infosec-news January 2011 archive
Main Archive Page > Month Archives  > infosec-news archives
infosec-news: Re: [ISN] DISA creates DMZ to boost security on un

Re: [ISN] DISA creates DMZ to boost security on unclassified network

From: InfoSec News <alerts_at_nospam>
Date: Wed Jan 12 2011 - 08:35:51 GMT
To: isn@infosecnews.org

Forwarded from: Richard Forno <rforno (at) infowarrior.org>

This is the funniest thing I've read in a long time.

Apart from the fact this article reads like a DISA press release, are
they really proud of the fact the agency is rolling out a network DMZ as
a security design? Is this so groundbreaking in nature, even bt
government standards, that it must be spoken of in such awed terms by
the quoted DISA representatives? The way they're talking, you'd think
they never heard of the DMZ concept in network design until recently and
they're thusly excited about the concept. Seriously?

I absolutely howled when the article quotes the DISA CIAE: ".... the DMZ
concept – which he said will be re-named "Project Lightning" because
“DMZ is the worst name possible” – emerged from combatant commanders’
need to take mission risks without putting other commands and leaders at
risk." Reading that, I have to wonder if they're worried that some
analyst somewhere in DOD or the USG will hear panicked and breathless
alerts about how "someone is hitting our DMZ!!!" and think that North
Korea was invading the South, thereby sounding the alarm and launching
us into World War III. Since the primary other term for "DMZ" involves
the geography around the 38th Parallel, after reading that quote, one
wonders if this really is meant to avoid operational confusion between
Cyber Command and the Korean-American Combined Forces Command.

Further, DISA also is standing up the DISA Command Center, intended to
"provide continuous oversight of DISA’s network and 13 subordinate
regional operations centers." One has to wonder why they haven't had
such a capability already given THAT IS THEIR MISSION ... but reading
on, one gets the impression this 'new' organisation will be a way for
DISA to retain some more bodies/positions/budgets/authorities with the
closure of the JTF-GNO last year.

(I'm open to comment from anyone more knowledgeable than I about the
present DISA.)

-- rick
infowarrior.org

On Jan 11, 2011, at 02:54 , InfoSec News wrote:

> http://gcn.com/articles/2011/01/07/disa-panel-dod-dmz.aspx
>
> By Amber Corrin
> GCN.com
> Jan 10, 2011
>
> The Defense Information Systems Agency has created a "demilitarized
> zone" for unclassified applications to help manage access and improve
> security between the public Internet and Unclassified but Sensitive IP
> Router Network (NIPRNet), according to Dave Mihelcic, DISA's CTO.
>
> The DMZ protects against cyberattacks, he said. In the case of a cyber
> attack, the DMZ would allow increased security while still leaving
> critical servers open to the Internet as necessary
>
> DISA has taken a leadership role in locking down military cybersecurity,
> and the DMZ is one of two programs that are emerging as key components
> to maintaining the security of DOD’s most sensitive data, officials have
> said.
>
> “We have to share information safely,” said Richard Hale, DISA chief
> information assurance executive. “If we break sharing, we’ve broken a
> lot of things…but we still have to keep things secret.” Hale and
> Mihelcic spoke as part of a DISA panel at a luncheon held in Arlington,
> Va., and sponsored by the DC chapter of AFCEA.
>
> [...]
>
> ___________________________________________________________
> Tegatai Managed Colocation: Four Provider Blended
> Tier-1 Bandwidth, Fortinet Universal Threat Management,
> Natural Disaster Avoidance, Always-On Power Delivery
> Network, Cisco Switches, SAS 70 Type II Datacenter.
> Find peace of mind, Defend your Critical Infrastructure.
> http://www.tegataiphoenix.com/

___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/