“HBSS is a game-changer in the sense of virus protection at the desktop level, [preventing viruses or malware from] spreading into the network,” Fellers said. “The magnitude is enormous.”

Beyond the cyber realm, the HBSS program also is having an effect on the ground, and as far away as Afghanistan. “This provides system administrators improved situational awareness and ensures capabilities to the warfighter,” Galindo said.

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.


  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Thu, Feb 18, 2010 Mick Lang London

Yet another wrench to throw into the 'netcentric' world of DoD computing. I doubt any of this sanctioned security enhancements will undergo rugged testing (i.e., SABI) with other three-letter agencies (as DIA will accredit regardless). So far, Public Key encryption, digitally signed emails and attachment-shredding firewalls have not aided in the sharing of data, but have hampered it. I'm sure that this will get a belly-full of laughs at the next DEFCON conference in Vegas.

Fri, Dec 11, 2009

HBSS is touted to be a wonderful solution; however, the HIPS software and HBSS has received zero review by senior admins at critical tiers within AF networks. This has caused multiple-week downtime at some sites, crashed firewalls due to the enormous load inflicted by these programs, and has trashed CPU utilization on multiple servers. The single-solution nonsense will probably only go away once we have a horrible zero-day exploit that hits every last pc. What would we do if a Chinese company bought into McAfee? Would we dump this product just like we did Symantec? I apoligize for being frank, but this is stupid.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group