Forwarded from: Richard Forno <rforno (at) infowarrior.org> This is the funniest thing I've read in a long time. Apart from the fact this article reads like a DISA press release, are they really proud of the fact the agency is rolling out a network DMZ as a security design? Is this so groundbreaking in nature, even bt government standards, that it must be spoken of in such awed terms by the quoted DISA representatives? The way they're talking, you'd think they never heard of the DMZ concept in network design until recently and they're thusly excited about the concept. Seriously? I absolutely howled when the article quotes the DISA CIAE: ".... the DMZ concept – which he said will be re-named "Project Lightning" because “DMZ is the worst name possible” – emerged from combatant commanders’ need to take mission risks without putting other commands and leaders at risk." Reading that, I have to wonder if they're worried that some analyst somewhere in DOD or the USG will hear panicked and breathless alerts about how "someone is hitting our DMZ!!!" and think that North Korea was invading the South, thereby sounding the alarm and launching us into World War III. Since the primary other term for "DMZ" involves the geography around the 38th Parallel, after reading that quote, one wonders if this really is meant to avoid operational confusion between Cyber Command and the Korean-American Combined Forces Command. Further, DISA also is standing up the DISA Command Center, intended to "provide continuous oversight of DISA’s network and 13 subordinate regional operations centers." One has to wonder why they haven't had such a capability already given THAT IS THEIR MISSION ... but reading on, one gets the impression this 'new' organisation will be a way for DISA to retain some more bodies/positions/budgets/authorities with the closure of the JTF-GNO last year. (I'm open to comment from anyone more knowledgeable than I about the present DISA.) -- rick infowarrior.org On Jan 11, 2011, at 02:54 , InfoSec News wrote: > http://gcn.com/articles/2011/01/07/disa-panel-dod-dmz.aspx > > By Amber Corrin > GCN.com > Jan 10, 2011 > > The Defense Information Systems Agency has created a "demilitarized > zone" for unclassified applications to help manage access and improve > security between the public Internet and Unclassified but Sensitive IP > Router Network (NIPRNet), according to Dave Mihelcic, DISA's CTO. > > The DMZ protects against cyberattacks, he said. In the case of a cyber > attack, the DMZ would allow increased security while still leaving > critical servers open to the Internet as necessary > > DISA has taken a leadership role in locking down military cybersecurity, > and the DMZ is one of two programs that are emerging as key components > to maintaining the security of DOD’s most sensitive data, officials have > said. > > “We have to share information safely,” said Richard Hale, DISA chief > information assurance executive. “If we break sharing, we’ve broken a > lot of things…but we still have to keep things secret.” Hale and > Mihelcic spoke as part of a DISA panel at a luncheon held in Arlington, > Va., and sponsored by the DC chapter of AFCEA. > > [...] > > ___________________________________________________________ > Tegatai Managed Colocation: Four Provider Blended > Tier-1 Bandwidth, Fortinet Universal Threat Management, > Natural Disaster Avoidance, Always-On Power Delivery > Network, Cisco Switches, SAS 70 Type II Datacenter. > Find peace of mind, Defend your Critical Infrastructure. > http://www.tegataiphoenix.com/ ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Wed Jan 12 2011 - 00:35:51 PST
This archive was generated by hypermail 2.2.0 : Wed Jan 12 2011 - 00:49:37 PST