first network hub
WASHINGTON — Tests of the first hub in the Pentagon’s network consolidation effort, at Joint Base San Antonio-Lackland, Texas, have thus far been successful, Acting DoD Chief Information Officer Terry Halvorsen said. This amounts to a step forward as the Pentagon collapses its sprawling, disparate networks into a more streamlined, standardized, defendable and cost-effective structure. Each network hub, called a joint regional security stack (JRSS), is essentially a collection of servers, switches and software tools to provide better network traffic visibility and analysis. “It has some sensors, which will give us a better tip-off to what’s going on on the network, so we can take more responsive action [against anomalous activity],” Halvorsen said in a call with reporters. Citing security concerns, he declined to discuss the specifics of the test or the protective software — and declined to discuss costs ahead of Congress approving the Defense Department’s budget. The consolidated structure would also be visible to the National Security Agency, for intelligence sharing and collaborating on network defense, officials say. Starting next year and culminating in 2016 and 2017, the rolling effort will see 11 JRSS nodes in the continental U.S., and 23 locations around the world. The first JRSS is at Joint Base San Antonio-Lackland has been set up to handle both Army and Air Force network traffic. “There’s an enormous push behind the thing, this is happening now, it’s not some future pipe dream type stuff,” Hari Bezwada, the chief information officer for the Army’s Program Executive Office Enterprise Information Systems. An Army battalion, which has been installing bulk buys of networking gear, has completed work at nine bases, Bezwada said. The Army and Air Force are converting to JRSS nodes, ahead of the Navy and Marine Corps. The consolidation is meant to reduce the attack surface for hackers, and DoD’s finite number of defenders, Rezwada said. DoD plans to wrap the whole thing in “best-of-breed” security software. “You don’t want people to come in through the back door and attack, now we can defend these locations a lot better, with sophisticated, trained people,” Bezwada said. The Army and the NSA’s Information Assurance Directorate are also collaborating on a laboratory that allows experimentation with new cybersecurity technology. Among other cloud-based applications, the consolidated networks will host “big data” analytics apps that would sniff out intrusions in real time, Bezwada said. What’s more, network overseers will be able to “see” 4 million users simultaneously, Rezwada said. The transition will also enable the Army to seek cloud-based “unified capabilities,” a package of IP-based services including chat, video and voice communications. The Pentagon plans to issue a request for proposals in early 2015.
By JOE GOULD