Intercepts

Let us count the ways to say AES
The new wireless local-area network (WLAN) policy signed this month by John Grimes, the Defense Department’s assistant secretary for networks and information integration, should win an award for the number of acronyms and standards per paragraph. It is a veritable thicket of indecipherable letters and numbers all jammed together.

A decrypted version of the memo specifies use of the Advanced Encryption Standard (AES) three ways: first, as Federal Information Processing Standard (FIPS) 140-2; second, as IEEE 802.11i; and third, as the Wi-Fi Alliance’s Wi-Fi Protected Access 2.

Why so many ways to say the same thing? It’s all in the nomenclature, said Frank Hanzlik, managing director of the Wi-Fi Alliance, an industry certification group that has its own naming convention for wireless security.

As does the National Institute of Standards and Technology with its FIPS standards and the Institute of Electrical and Electronics Engineers with its 802.x convention.

After Hanzlik cleared up that confusion, he said the significance of the Grimes memo is that it gives manufacturers a common baseline for developing secure products and gives DOD users a wide range of tools that meet every conceivable certification criteria, even if they are the same.

Hanzlik said Grimes’ memo will establish best practices for any enterprise planning to deploy a WLAN, which will sure spoil my fun the next time I take a drive around Washington, D.C., to sniff out federal agencies and DOD contractors who run unencrypted wireless networks.

Competition in WLAN security heats up
Brian Mansfield, a technical marketing manager at Cisco Systems, said his company will soon have commercial software that meets all of the criteria outlined in Grimes’ memo.

For intrusion-prevention, AirDefense leads Cisco in Common Criteria certification under the National Information Assurance Partnership (NIAP) program, according to Amit Sinha, vice president and chief technology officer at AirDefense. But Mansfield said it won’t be long before Cisco gets Common Criteria certification through NIAP, which NIST and the National Security Agency sponsor.

Army A-OK with AKO to DKO
The Interceptor’s avid readers at the Army’s Program Executive Office for Enterprise Information Systems view the transformation of the Army Knowledge Online Web portal into Defense Knowledge Online as a win-win situation for the Defense Information Systems Agency, the Army and DOD.

It is not solely a DISA victory, as the Interceptor had assumed from the fact that DISA folks sit at the top of the DKO organizational chart.

PEO-EIS asked me to pass this on to folks in Intercept-land.

Bonnie-Jill Laflin heads for Iraq with Diamond Dallas Page
The Army’s contracting office in Seckenheim, Germany, has signed the above performers and the Ambassadors of Hollywood Tour’s wrestling battalion under a sole-source contract to perform for the troops in Iraq.

That fact came to the Interceptor’s attention by reading FedBizOpps, proving you can find a yuck almost anywhere.

Intercept something? Send it to bbrewin@fcw.com.