Sprint challenges DISA's choice of private ATM net

The Defense Information Systems Agency is committed to building a private
asynchronous transfer mode backbone for the Defense Information Systems Network. But one
major telecommunications carrier is trying to persuade DISA to use public ATM services to
meet its DISN requirements.

Sprint Corp. hired Data Systems Analysts Inc. of Fairfax, Va., to review the Defense
Department’s ATM security. The 82-page technical report challenges the DISA view that
public ATM networks are more vulnerable to security threats than dedicated ATM networks
like DISN.

“Public ATM networks are not more vulnerable to security threats than a dedicated
ATM network,” the report concluded. “Dedicated ATM networks are exposed to most
of the same potential threats, which can be exploited by the same inherent
vulnerabilities, as a public ATM network.”

Although DOD has not conducted a formal review of the security trade-offs between
public and private ATM service, DISA concluded “the only way to meet Joint Chiefs of
Staff requirements for positive control and assured service is to build their own private
ATM network,” the report said.

The Sprint study found that “there is no specific [Joint Chiefs of Staff] or DOD
policy for positive control or assured service that prevents or discourages the use of
public ATM services.”

The DISN Capstone Requirements Document states that the decision process to select and
implement security safeguards must balance the reduction of risk against the cost of
protection, taking advantage of commercial products and services wherever possible.

DISN’s private ATM strategy is costly because it duplicates investments already
made in public networks, lacks economies of scale, requires significant surge capacity and
does not allow for rapid technology upgrades, the Sprint report said.

“With a DISN dedicated network approach, DOD will not be able to share the costs
of this overbuild with other users,” the report said. “The overall result is
that excluding public ATM services from the DISN strategy could significantly increase the
cost of ATM services for DOD.”

A DISA spokeswoman said “the appropriate DISN expert” has seen Sprint’s
DOD ATM Security Review, but the department would not comment further.

The Office of the Assistant Secretary of Defense for Command, Control, Communications
and Intelligence also received a copy of the Sprint report and is studying it, DOD
spokeswoman Susan Hansen said.

DISA continues to support the use of ATM technology for DISN, the high-speed backbone
that will provide DOD users with global connectivity through wideband transmission
services managed by commercial carriers.

DISN’s private ATM network is not truly private; it uses a public Synchronous
Optical Network backbone provided by AT&T Corp. and bandwidth managers provided by MCI
Communications Corp., the Sprint report said.

AT&T won the DISN Transmission Services for the continental U.S. contract, and MCI
won the DISN Switched Bandwidth Manager Services contract.

DISN equipment is owned and operated by the carriers. DISA provides direction and
monitors the network. But the Sprint report concluded that the same level of control now
enjoyed by DISA can be achieved using public ATM networks.

DOD in April banned the buying of ATM systems and services for two weeks while DISA
established ATM standards for DISN.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.