Published on: 03-22-2016
Princeton, NJ, March 22, 2016 - NIKSUN, the world leader in cyber security and network performance monitoring solutions, announced today NIKSUN's Supreme Eagle receives press coverage in GovTechWorks on the DoD's JRSS initiative.
The article discussed getting better defenses up and running to protect the U.S. military's digital networks is taking longer than expected. But even amid delays, the defenses themselves are being upgraded.
The 48 Joint Regional Security Stacks (JRSS) intended to become the Defense Department's bulwark against hackers, viruses and malware attacks, are behind schedule, according to a report from the Pentagon's Office of Operational Test and Evaluation (OT&E).
Four security stacks have been installed thus far, and are now ready for the Army to begin "migrating" its networks, said Col. Scott Jackson, Chief of the JIE Solutions Division of the Defense Information Systems Agency (DISA). These will reroute network traffic through the stacks so they can filter internet traffic and guard against dangers coming in and unauthorized data flowing out.
Among the newest features: A packet-capture capability that will enable JRSS to record traffic just like "a security camera at the door of a bank," said Paul Spencer, Vice President of engineering at NIKSUN, Inc. of Princeton, N.J., whose Supreme Eagle security system is being added to JRSS.
Supreme Eagle will enable JRSS to make and store copies of all of the traffic that flows into and out of the military's networks, examining them for malware and signs of malicious activity.
"We look inside to pull out certain metadata and protocol information," Spencer said.
When malicious traffic is spotted, network operators are alerted. "The key thing we bring to the table is the ability to trace events as far as what an attack consists of, step by step," Spencer said. "We have experience dealing with cases where an attacker puts in a back door" and it remains undiscovered while its owner gradually ex-filtrates information or sabotages data. By saving a record of network traffic, Spencer explained, "we can reconstruct events, see how they installed the back door and what was exfiltrated."
Attack records are stored in a "network knowledge warehouse," where they can be used to identify and disrupt future attacks. The Supreme Eagle system automatically compares traffic data to information from its warehouse for forensic analysis. "There is no need to manually parse through streams of traffic data to find information relevant to a network incident," Spencer said.
This new packet capture technology "is much more robust," Jackson said. The initial packet capture technology used by JRSS could not keep up with network traffic. But NIKSUN's technology performs captures packets at more than 100 gigabits/second, enough to keep up with the full flow of data through JRSS gateways.
To read the full article, click here.