1 / 17

LandWarNet 2009

UNCLASSIFIED. . PURPOSE: To Provide an overview of the DoD NIPRNet Hardening Project and the Army's responseOBJECTIVE: By the end of this presentation you should have a clear understanding of the DOD NIPRNET Hardening Project. LandWarNet 2009 . Steve Schless, NETCOM ? ES stephen-schless@us.

terrian
Download Presentation

LandWarNet 2009

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. LandWarNet 2009

    2. PURPOSE: To Provide an overview of the DoD NIPRNet Hardening Project and the Army’s response OBJECTIVE: By the end of this presentation you should have a clear understanding of the DOD NIPRNET Hardening Project

    3. The DOD NIPRNet Hardening Goal: To improve the perimeter defense by strictly controlling access to Public-Facing information resources and services, and by preventing access to internal resources and prohibiting access to Private server. Five Focus Areas Deploy a more defensible outer perimeter Configure every computer securely and create a sustainment environment Eliminate Anonymity & Vulnerability by Increasing Accountability Improve Situational Awareness, C2 and Response Readiness Improve Threat Awareness through Collaborative Analysis and Sharing of Current Threat Data

    4. LandWarNet 2009

    5. DMZ Implementation Process 5

    6. 6 NIPRNet DoD DMZ Increment 1 Phase 1 Architecture

    7. NIPRNet DoD DMZ Increment 1 Phase 1 Near Term Separation Requirements

    8. LandWarNet 2009

    9. LandWarNet 2009

    11. STIGs Federal Desktop Core Configuration (FDCC) Scanning & remediation tools Anti-Virus Host Based Security System Data at Rest LandWarNet 2009

    12. PKI Directories {Directory Services} Privilege management LandWarNet 2009

    13. Readiness HBSS, VMS, scanners, validation visits Compliance, metrics and reporting Exercise Attack detection, diagnosis, & synchronized, active, rapid reaction Improved sensing: Enterprise Collaborative Operational Sensor (ECOS), Gator, others Improved analysis: Community data center, Centaur, Trickler, Gator, other LandWarNet 2009

    14. Ensure access to information required to discover, share and collaborate with partners Pursue Aggressive Lines of Communication {LOC} with Allies and Coalition Partners Establish Lines of Communication {LOC} with Federal and State Partners LandWarNet 2009

    15. LandWarNet 2009 Whitelist Filter private resources from the Internet Whitelist at IAPs will limit traffic entering NIPRNet to authorized destinations Status Web, FTP and SMTP implemented DNS: Testing in August, full implementation in early September Register via AVTR

    16. Take Aways Identify your public assets Plan on moving them to a DISA DECC or Army DMZ extension (APC) Separate Public and Private Information Logical vs Physical separation Reduce number of publically accessible servers Consolidate LandWarNet 2009

    17. LandWarNet 2009

    18. Questions LandWarNet 2009

More Related