Security infrastructure begins to take shape
Security infrastructure begins to take shape
Clarke makes plans for a government-only network
- By William Jackson
- Oct 19, 2001
Government networking could change dramatically under Richard A. Clarke, the president's newly appointed cyberspace security adviser. Among Clarke's plans is the creation of a government-only voice and data network that would be hardened against attack.
Clarke will report to Tom Ridge's Homeland Security Office and chair a governmentwide board to coordinate protection of critical information systems.
Clarke had been a senior member of the National Security Council, where he had served since 1993 and was coordinator for security, infrastructure protection and counterterrorism. In his new position he will coordinate interagency and private-sector efforts to secure and restore information systems.
One of Clarke's first acts in his new job was to issue a request for information to the telecommunications industry for developing a secure, dedicated government network.
The proposed GovNet would be a private voice and data network with no connections to commercial public networks. A commercial carrier would provide the service for government agencies and other authorized users. Visit www.fts.gsa.gov/govnet/govnet.doc
for details.Vendors sniffing around
Sprint Corp. and WorldCom Inc., the FTS 2001 long-distance carriers, and AT&T Corp. are all interested in GovNet, even though the technical details are yet to be worked out.
Meanwhile, retired Army Gen. Wayne Downing will become the deputy national security adviser for combating terrorism. Downing will report to the president's national security adviser and to the Homeland Defense Office on matters involving domestic terrorism.
The new positions are part of a restructuring of national critical infrastructure protection. President Bush in May ordered a re-evaluation of the defense of the nation's government, communications, banking, transportation, utilities and emergency services infrastructures and networks. He is expected to sign an executive order soon that, among other things, will set up the President's Critical Infrastructure Protection and Continuity Board, to be headed by Clarke.Agency responsibilities
Clarke had been widely rumored as the choice to head the board, but he predicted last month that the study would reject the idea of a central IT czar to oversee cybersecurity. Each agency would remain responsible for its own security, he said then, and the order would call for better cooperation with the private sector.
Work on GovNet began several months before the Sept. 11 terrorist attacks. Clarke said then that some government activities might be moved off public networks to a dedicated government transport.
'We should think about whether some government functions should be air-gapped, physically separated from the IP cloud, using fiber optics that are already out there,' he said.
The General Services Administration's Federal Technology Service released the RFI, which said that existing unused network capacity could support GovNet to minimize cost and new construction.
FTS scheduled an Oct. 17 meeting for interested companies. Responses are due by Nov. 21. A request for proposals and a schedule for contract awards will follow a study of the responses.
Initial requirements call for a private IP network to link specified government locations within six months of contract award, with voice and video capabilities to be added within a year.
There are no technical specifications yet, but the network would support encryption for classified data within the contiguous 48 states, provide commercial-grade voice service, have high reliability and be immune to outside attack.
The RFI suggests a fully dedicated network with separate transmission lines and equipment, as well as dedicated management and operational staffs, but GSA is 'open to alternative concepts,' it said. 'The government encourages creativity and outside-the-box thinking.'
Although the telecom vendors spoke cautiously about the project, 'Sprint is very intrigued, and we will be responding with our comments,' said Anthony G. D'Agata, vice president and general manager of Sprint's government systems unit. 'We will be helping to shape the thinking on this.'Expecting the call
AT&T's Tony Cira, vice president of defense programs, said, 'We are very interested. We think we have a lot to offer. We expect to walk out of the meeting with a list of 89 locations and some further definitions of what they want.'
Government officials said many of the details that define the system would be left to the companies. The government wants to give only functional requirements.
But verifying the functional requirements could prove difficult. There are few accepted standards for certifying the security of a large network to the degree the government wants.
The RFI specifies that 'it shall be impossible' for hacker attacks or malicious code to penetrate the network from outside or for denial-of-service attacks to shut it down.
But Cira said the job does not look too daunting. 'A lot of this sounds very similar to Defense Department requirements,' he said.
GovNet would not carry all government traffic. Agencies would continue to make use of public networks and the Internet, one security official said.
As yet, it is not clear whether GovNet use would be generally available or restricted to agencies that demonstrate need.
Nor can anyone say yet whether it would replace existing secure networks.
William Jackson is freelance writer and the author of the CyberEye blog.