FIDnet will monitor federal, not private, nets, administration says

FIDnet will monitor federal, not private, nets, administration says

By Christopher J. Dorobek

GCN Staff

Under continued skepticism from privacy groups, the Clinton administration has reiterated that the new Federal Intrusion Detection Network will monitor only government computer networks and not those in the private sector.

House Majority Leader Richard Armey (R-Texas), however, has asked why private networks were included in draft plans for FIDnet. Privacy advocates raised concerns about FIDnet because draft proposals said the network would also review private networks.

Administration officials, however, said the network is designed for federal systems. 'As envisioned, FIDnet is being designed to monitor federal executive branch computer networks for intrusions, not private networks or the Internet in general,' said Jon P. Jennings, acting assistant attorney general for the Justice Department's Office of Legislative Affairs.

FIDnet is intended as a network of automated sensors placed at entry points to critical government agency networks. Those agency-owned-and-operated sensors would look for suspicious patterns and issue alerts based on predefined criteria, Jennings said in a letter to Armey.

It's like DOD's

Richard A. Clarke, a special assistant to the president and national coordinator for security, infrastructure protection and counterterrorism at the Critical Infrastructure Assurance Office, also defended FIDnet as a defensive network for federal computers, similar to the Defense Department's intrusion detection network, the Joint Task Force for Computer Network Defense.

'There are those who have said that the Federal Intrusion Detection Network is a Big Brother plan to intrude into the private lives of citizens,' Clarke said, and that the FBI will run FIDnet. 'None of that is true,' he said in a speech at the recent Industry Advisory Council's Executive Leadership Conference in Richmond, Va.

FIDnet will be run by the General Services Administration and will be a link of existing and new intrusion detection monitors, he said.

Just the facts

Jennings said the FBI will not be a primary recipient of FIDnet information, although the FBI would become involved with intrusions that require analysis by the National Infrastructure Protection Center's Analysis and Warning Section, or if there was a need for further investigation or eventual prosecution.

Federal systems are a favorite target of hackers, Jennings said, and it is important to protect government data because of its confidentiality.

'The federal government, like any other organization connected to the global Internet, must take steps, consistent with existing laws and constitutional protections, to protect its critical computer networks from attacks by hackers, cyberterrorists or foreign enemies,' he said. 'Protecting our networks is simply responsible computer security.'

Jennings made his comments in a Sept. 22 letter to Armey, who questioned FIDnet after privacy groups balked at a proposal that the network would monitor private networks, potentially invading citizen privacy.

Armey, in a more recent letter, questioned whether the administration ever saw FIDnet covering private networks. A draft copy of the FIDnet proposal states that the intrusion detection networks would cover critical government and eventually private-sector information systems.

'Are you willing now to state that neither FIDnet nor any similar administration program will ever be expanded to monitor private networks or the Internet in general?' Armey asked. He also asked about the accuracy of press reports that the administration changed the FIDnet plan in response to outcries from privacy advocates.

Even aside from privacy concerns, intrusion detection systems are only one part of an overall security infrastructure, said Joe Sirrianni, product manager for the security Internet services unit at Cisco Systems Inc. of San Jose, Calif.

Such intrusion systems ought to be taken as part of a holistic approach to security and are not to be considered as a standalone security product, he said during a forum at IAC.

Lee M. Zeichner, president of Legal Networks Inc. of Falls Church, Va., and legal counsel to the Critical Infrastructure Assurance Office, said that with any intrusion detection network, agencies need to be mindful of privacy issues.

Knock, knock

The Privacy Act of 1974 requires agencies to notify citizens when they collect data about them, but there are questions about whether the data collected by the intrusion detection networks fall under those provisions.

The administration has been pushing industry to establish information sharing and assessment centers that would let the private sector share information about vulnerabilities and attacks anonymously, Clarke said. '

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.