DEA just says yes to system

DEA’s Timothy Metzinger
describes his agency as “professionally paranoid, but that’s a good thing.”


The Drug Enforcement Administration has replaced more than two-thirds of its Unisys
Corp. x86 SuperGen systems running BTOS and CTOS with PCs running Microsoft Windows 95.


In the second phase of DEA’s $100 million, seven-year Firebird client-server
rollout, users will access applications exclusively from servers, said Timothy Metzinger,
technical director of the special project section in the Office of Information Systems.


The Justice Department agency’s Firebird project won the attorney general’s
1998 Award for Information Technology Excellence.


Installation and training began in 1994 and was completed last year at headquarters and
21 division offices, covering about 70 percent of DEA’s 10,000 users. Firebird
deployment will reach the smaller field offices, resident and division offices, and posts
of duty in 2000.


Firebird is replacing not only Unisys SuperGens but also standalone systems running
MS-DOS, Metzinger said.


DEA loaded applications locally on the SuperGens’ hard drives, but the machines
could not run MS-DOS applications.


The agency’s Digital Equipment Corp. Prioris servers run Windows NT 3.51 and 4.0
Server. In smaller offices, servers have either 128M or 256M of RAM; larger offices’
servers have 384 or 512M of RAM, Metzinger said.


Early PCs delivered for the Firebird project had 90-MHz Pentium processors and 16M of
RAM, and they get upgrades to 32M of RAM, Metzinger said. Newly purchased PCs have 300-MHz
Pentium II processors and 64M of RAM.


The Firebird client-server system lets DEA users log in at any PC. The Coast Guard,
where Metzinger formerly worked, also has migrated from SuperGen systems to a similar
arrangement under which applications are stored on servers running Windows NT and users
can log in to the system from any PC.


Each PC just has the bare bones for applications to run through a system image file,
Metzinger said. That makes it easier for administrators to ensure that failed hard drives
have had sensitive data fully erased before being sent back to the manufacturer, he said.


“We have strict controls in place. We are professionally paranoid, but that’s
a good thing,” he said.


For better configuration management, DEA specifies the hardware components it wants and
has a reseller, Datatrac Information Services Inc. of Dallas, put a private label on them.
Standardizing the components reduces Dynamic Link Library problems in Windows 95,
Metzinger said.


“You can spend days trying to find a DLL that was deleted or corrupted” when
a component changed, Metzinger said. “It puts fear into our users who are not trained
[to troubleshoot PCs]. It’s a waste of their time.”


DEA administrators are installing IBM Corp.’s Tivoli/TME 10 enterprise management
software to improve configuration management, Metzinger said. Eventually the agency will
add public-key infrastructure and digital signature capabilities and will bring the
servers up to the National Security Agency’s C2 security level.


“Rather than tackle security at the application level, we tackle it at the systems
level” with encryption over the WAN, he said.


For messaging, DEA has replaced Novell Inc. GroupWise 4.1 with Microsoft Exchange. The
agency uses Microsoft Office 97 applications but has no plans to install Windows 98, he
said.


“We wanted good directory services and a product that works well with Win95 and
NT,” Metzinger said. “We don’t have NetWare, so we couldn’t use”
Novell Directory Services with GroupWise.


For Windows NT data recovery on the file, print and application servers, DEA uses
Backup Exec 6.11 and 7.0 for NT from Seagate Software of Heathrow, Fla. DEA is evaluating
Backup Exec’s capabilities for restoring data without having to reinstall NT, he
said.


The Seagate products perform scheduled backups to digital linear tape drives. “We
have to manually change tapes” perhaps once a month, he said. The backups
“protect against user error and server failure but not against acts of God,”
Metzinger said.


He said that in case of an explosion, fire or natural disaster, DEA is more interested
in the well-being of its agents than in data.


Users at the 21 division offices get one week of PC training that Metzinger said is
intended to sell them on the change. “Change imposed is change opposed,” he
said.


The strategy apparently has worked. Division offices have been “jockeying for
position to get the upgrades first,” Metzinger said.


DEA has contracted with Performance Engineering Corp. of Fairfax, Va., for consulting
and engineering services. The agency purchases computer products from Datatrac’s
General Services Administration Information Technology Schedule contract through a blanket
purchasing agreement, Metzinger said.  

inside gcn

  • When cybersecurity capabilities are paid for, but untapped

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group