DISA wants a new way to secure DOD's 4 million endpoints
- By Kevin McCaney
- Jan 08, 2015
The move toward mobile devices, cloud service and virtual computing has given the Defense Department a lot of flexibility with its networks, but it also has created a challenge: keeping up with security on all those network endpoints.
Traditional security methods involving signature-based defenses don’t scale well enough to keep pace, according to the Defense Information Systems Agency, so DISA is looking for a better way. The agency has issued a request for information to industry for a next-generation approach to securing the nearly 4 million endpoints on DOD’s networks using a centralized management tool.
Mobile, virtual and cloud computing have changed DOD’s network environment and “the way we conceptualize the desktop,” DISA said. “The endpoint has evolved to encompass a complex hybrid environment of desktops, laptops, mobile devices, virtual endpoints, servers, and infrastructure, involving both public and private clouds. DISA is requesting responses for innovative solutions to provide security services in heavily virtualized environments that provide economies over replicating security services in each virtual endpoint.”
DISA is looking for operating system security tools—preferably built on open standards—for both Windows and other OSes (including Linux, HP-UX, Solaris and AIX) and which can defend against the persistent threats that pose the greatest risk. Any solution also should be capable of issuing alerts, reducing the attack surface and attack vectors, and detect malware upon arrival and before an exploit is launched.
The agency wants solutions that are either lightweight or agentless, in order to keep the footprint size down on virtual machines, and allow real-time inspection of a virtual machine’s component via the hypervisor. They should support DOD’s mix of endpoints—including PCs, thin and zero clients, mobile devices, servers, virtual servers and virtual clients—as well as its variety of computing environments, from small outposts to large ships, permanent installations to tactical command posts and deployed aircraft.
A centralized solution should be able to monitor endpoints, provide fully integrated patch, configuration and vulnerability management, and support a unified mobile device management approach, DISA said.
Responses to the RFI are due by Feb. 2.
Kevin McCaney is a former editor of Defense Systems and GCN.