DOD aims to protect unclassified network by speeding traffic and limiting protocols
Connecting state and local government leaders
DENVER—The Defense Department is beefing up its Non-Classified IP Router Network to protect traffic on the network from attack. DOD wants to more quickly move traffic that could be used maliciously, said Col. John Thomas, chief of the Defense Information System Agency's Global Operations and Security Office. The redesign of NIPRnet, which the department uses for unclassified but sensitive communications, will likely be finished this month, Thomas said recently at the Government Information Technology Executive Council's Information
DENVERThe Defense Department is beefing up its Non-Classified IP Router Network
to protect traffic on the network from attack.
DOD wants to more quickly move traffic that could be used maliciously, said Col. John
Thomas, chief of the Defense Information System Agencys Global Operations and
Security Office.
The redesign of NIPRnet, which the department uses for unclassified but sensitive
communications, will likely be finished this month, Thomas said recently at the Government
Information Technology Executive Councils Information Processing Interagency
Conference.
The redesign involves some reconfiguration of the networks routers and an
examination of what network protocols the department will permit. We could eliminate
50 percent of the problems by limiting the number of protocols, he said.
DOD, like most organizations, is working to balance a networks operational needs
and security requirements, he said. We have to be secure, but we also have to do our
mission, Thomas said.
Therefore, issues such as interoperability and configuration management typically
outweigh vulnerability issues, he said.
Information technology has become integral to DOD operations, he said, and security is
no longer just an issue for systems managers. I think weve crested that
hill, Thomas said.
The importance of security is ingrained in the organization because field commanders,
who have become dependent on IT, also understand the role of security in maintaining the
readiness of the systems infrastructure, he said.
Thomas said the year 2000 problem presents a double-edged sword for security experts.
The real concern is the hacker community water-skiing behind the Y2K bullet,
he said.
DISA has been working to determine how year 2000 problems would manifest themselves so
experts can differentiate between a date code problem and a system attack.