Innovation, Efficiency Drive Defense Information Systems
Pouring a quart out of a pint jar is the new way of military networking.
Innovative systems and capabilities may define U.S. military networks within a handful of years if the Defense Information Systems Agency’s work with industry pays the technological dividends the agency expects. Officials within the organization, also known as DISA, aspire to exploit not only the newest ideas emerging from the private sector but also technologies that have not been fully developed. This strategy would address the burgeoning demands of modern coalition warfare and protect against rapidly growing cyberthreats as budgets constrict, says the agency’s director, Lt. Gen. Alan R. Lynn, USA, and commander of the Joint Force Headquarters-Department of Defense Information Networks (JFHQ-DODIN).
It could bring to fruition new technologies and improvements to existing technologies. New developments could include software-based systems that create virtual hardware across networks as well as exotic communication links that provide large increases in bandwidth throughout the battlespace. Some upgrades could make greater use of existing commercial capabilities, while others could introduce seemingly innocuous small business innovations that have powerful network effects.
The bar is high, but so are the stakes. DISA is racing to remain ahead of cyberthreats in the wake of mounting budget pressures—the agency’s biggest challenge today, Gen. Lynn says. The same budget concerns facing DISA affect the JFHQ-DODIN, he adds. The main difference between the two organizations is that DISA occupies the build side, while the JFHQ-DODIN defends the built system. Funding is vital for both endeavors. Fortunately, increased funding authority for cyber means fewer hindrances to developing those capabilities, he notes.
Gen. Lynn cites some shocking figures about the cyberthreat that the JFHQ-DODIN confronts. The agency makes thousands of changes to networks each month to defend them. And it removes hundreds of millions of bad emails infected with malware or phishing attempts.
Nonetheless, DISA focuses on supporting the warfighter and the decision maker, which means stretching dollars at times to carry out that mission. At the heart of this effort is innovation, Gen. Lynn posits. For example, DISA is looking at software-defined networks (SDNs) to replace some standard network hardware items by putting them in a virtual environment. These virtual appliances would assume much of the workload otherwise left to support personnel. The result would be a reduction in support staff and power consumption, along with a cybersecurity advantage. If a particular SDN environment is attacked, then the applications and users can be moved over to another identical environment, leaving the enemy attack behind, Gen. Lynn explains.
Other efficiencies come from cost-reduction efforts. DISA has cut customer costs by 9.3 percent and 7 percent over the past two years, respectively, the general notes. “We’re making our mission while at the same time decreasing our costs and innovating to provide more capabilities,” he declares.
And industry is on the same path as DISA, Gen. Lynn continues. Streamlining is the name of the game. Industry is “really helping” DISA move to capacity services, he offers. Instead of purchasing large amounts of equipment, the agency will rent what it needs for a fixed period of time.
Industry can help DISA advance other goals as well. Any tools to keep ahead of cyber adversaries “would really be of interest” to both DISA and the JFHQ-DODIN, the general says. “The cyber battlefield is growing, it’s unending and it’s 24/7—and we have to keep a constant eye on it,” he says. He emphasizes the possibility that a small company may have an idea that is exactly what DISA and the JFHQ-DODIN need.
Also high on the agency’s wish list: diverse new ways of transport, such as a laser satellite system that provides the same throughput as undersea fiber. The agency needs the ability to perform large data analytics, Gen. Lynn says. He hopes to have data scientists develop custom analytics that DISA can plug into its larger data platforms.
The general also expects small business to be a source of innovation, citing the growing relationship DISA has with smaller firms (see Small Business Grows Within DISA). The agency already has strong relationships with larger vendors that often face the same challenges as DISA, such as reducing costs or providing better network defense.
DISA has many partners, including Silicon Valley, in running its large enterprise, Gen. Lynn notes. All are working on different innovations, and the agency is in contact with these partners on elements as basic as best practices. DISA’s work with the Defense Innovation Unit Experimental (DIUx), an organization focused on moving commercial technologies to the U.S. military faster, seeks input from startups. And the agency has its own ideas percolating that the general describes as groundbreaking, but he cannot share specifics at this time.
Gen. Lynn calls DISA “the world’s expert in integration” because it acquires components through open competition, leading to a high degree of network diversity. The agency constantly is upgrading, retiring stalwart technologies such as time-division multiplexing (TDM), asynchronous transfer mode (ATM) and integrated services digital networks (ISDN). Removing legacy technologies from what Gen. Lynn offers is the largest network in the world will take time, he says.
The biggest change afoot is the development of a multiprotocol label switching (MPLS) system to upgrade bandwidth capacity, the general says. In addition, the agency is developing multifactor authentication that would succeed the Defense Department’s Common Access Card (CAC), which uses two-factor authentication. The new system will employ behavioral analysis and biometrics to verify identity. This could feature “patterns of life,” in which a person’s actions are compared with established habits.
DISA also is improving its optical transport systems. It is working toward implementing light fidelity, or Li-Fi, to provide more bandwidth, which could support the mushrooming number of unmanned military systems. Overall, the agency is moving away from traditional wired networks and toward new approaches such as cloud and capacity services, along with other on-demand capabilities.
DISA always is seeking better, faster, less expensive technology. Gen. Lynn says the agency will take “anything that is available to us that makes sense that we can do at a better price. We are trying to use all technology that we can find. If we can get a better deal on a mesh network as opposed to buying nailed-up circuits … to have a portfolio of options that are available to us, including any new work that is being done for transport, we absolutely would be interested in it.
“If there is some technology that would allow us to provide more bandwidth, more capability, we’re interested in that as well,” he adds.
For now, Gen. Lynn maintains a degree of separation between DISA, which builds networks, and the JFHQ-DODIN, which defends them. He does this to avoid one activity inhibiting the other. “The tendency in the cyber world is to try to lock down the network as much as possible,” he observes. “The build side of the house is to provide as much throughput, traffic and information as we can possibly make flow correctly. That’s an interesting balance.” The general says this “yin and yang” are in good balance.
Gen. Lynn says he does not want network users to be concerned about outages or intrusions. “I don’t want them to have to worry about a fiber cut in Djibouti,” he states. “The guys building the network need to worry about that. I want the cyber guys fully focused on the enemy, and the enemy is ubiquitous. They are all over the place trying to get in, and we are doing a tremendous job of blocking them every step of the way.
“In the rare exception on some zero day when they can get in, guess what? They don’t get out.”
The new warfighting environment that DISA and the JFHQ-DODIN confront complicates matters. Coalition operations are almost mandatory in future conflicts, so DISA cannot afford to build a U.S.-only network environment. The agency must factor in a number of potential partners and build out capabilities for a variety of missions.
One solution to this challenge is to build what Gen. Lynn describes as a “gray network.” This SDN—mobile down to a single device—would be cost-effective yet secure thanks to multiple techniques DISA employs for unclassified systems with a high level of assurance. “We need to start thinking more in that regard,” he allows.
Coalition operations will call for greater network interoperability and virtualization. DISA has networks that interoperate with allies, but each nation needs virtualized controls to manage its portion. Effectively, this would constitute another network that allows different coalition nations to share information and to adjust access to that information. “Having something that we all agree to … and that [other countries] have full control over would be very powerful,” Gen. Lynn posits. “I think we’re almost there.”
Gen. Lynn will elaborate on the role of industry in delivering innovation to DISA at DCOS 2017, being held at the Baltimore Convention Center June 13-15.