DISA rolling out cloud-based web browsing
Connecting state and local government leaders
The Defense Information Systems Agency’s cloud-based internet isolation solution transfers web browsing sessions from local machines to a secure, isolated cloud platform.
The Defense Information Systems Agency is moving its cloud-based internet isolation (CBII) pilot into production to better protect Defense Department networks from cyber vulnerabilities introduced from non-government websites accessed by DOD users’ internet browsing.
The CBII transfers internet browsing sessions from desktop browsers to a secure, isolated cloud platform, DISA said. This service separates the threat from direct connections to DOD networks, isolating potential malicious code and content within the cloud platform.
CBII also allows DISA to actively see how much bandwidth a user is taking up and allows for a "much deeper view into the user's interactions with websites and the internet," said Steve Wallace, systems innovation scientist for DISA's Emerging Technology Directorate. It can spot domains or sites that were secure when they were initially visited but which have since developed vulnerabilities.
"If that site goes from good to bad, we will have already isolated that user's interactions with the site," Wallace said.
Besides providing for safe surfing, CBII also helps manage content downloads, with an eye to reducing network congestion. "When a user clicks on a PDF or an Office document or something like that, the CBII renders that document remotely,” Wallace said. Users can then choose whether to download the file to their machine, he said, adding that such downloads to endpoint devices dropped 70% with the CBII.
To measure the program’s success, Wallace said the agency will look at bandwidth savings and the number of cybersecurity vulnerabilities avoided.
DISA previously indicated it wanted to scale the program from the initial 100,000 users to 3.5 million as the DOD embraced telework to cope with COVID-19 pandemic, but it will move DISA users first, Sherri Sokol, CBII's program manager, told reporters Sept. 3. A total of 1.5 million users are planned for migration in the first year of production.
This article was first posted to FCW, a sibling site to GCN.
NEXT STORY: DOD again chooses Microsoft for JEDI cloud