The Defense Information Systems Agency (DISA) is evolving their infrastructure to combat concerns over connectivity and security, efficiency, and cost. DISA’s present issues relate to outside components connecting to its network because the infrastructure is outdated.
In this regard, DISA is looking to move to a shared software defined networking (SDN) infrastructure with a single security architecture. The cost to replace the current TDM-based Defense Switch Network (DSN) will be significant. In fact, it is a $50 billion effort with a 15-year telecommunications efforts. As part of this plan will include the following eight goals and objectives:
-
Execute capability initiatives toward the Joint Information Environment vision
-
Improve collaboration with mission partners and industry
-
Ensure successful mission execution in the face of a persistent cyber threat
-
Provide a cloud computing environment
-
Optimize DoD’s data center infrastructure
-
Exploit the power of trusted information sharing
-
Provide a resilient communications and network infrastructure
-
Improve transparency, overnight, and execution of DoD IT investments
This is not a new concern for DISA, in August of 2016 at the Unified Capabilities Industry Advisory Council (IAC) meeting, similar concerns were raised. The current draft UCR 2017 has begun to move requirements towards this vision. There is a new section on Core Session Controllers with the goal of replacing local session controllers. This combines enterprise session controllers and soft switch requirements to match current technology, which even allows for hosted services. This will allow focus on Joint Regional Security Stacks (JRSS).
“We are trying to cut wire networks and legacy networks out of the DODIN,” said Army LTG Alan Lynn, DISA director and commander of Joint Force Headquarters – Department of Defense Information Networks. “It is an additional expense and technology is past it. We are trying to come to the 21st century. We cannot afford to keep having more and more older systems.”
In addition, the agency is moving forward on milCloud 2.0. MilCloud 2.0 connects commercial cloud Infrastructure as a Service (IaaS) offerings to DOD networks, in a private deployment model. DISA provides two data center locations for commercial providers to host IaaS services. The goal is to bring the best commercially owned pay-for-use cloud infrastructure services to the department. Migrating apps and data to the cloud is challenging due to a change-resistant community within the agency. Alternatively, agencies will wind up with a blend of cloud and onsite data centers, since not every app can be moved to the cloud.
Along with the new executive order to improve cybersecurity, these new initiatives should have a dramatic affect on security focus and spending in the near term. Companies looking to capitalize on the $90B in Government IT spending need only focus on modernization and IT infrastructure support.
If you need help breaking into the FED or need assistance getting through security certifications like FIPS 140-2, Common Criteria, or the DoD’s DoDIN APL, contact Corsec today!
Stay up to date on these and other updates to security certifications and the requirements of each – Subscribe
