Post on 17-Jul-2020
UNCLASSIFIED 1
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
C2 of DISA’s Enterprise
Mr. Scott RodakowskiCenter for Operations, DISA
UNCLASSIFIED 2 2UNCLASSIFIED
UNCLASSIFIED
"The information provided in this briefing is for general informationpurposes only. It does not constitute a commitment on behalf of the UnitedStates Government to provide any of the capabilities, systems or equipmentpresented and in no way obligates the United States Government to enter intoany future agreements with regard to the same. The information presentedmay not be disseminated without the express consent of the United StatesGovernment. This brief may also contain references to Unite StatesGovernment future plans and projected system capabilities. Mention of theseplans or capabilities in no way guarantees that the U.S. Government willfollow these plans or that any of the associated system capabilities will beavailable or releasable to foreign governments."
Presentation Disclaimer
UNCLASSIFIED 3
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
DISA’s Enterprise Infrastructure and Services
Robust, diverse, resilient, and protected communications and computing environment enabling warfighting operations
2,500User
Applications
65 Petabytes
DECC Storage
11 Computing
Centers
16 STEP/
Teleports
17,000Circuits
10 Sites /12 Circuits
135,000 MobilityUsers
Network Services- NIPR/SIPR- UC- DRSN- IRIDIUM
CLOUD SERVICES
Cyber Security
JRSS
UNCLASSIFIED 4
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
Coalition Partners
Coalition Information Sharing• Coalition DMZ• Cross Domain Enterprise Solutions• Mission Partner Environment (MPE)• All Partners Access Network (UISS)• CENTRIX• BICES-X
Internet
Internet Access Points • Sensors • Web Content Filtering• Demilitarized Zone (DMZ)• Distributed Denial of Service Mitigations• Enterprise Email Security Gateway• Domain Name Service (DNS) Hardening
Cloud Access Point
Cloud Service Providers
DoD Information Network (DoDIN)
Operate & Assure DISA’s Enterprise
Regional Operations
Center Central
Defensive Cyber Operations Center• Analysis of Sensor Data• Threat Analysis• Intel Fusion• Counter Measures• Boundary Protection• Internal Defensive Measures• Compliance• Key Cyber Terrain• Direct Cyber Protection Teams
CONUS GlobalOperations Center
Cyber Analytic Cloud• Events• Alerts• Logs• Incidents• Configuration• Performance
Cyber Analytic Cloud• Events• Alerts• Logs• Incidents• Configuration• Performance
CORE DATA CENTER
CORE DATA CENTER
CORE DATA CENTER
Host Based Security Systems (HBSS)
IP Services• Global IP Voice, Video, Data
Deployed Forces
Teleport
Satellite Services• Integrated ISR and SATCOM
Gateways
Satellite Services• Integrated ISR and SATCOM
Gateways
Single Security Architecture
Optical Core• 10 Gbs Operational• 100 Gbs Capable• Packet-Optical Transport
DISACommand Center
C2 of DISA’s Enterprise Infrastructure & Services
UNCLASSIFIED 5UNITED IN SERVICE TO OUR NATION
DEFENDCOMMAND & CONTROL (C2)OPERATE1,400 Mil, 5,600 Civ and 8,000 Contractors
in 18 States, 8 Countries~11.3B Budget
DISA Provides, Operates and Assures:$24B Enterprise, 11 Core Data Centers
>1000 Enterprise Apps, Worldwide Transport>500 Teleport Missions, >50 RPA Flights
EVENTS
Events/day DCO Events / day >10M Alarms
-24 Critical Auth SVC Interruptions-2400 Trouble Calls
ExercisesOperations
CPT Employment
>500 Sensors>798M Events
>300M Blocks
Events requiring Orders
INCIDENTS
ACTIONS
>2,000 Tickets>22,000 Changes
45 Orders Tracked >36 Cybersecurity incidents >14 Phishing Attacks
>80% Emails Blocked
Incidents / Day DCO Incidents / day Compliance Monitoring
Critical Issues Orders Tippers / Counter Measures10 Worked 7 Published
3 Received25/75
DoD’s Cyber Forward Edge of the Battle Area 3M+ Users Defended102 CDSP Customers300 TB of Data/38M E-mails Processed
30+ Named Operations, support to virtually all DoD members - OUR GOAL = 100% Mission Assurance
INTERNET DoDIN DISA Enterprise
Day in the Life of DISA UNCLASSIFIED
UNCLASSIFIED 6
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
Operation Freedom Sentinel Afghanistan
USCENTCOM
Full Spectrum Operations
Homeland DefenseDrug Interdiction
USNORTHCOM / USSOUTHCOM
Disaster ReliefNepal
USPACOM
Inherent ResolveIraq/Syria
USCENTCOM
Ukraine EngagementUSEUCOM
Operation Gladiator ShieldGlobal Cyber
UNCLASSIFIED
Operation United AssistanceJukebox Lotus / Juniper Micron /
Juniper NimbusUSAFRICOM
UNCLASSIFIED
UNCLASSIFIED 7
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
DISA NetOps Center (DNC)‐ Network Services/Transport/DCO
LEGEND:
DISA Special Support
Defense Enterprise Computing Center (DECC)‐ Computing/Enterprise Services
DISA Field Office
DISA Network Operations Global Command and Control
DECC Oklahoma City
DECC OgdenDECC Mechanicsburg
DECC MontgomeryDISA‐NORTHCOM
DISA TRANSCOM
DISA STRATCOM
DISA SOCOM
DISA SOUTHCOM
DISA AFRICOM
DISA Global Operations Command (DGOC)
DNC EUCOM
DNC PACOM
DNC CENTCOM (MacDill and Kabul)
DISA Center for OperationsDISA Command Center (DCC)‐ Fort Meade
• C2 of DISA’s Global Infrastructure and Services
• C2 & direct DODIN/DCO Activities within AOR ISO CCMD Priorities & Objectives
• 24x7 network operations and DCO of DISA’s transport, switching, and computing infrastructure
• Collaborate, synchronize and coordinate Agency capabilities with CCMD requirements
• 24x7 Operations for DISA and mission partner applications• Cyber Security & Maintenance of DISA’s computing environment
White House Communications Agency (WHCA)
Joint Staff Support Center (JSSC)‐ Pentagon
• Provide support and services to the National Military Command Center
• 24x7 GCCS-J Tier I/II service support
UNCLASSIFIED 8
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
USAFE / AFAF624TH / MCCC
USAREUR / USARAFRCC
NAVEUR / NAVAFNCTS / NIOC
MARFOREUR / MARFORAFMCNOSC
THEATER SERVICE OPERATIONS
ENTERPRISE INFRASTRUCTURE
ENTERPRISE FOUNDATIONAL SERVICES
ENTERPRISE APPLICATIONS
The DISA Enterprise
C2 of DODIN OPS, DCO-IDM & JIEUnity of Command and Unity of Effort
4 FEB 2015 ‐‐ 1700
• Escalation• Resolution• Reporting
USCYBERCOMJOINT OPERATIONS CENTER
• Incidents• Triage• Categorization
Integrated Tasking Authority
• Synchronize• Coordinate• De‐conflict
• Plan• Monitor• Assess
BENEFITS OF CHANGE:• Enhanced Mission Effectiveness• Defensible Cyber Terrain• Resource & Personnel Efficiencies• Operational Responsiveness
GLOBAL SERVICE DESK
DNC CONUS / PAC
SMC
CATALYST FOR CHANGE:• Delivery of Enterprise Services• Core Data Center & Shared IT Infrastructure• Single Security Architecture• EOC Maturity
USEUCOMC‐CPTJOINT FORCE CYBER
COMPONENT COMMAND
DODIN COMMANDENTERPRISE
OPERATIONS CENTERD‐CPT
S‐CPT
S‐CPT
S‐CPT
S‐CPT
Priorities & Dire
ction
Priorities &Synchronization
Tasking &Synchronization
119THEATER SERVICE DESK
DODIN ENABLED MISSIONSDODIN USERS
Priorities & Dire
ction
USAFRICOMC‐CPTJOINT FORCE CYBER
COMPONENT COMMAND
JFHQ DoDINGEOC
DISA NetOps Center
DISA Ope
ratio
ns
UNCLASSIFIED 9
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
Day in the Life of DECC Ogden
NIPRNET SIPRNET JWICS
DefendCommand
Operate• DISA DECC Ogden Operates IT Systems
hosting Mission Partner Applications for 3.5 M Users
• Fully ITIL Compliant
Global Mission Supporting DFAS, DLA, JCS-Joint Staff, DCMA, U.S. Transportation Command, FEMA, U.S. Navy, Army, & Air ForceRemotely Manage Systems at 7 sites, DWCF Funded
EVENTS• 2000 Managed Operating Environments• 42 z/OS Partitions
• 2.9 PB Managed Storage• 45000 System Backups/week
• 500,000 Batch jobs/weekINCIDENTS
ACTIONS
• 3 Operational turnovers/day• 5500 Incidents/week
• 320 Change Requests/week
• 10 Maintenance Windows/month
DLA Enterprise Business System, $1,200,000,000 transactions
processed annually
94,580 SQraised floor
USTRANSCOM Defense Personal Property System,
555,000 Shipments/Year
Wide Area Workflow,
$1,500,000,000 invoices/day
• Weekly ACAS Scans• Monthly SRG Compliance Checks
• Yearly AT 801 Audit
• Physical Security• Personnel Security
• 24X7X365 Operations
• Fully Secure Enterprise Class Data Center Located on Hill AFB, Utah
UNCLASSIFIED 10
UNCLASSIFIED
UNITED IN SERVICE TO OUR NATION
DECC Ogden Cybersecurity
• Securing Mission Partner Information Systems DoD Policy/Defensive Operations
• DoDI 8500.1 – Cybersecurity• DoDI 8510.01 – Risk Management Framework (RMF) • US Cyber Command Orders and Directives (OPORDS/TASKORDS/FRAGOS)• JFHQ-DODIN/DISA Headquarters Orders and Directives (TASKORD)
Assessment and Authorization (Formerly Certification and Accreditation)• Risk Management Framework (RMF) – Replaced DIACAP as the process to perform risk analysis of an application or network enclave
to grant an Authority to Operate (ATO). Automated Cybersecurity Tools
• Host Based Security Systems (HBSS) – Suite of McAfee applications running on Windows/UNIX/Linux systems providing firewall, antivirus, rogue system detection, intrusion detection, and vulnerability compliance.
• Assured Compliance Assessment Solution (ACAS) - Tenable network scanner running weekly and ad hoc credentialed compliance scans across Windows/UNIX/Linux systems.
• BladeLogic – BMC tool used to deploy Windows/UNIX/Linux vendor patches and run weekly compliance scans. Continuous Monitoring Risk Scoring (CMRS)
• DoD database system used to track cybersecurity compliance and determine risk. Automatic data feeds from HBSS and ACAS are rolled up to this system. Risk algorithms are used to calculate and a risk score (A, B, C, D, or F) by agency, directorate, or application.
Manual Compliance Checks• Security Requirements Guides (SRG)/Security Technical Implementation Guide (STIG) – These guides are developed to
provide in-depth hardening requirements for operating systems, network devices, applications, databases, and web servers.