DISA seeks stronger software for sensitive Defense systems
- By Dawn S. Onley
- May 31, 2005
The Defense Information Systems Agency is searching for solutions from vendors, academia and other government agencies to help combat internal threats to Defense networks, systems and data.
DISA has issued a request for information
for the toolset on FedBizOpps.gov. Responses are due June 21.
In support of DISA's computer network defense mission, the agency plans to deploy a software package that prevents malicious code insertion, content manipulation and vulnerability exploitation.
The toolset should also protect systems, servers and network devices from untrusted patches, track all critical system component modifications and protect against replay attacks, zero-day exploits and the use of steganographic tools.
The 'insider threat solution' should prevent unauthorized configuration changes and monitor internal e-mail, implement a data tagging/classification system, minimize exposure time of unpatched systems, and create a list of system and user behavior attributes that can be monitored to establish normal and abnormal patterns.
DISA's current software provides inadequate protection, according to the RFI. 'Individual host- and network-based protective mechanisms do not provide real-time protection from malicious insider attack behavior. Transformational technology provides hope but not proven concepts for deployment,' the RFI reads.
The software package, to be installed on Defense systems, will perform a wide variety of functions, including:
- Continue working after a computer network attack has occurred, including virus and worm activity
- Provide minimum interference with user productivity, usability and functionality
- Provide minimum degradation on Central Processing Unit performance
- Focus primarily on Microsoft Windows-based operating systems and applications.
To respond to the RFI, send an e-mail, less than 5 megabytes, to Paul.Carr@tic.dod.mil