|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: InfoSec News (alerts
infosecnews.org)
Date: Mon Apr 21 2008 - 00:27:02 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://www.gcn.com/print/27_8/46113-1.html
By John Rendleman
Government Computer News
04/14/08 issue
Federal civilian agencies are under the gun to re-engineer their
networks by June 30 to comply with an ambitious Office of Management and
Budget plan to improve information technology security through a
dramatic reduction of Internet connections.
The Trusted Internet Connection (TIC) plan also includes an April 15
deadline for agencies government wide to declare their capabilities and
requirements to carry out the overhaul.
TIC requires the federal government to winnow its array of about 4,000
Internet connections to roughly 50 highly secure gateways. OMB, which
launched TIC in November 2007 in response to the surging frequency and
sophistication of online assaults against federal systems, first
estimated the number of Internet connections to be about 1,000. After
gathering information from agencies, that number grew fourfold.
The TIC plan to create a more secure perimeter between Uncle Sam’s
internal networks and the free-fire zone that dominates the external
Internet echoes a project that the Defense Department launched seven
years ago.
The new, secure perimeter, sometimes referred to as a demilitarized
zone, would help federal IT managers improve their network traffic
monitor capabilities.
Agencies also would be able to reduce the number of security appliances
they use to filter data crossing into or out of federal networks.
The OMB proposal calls for the Homeland Security Department’s U.S.
Computer Emergency Readiness Team to implement pivotal TIC operations.
For years US-CERT has operated a 24-hour operations center that monitors
network activity across the federal government. Under TIC, the center
will enforce network security via its suite of Einstein packet-filtering
devices. USCERT uses the Einstein systems to keep malware out of federal
networks and prevent sensitive government information from leaving.
The DHS network security response team built the Einstein systems using
commercial and government software and hardware. The Einstein devices
sit outside government firewalls to detect all traffic that affects
federal systems, DHS officials said last year (GCN.com, Quickfind 1022).
Most security experts said the risks involved in the ambitious TIC
deployment schedule and the difficulties posed by the network
re-engineering plan would be more than offset by its likely
effectiveness.
Many of the IT security analysts contacted for this article emphasized
the urgent need for security upgrades to protect the federal
government’s data infrastructure. Most security professionals agreed
that the TIC security improvements and similar measures are long
overdue.
“We should have done this five years ago, but there wasn’t the heart or
the will then like there is now,” said Howard Schmidt, a former White
House cyber security adviser. “The timetable is aggressive,” he said,
but now there is a sense of urgency behind the program.
[...]
_______________________________________________
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]