State will ramp up Net service

State will ramp up Net service

When the Internet project reaches its full momentum in June, contractors will install OpenNet Plus at 23 posts a month, State deputy CIO Bruce Morrison says.

Over the next year, the State Department will roll out Internet access to 30,000 users worldwide, reducing the department's network costs and boosting communications security.

Officials want the OpenNet Plus network to handle sensitive but unclassified information for State users as well as its Internet traffic at about 260 foreign posts and 40 offices in the United States. But achieving this goal requires a comprehensive security review at each location where it plans to install OpenNet, the department's IT chiefs said last week.

State this year allocated $109 million to complete the project, even though work will continue through March, deputy CIO Bruce Morrison said. 'We are one-third of the way into an 18-month project,' he said. 'We're still in the ramp-up stage.'

When the project reaches its full momentum in June, State officials and contractors will install OpenNet Plus at about 23 posts and offices each month.

The security checks will stretch out the time spent on the project, Morrison said. 'The act of giving somebody access to the Internet gives an office exposure to hackers, viruses and security risks,' he said. 'Most people already have PCs and browsers. We are doing a few upgrades.'

After assuring adequate security is in place, bringing Internet service online is a five-minute process, Morrison said.

State will follow up its initial security surveys with reviews by specialists visiting the sites and by remote software probes of the systems.

Combining Internet access with State's sensitive but unclassified traffic on the same network will save money by eliminating the need for separate networks, Morrison said.

Another factor that will reduce costs is the recent decline in bandwidth costs, he said. Officials knew that fielding Internet service at so many locations would dramatically increase the department's bandwidth needs.

State has hired CACI International Inc. of Arlington, Va.; KPMG Consulting Inc. of McLean, Va.; and STG Inc. of Fairfax, Va.; to work with the department's Diplomatic Telecommunications Service on the project.

Separate net

For classified traffic, the department is building a separate network under its Classified Connectivity Program. State this year allotted $100 million of its nearly $600 million IT budget for the effort, Morrison said.

Many users who access to both classified and nonclassified data have systems configured with two CPUs attached to one monitor, mouse and keyboard. One CPU handles the classified data, and its hard drive is locked away when not in use.

'We are constantly attacked by the hacker community,' Morrison said. 'Just as with protestors demonstrating outside our embassies, we notice an upsurge in attacks when [the government] does something unpopular.'

Unlike most agencies, State must prepare for the threat of its offices being seized by hostile mobs. 'We have destruction plans [for systems] in place in the event an embassy would be seized,' Morrison said.

For some posts, State takes a more extreme approach: All employees use thin clients accessing data on systems in Washington, he said. To further secure OpenNet traffic, all data will pass through the Washington data center. That's to ensure that OpenNet only needs one firewall, Morrison said.

'Otherwise, if we had to maintain separate Internet service providers for each post, we would have to monitor 300 firewalls,' he said. 'We figured our chances of success in monitoring 300 firewalls was nil. This way we are limiting exposure.'

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above