Virtualization technology could address Pentagon's network security problems

Defense Department officials want to know whether virtualization technology can make DOD’s networks more secure and easier to manage, according to an information request posted on the Federal Business Opportunities Web site.

Virtualization could make it easier to provision network components and make it possible to isolate risky activities such as browsing Web sites or opening e-mail messages from unknown senders, according to the request posted July 10. Virtualization technology makes it possible to run multiple network components on a single server.

Modern operating systems and many applications in traditional data rooms may be too large to secure effectively, according to DOD.

“It may be that the era of monolithic general-purpose operating systems is nearing its end and could be replaced by a cluster of modules or virtual appliances acting in concert to perform services traditionally supplied by operating systems,” the request states.

DOD officials are also interested in using virtualization to create trusted enclaves of servers to handle sensitive information and operations. The enclaves would be independent of other systems and could be refreshed if security is compromised.

Virtualization may also make it possible to imitate a private-sector program that gives employees a subsidy to buy laptop computers. Employees use the laptops to connect to corporate networks, but virtualization protects networks from any security risks possibly residing on the portable computers, according to DOD.

Responses are due July 20.

About the Author

Doug Beizer is a staff writer for Federal Computer Week.

Reader Comments

Mon, Jul 20, 2009 Jeffrey A. Williams Frisco Texas

I've implimented many VN's and the trick in their use is in the way in which they are implimented. Security is a very major consideration if VN's are going to be used for critical or sensitive communications. VN's have unique exposier opertunities and attacks are all too often very difficult to detect, and even more difficult to defend against adaquately. For DOD to want to use VN's seems very odd to me unless they invision such uses to be for very low priority communications or communications that have no possibility of transmitting critical or sensitive data.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above