By Claudette Roulo
DoD News, Defense Media Activity
WASHINGTON, Dec. 5, 2014 - The Defense Department's acting chief information officer said today that the foundational element of the Joint Information Environment concept is on pace to begin deploying shortly after the New Year.
In a conference call with reporters, Terry Halvorsen said that trial joint regional security stack configurations in Europe and at Joint Base San Antonio, Texas, are proving successful in testing.
Regional security stacks are collections of servers and network switches that streamline network traffic and limit the number of external network access points. A software package provides a set of tools for rapid traffic analysis, making it easier to identify anomalies in the network ranging from network faults to attacks.
The test stacks aren't managing live traffic yet, Halvorsen said, but "the testing revealed that we had the capacity sized right ... [and] that our architecture connection plan appears to be sound." Some fine-tuning of the software set is still needed, he said, as is some additional training for the operating force.
"We're taking that for action now," the acting CIO noted.
Improving Network Security
Joint regional security stacks will be effectively improving the security of the entire DoD network by the end of 2016, Halvorsen said.
"I will have vision and connectivity throughout the DoD network by the end of '16 ... By the end of '17 I'll have the full capability available, with a few spots left to make sure that the full capability is deployed," he added.
Because the stacks allow network operators to have complete visibility of network traffic, it's likely that more attacks will be logged once the systems are deployed, Halvorsen said. But, he explained, response time will decrease, which provides the operator with more options.
"[The system] gets us the ability to have some sensors that will give us better tip-off -- more precise and timely tip-off -- about what's going on, on the network, so that we can take more responsive action," the acting CIO said.
Business Process Systems Review
In addition to testing and deploying the joint regional security stacks, the CIO -- in conjunction with the department's chief management officer, who has the lead -- is conducting a business process systems review across all of the principal staff assistant offices in DoD. The review is focused on improving business systems and business processes -- whether that means changing the process, changing the system or better integrating them, Halvorsen said.
The review complements the overall Joint Information Environment effort, Halvorsen said. Not only does it help speed up the implementation process, but by adopting a more businesslike approach, costs go down at the same time the department gains a better understanding of what capabilities it's paying for.
The offices of the CIO and the DCMO have completed their internal reviews already, he said.
"In CIO's case, one of the things we were able to do ... in terms of contracting, I was able to reduce the CIO budget by $10 million in both '15 and '16. [DCMO] saw some similar results," Halvorsen said.
A review of Defense Logistics Agency is ongoing and next up; starting Dec. 8 is the Defense Information Systems Agency, the acting CIO said. Eventually all of the defense agencies will be reviewed, Halvorsen said. "We are also starting I&E -- infrastructure and energy -- shortly [and] we're about three-quarters of the way through [personnel and readiness]," he added.
"They will share all that data with the military departments," he said, noting that the services have also started on their own reviews. When the reviews are complete, Halvorsen said, "we will have dialogue with the military departments ... and probably do some selected target activities that run the full gamut from the military services to the department agencies, all the way up to the department leadership... ."
"As we focus on business systems and processes ... the result of that has been both more effective and efficient output," he said. "We've been able to reduce [costs] by better looking at how we would buy things, by re-engineering some efforts [and] by looking at how we maybe integrate some more commercial products."
Open Standards Save Money
Another path to cost savings, he said, is to employ open systems and software "to the greatest extent possible."
Open systems can come with some additional cyber problems, Halvorsen acknowledged, but, in some cases, they are of much higher quality and security because of the level of scrutiny they receive.
"We are learning more and more about how to take open systems that start with cleaner code and actually better protect them because we ... can limit some of the known vulnerabilities," he said.
"Now, that doesn't mean we're always going to use completely open systems, but every place we can, just because it makes sense, ... we'll use open architecture and we'll even use in some cases open applications," Halvorsen said.
No comments:
Post a Comment