120 likes | 272 Views
Enterprise Wrappers for Information Assurance DARPA/SPAWAR Contract N66001-C-8023. NAI Labs, Network Associates OASIS Winter PI Meeting 12 March 2002. Mark Feldman, Wayne Salamon, Steve Kiernan, John Axisa. Not for Public Release. Overview and Status. Blah, blah, blah Wrappers
E N D
Enterprise Wrappers for Information AssuranceDARPA/SPAWAR Contract N66001-C-8023 NAI Labs, Network Associates OASIS Winter PI Meeting 12 March 2002 Mark Feldman, Wayne Salamon, Steve Kiernan, John Axisa Not for Public Release
Overview and Status • Blah, blah, blah Wrappers • Blah, blah, blah NAI Labs • Blah, blah, blah Teknowledge • Blah, blah, blah Enterprise • Success, but more work to do
Base Technology and Teaming A Parallel, Collaborative Effort Using Previous DARPA Research Prototypes as a Base • Teknowledge: Windows NT/2000 • NAI Labs: Multi-Platform, concentrating on Linux under this program ftp://ftp.tislabs.com/pub/wrappers/ http://opensource.nailabs.com/wrappers/
Enterprise Wrappers Goals “Scaling the power of the wrapper to the enterprise” • Integrate host-based wrappers into scalable cyber-defense system • Create common, multi-platform, policy-enforcing infrastructure • Populate this infrastructure with useful monitors, authorizers, and controllers • Dynamically ensure a consistent, enterprise-wide policy
NWM Interface Network Schema & Data Hardened System(expanded) Manager Boundary Other IA components, M M Mediation Mediation Cocoon Cocoon Controller such as intrusion detection, App App sniffers, secure DNS, IDIP, etc. M M M M Data Push/Pull Control Protocol service M M service Host Controller ... Linux or NT WMI proxy Wrapper Data Base Hardened Subsystem System “Soft” System Enterprise Wrappers Objectives • Wrapper Network Interface • Off-board cyber-defense controllers • Off-board communication of wrapper data • Multi-Platform Host Controller • Manages dynamic insertion and removal of Wrappers • Network-scalable
Revisiting What “Policy” Means Here • A combination of • Wrappers written in WDL • Activation Criteria • Data to drive decisions • Distributed based on • Hardware/Software Platform • Network Topology • Geographic Location • Mission • Users • via a secure, hierarchical distribution mechanism driven by a GUI (drag-and-drop) with local override
What We’ve Done Lately • Selected and implemented technologies • Communication using sockets (adaptable to BEEP, Spread, SSL, IPSEC) • Portable Java-based host and network controller and lightweight native host controller • Portable storage mechanism (LDAP) for policy • First release with Enterprise functionality • One GUI to rule them all • Implements policy across the Enterprise • Started experimentation and testing of policy model
Come see the Demo! We’ll be demonstrating Enterprise Wrappers for the first time* Wednesday night. Please stop by to see the power of the wrapper scale to the enterprise * Outside of a preview to Jay in October
DARPA-hard Questions we still have • Is the Policy Model adequate for the user? • Are pre-packaged groups of wrappers, activation criteria, and data sufficient? • Will composition produce unexpected/unintended results? • Will the administrator-in-the-middle hierarchical model produce unexpected/unintended results?
2000 2001 2002 2003 Schedule NAI Start Teknowledge Start Host & Network Controllers Base technology build-up You are here Updated Wrappers New API design and implementation Hilton Head PI Meeting Santa Fe PI Meeting TBD: • Useability • Wrapper population • Integration with other OASIS technologies Norfolkgk PI Meetin Interoperability Hawaii PI Meeting Summer PI Meeting
Technology Transfer • Wrappers are available and being used; Enterprise Wrappers becoming the default. • Actively seeking input on • wrappers necessary to protect mission • ways to make wrappers easier to use • Continuing to make the toolkit, including new Enterprise functionality, available under the GPL. ftp://ftp.tislabs.com/pub/wrappers/ http://opensource.nailabs.com/wrappers/