DISA looks to fix JRSS bugs
- By Lauren C. Williams
- Feb 21, 2019
The Defense Information Systems Agency announced it is working to address concerns in an oversight report about performance and reliability issues disrupting the Defense Department's Joint Regional Security Stacks program.
The announcement comes just weeks after the Office of the Director, Operational Test and Evaluation recommended the program be suspended until the system's security posture improved. DOT&E reported that JRSS, as deployed by the Air Force, "is unable to help network defenders protect the network against operationally realistic cyberattacks."
That pause is not taking place. However, JRSS portfolio manager Army Col. Greg Griffin said in a Feb. 21 blog post, resources have been "significantly realigned" as a result of the report.
"We're enabling the DOD-wide cyber footprint to become dramatically more defensible across an ever-changing information landscape," he said in the post. Now "resources are focused on reducing the complexity of the information presented to operators and improving standard operating procedures."
Griffin also said that helping mission partners improve network defense and visibility was a part of DISA's vision for JRSS and that standardization has to be a part of it.
DISA's announcement did not mention specifics on how it was resolving cybersecurity issues that prompted the DOT&E recommendation. However, it highlighted a few other issues that have plagued the JRSS implementation, including latency, which was mentioned in the DOT&E report.
A full analysis is pending and expected later this month, but interim reports suggested performance has increased and is being "constantly addressed and reassessed," the agency said. DISA said upgrades to the intrusion prevention system appliances in the continental U.S. were completed in December 2018 to reduce latency and bottlenecking issues.
The DOT&E report said that latency had contributed to delays in migration to the stacks and that "it remains unclear whether the very high volume of data designed to traverse each JRSS can be managed effectively."
JRSS migration is slated to reach several milestones in 2019, with two Pacific non-classified stacks coming online by the end of the year, and Secret IP Router Network stacks expected to begin moving traffic in the summer.
Lauren C. Williams is a staff writer at FCW covering defense and cybersecurity.
Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.
Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at [email protected], or follow her on Twitter @lalaurenista.
Click here for previous articles by Wiliams.