The Defense Information Systems Agency is trimming its herd of unclassified networks.
But in some ways it’s trading several wired networks for one that is wireless.
Dave Bennett, DISA’s chief information officer, said he wants to collapse several unclassified and classified networks that have grown up over the years into one that serves the agency around the world. And at the same time, DISA is moving out with a limited implementation of a wireless network for its Fort Meade, Md., campus for unclassified access.
“It will give us greater capability, reduce cost of operating the environment and ensures that we are applying security consistent fashion across the enterprise,” Bennett said. “I’m also expanding the networks on the classified side to ensure that all of the agency organizations, wherever they are located globally, have the ability to get access to the classified network and higher networks as we go forward. That’s a big effort underway to ensure, from an agency perspective, we are giving folks within the organization the capability to get access to the information regardless of the classification fabric they are working on.”
On the unclassified network, several stood up over time and were operating independently. Bennett said they are collapsing smaller networks into one larger one.
With the classified network, Bennett said the goal is expansion through reduction.
“Years ago, there weren’t that many people that were using the classified environment to do their day-to-day work so you had a DISA network, let’s just say, supporting the Fort Meade campus for our users, and then you had pockets of users throughout the rest of the agency with a need for the classified network. So they would stand up that capability within that organization or location,” he said. “What we are trying to do with this expansion activity is to take the existing classified network we have here at the agency and expand the footprint to those remote locations … so that anybody who had a need to get to the classified environment, they would have the capability right there and it would be part of the large DISA capability.”
At the same time Bennett is reducing the number of networks, he’s preparing to expand employee access to a new wireless network at Fort Meade, and provide the rest of DISA with a how-to manual to set up their own wireless network.
He said the manual will include techniques, tactics and procedures to implement a wireless network hook into DISA’s wide-area network. “We work in a secure open storage environment here and looking at and trying to figure out how you can leverage the technology in such as way compromise that environment has been a critical part of the pilot,” he said. “So what we did in working with all the organizations here, the security folks, the facility folks and my own internal folks, we all sat down to figure out how can we leverage technology and do it in a scenario where we can minimize risk to at least get a basis of understanding of whether or not wireless will work in this environment.”
DISA’s pilot focused on adding wireless capability to a few conference rooms that already included wired access to the network.
“That worked very well. We came to the realization that the connectivity and performance was really good. There were no issues and it worked as you’d except in a normal commercial environment or at your home. It was pretty seamless,” he said. “The one thing we did have to add to the equation was intrusion detectors to get a sense and be able to monitor and understand if someone from outside the conference room was trying to piggyback the wireless network and get into the network. It allowed us to test out the technology and how we would implement the capability in a facility such as ours.”
Bennett said he expects to implement full wireless capability for the unclassified network at Fort Meade in the next 6-to-9 months. He said there likely will be a request for proposals to install the wireless capability.
The network consolidation and the wireless pilot are part of a larger effort to move to a virtualized or thin client environment that supports mobility.
Bennett said DISA is analyzing all desktop computing applications in order to virtualize them.
“We want to take all the requirements off the desktop so we can move to a thin client or end user agnostic type of device sitting on the desktop, whether it’s a thin client, a tablet or a laptop,” he said. “But the goal is to take the requirement out of the equation that you have to have a PC or laptop physically on the desktop for the individual to do their work.”
DISA already is seeing huge interest by employees to work anywhere from any device. Bennett said typically somewhere between 700-1,200 employees each day hook into the unclassified network through the virtual private network capability set up when the agency moved to Maryland from Virginia under the Base Realignment and Closure initiative.
He said the use of video teleconference and the Defense Connect Online tools is growing exponentially so the network and hardware must be able to support users’ needs.