JRSS: The Way Ahead
The Defense Information System Agency’s Joint Regional Security Stack (JRSS) initiative is driving and delivering solutions to network defenders and operators across the department, answering a call placed three years ago when the Department of Defense (DOD) cyber strategy established as one of its goals the need to “defend the DOD Information Network, secure DOD data and mitigate risks to DOD missions.”
The goal further emphasized that the DOD needed to raise the bar on technology and innovation to stay ahead of rapidly evolving cyber threats, to include building a more defendable network architecture in the Joint Information Environment (JIE). The JRSS is considered a game changer for the way information is secured throughout the joint cybersecurity environment. It is the critical component for creating the JIE because it centralizes, standardizes and modernizes the transport and defensive capabilities needed to defend the DOD’s unclassified networks.
Fundamentally, JRSS implementation provides synchronized defense and centralized management along with a flexible and deployable architecture.
With JRSS, the department has, for the very first time, reached a broad agreement that securing the DOD enterprise must be a joint capability. In place of multiple networks at bases, posts, camps and stations, the JRSS provides the joint capability to protect data and networks in a regional approach. Having a complete regional picture enables operators and defenders to better understand what's happening on the network.
“For the very first time, the various services and agencies are able to work together and share their analysis of threats and vulnerabilities on a common platform with their peer organizations,” says Col. Gregory Griffin, USA, JRSS portfolio manager.
Not only does the JRSS manage and defend traffic flows, it supports big data analytics that enable the DOD to ingest large sets of data and provides the platforms to process that data, as well as the mechanisms to help cyber operators analyze the data. As network traffic moves through these stacks, network defenders and operators are able to see every packet, or unit of data, traversing the network, giving them the ability to properly defend the network in real time.
By design, the JRSS increases the DOD's cybersecurity posture by providing centralized security management and full traffic visibility. The JRSS is made up of 20 Nonsecure Internet Protocol Router Network (NIPRNet) stacks and 25 Secret Internet Protocol Router Network (SIPRNet) stacks, managed centrally with a standardized configuration.
“JRSS enables centralized management and decentralized execution on an unprecedented scale,” Col. Griffin says. “This allows synchronized action, not only within a service, but throughout the joint enterprise.”
The centralized management approach presents network defenders with critical information in a meaningful way. Armed with this information, they can proactively adjust defenses against the hottest threat vectors and detect adversaries already in the network, stopping them from disrupting warfighter communications.
Flexible and Deployable Architecture
The 2015 DOD cyber strategy emphasized the need to “plan and exercise to operate within a degraded and disrupted cyber environment in the event that an attack on DOD’s networks and data succeeds, or if aspects of the critical infrastructure on which DOD relies for its operational and contingency plans are disrupted.”
The migration and implementation of JRSS satisfies this need by providing combatant commanders the ability to technologically control their theater networks for the very first time. Before JRSS, the combatant commanders relied on organizational leadership chains to effect a change within a theater network. Through the flexible and deployable nature of the JRSS, those commanders can control networks centrally, over one management system, achieving true theater situational awareness.
“JRSS helped solve a problem that has plagued modern, deployable ground forces,” Col. Griffin says, explaining how the Army regionally aligned its forces into Europe. “Through the flexibility of the virtual routing and forwarding architecture, domains were manipulated to allow deploying forces to better prepare and seamlessly enter their theater of war.”
While the DOD chief information officer and the JIE executive committee control the future of the JIE, and ultimately, the JRSS, it is clear the department is looking for the best solutions for big data platforms and virtualization to improve performance, increase operational effectiveness and drive down cost of ownership. According to Col. Griffin, the JRSS continues to evolve toward a virtualized system that dramatically reduces the physical footprint, power, and heating, ventilation and air conditioning requirements without giving up performance or throughput.
“Finally, technology insertions throughout the migrations, by their very nature, allow JRSS to spiral out the latest capabilities to stay ahead of the threat,” Col. Griffin says.
The JRSS architecture truly does “transcend individual branches,” as prescribed by the DOD strategy. It enables a robust network-focused defense, shifting away from stove-piped protections by service-specific networks and systems.
Alana Johnson is a member of the DISA staff.
This special report has been contributed by the DISA staff as part of the advance coverage of the AFCEA Defensive Cyber Operations Symposium (DCOS) taking place May 15-17 at the Baltimore Convention Center.