[ISN] Computer protection: Good IDEA

From: InfoSec News (alerts@private)
Date: Fri Mar 14 2008 - 00:46:43 PST


http://www.af.mil/news/story.asp?id=123089925

By 1st Lt. Ashley Conner
Air Force Information Operations Center Public Affairs
3/12/2008

HURLBURT FIELD, Fla. (AFPN) -- Buying software to protect your home 
computer ensures it is safe from Internet viruses and hackers. When Air 
Force officials buy intrusion detection software for the service's 
computers, they don't browse through the aisles of the local computer 
store.

The Intrusion Detection Exploration Analysis team, a part of the Air 
Force Information Operations Center at Lackland Air Force Base, Texas, 
tests commercial software for the Air Force before it is purchased.

"In the IDEA lab, we use FANTOMNet, an in-house-developed traffic 
generation suite that provides real, non-random, repeatable traffic 
across any given assessment network," said Rob Coursey, IDEA facility 
lead engineer. "We strive to demonstrate to the requesting agency how a 
given system or piece of software might be able to monitor or operate in 
its worst case environment."

This type of testing ensures that the product will meet the needs of the 
agency and at the same time validate that the vendor claims are 
accurate. The results provide decision makers with a full picture of 
what a device can actually do before it is purchased and fielded.

The IDEA lab technicians examine a wide variety of network security 
devices that include high speed intrusion detection/prevention systems, 
virtual private network or vpn solutions, host-based security solutions 
and centralized alert management solutions.

"In short, we are flexible enough to support just about any given 
assessment request," said Mr. Coursey.

"What we do here gives us a better picture of the limits of our gateway 
security," said Capt. Brian Lee, chief of Network Warfare Assessments. 
"It ensures computer information is safe and protected."

The IDEA lab team has tested products for computer-centric agencies 
within AFIOC but also has done work with Army, Navy and National 
Security Agency departments.

One of their most notable tests was for the Air Force Communications 
Agency. AFCA is the lead agency for the Combat Information 
Transportation System. Officials there are creating an updated version 
of the current unclassified Internet system most users know as the 
Non-secure Internet Protocol Router Net or NIPRNET. CITS will reduce the 
number of gateways the Air Force has to the Internet. Currently there 
are more than a hundred gateways but that number will drop to 16 when 
the project is complete.

"The IDEA Lab's job is to assess the Intrusion Detection System that 
will reside in the 16 new gateways helping to protect the data within 
the Air Force's computer systems," said Lt. Col. Edward Jakes, deputy 
director of AFIOC's Information Operations Directorate.


___________________________________________________      
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn 



This archive was generated by hypermail 2.1.3 : Fri Mar 14 2008 - 00:53:37 PST