skip to Main Content
Generic selectors
Exact matches only
Search in title
Search in content
Search in posts
Search in pages
Filter by Categories
Press Releases
  • Content Types

  • Content Types

  • Topics

  • ConfigOS Concept of System Operations

    Defining the problem – System Operations

    The Department of Defense (DoD) protects its 15,000 networks by defining, implementing,
    and auditing “best practices” for installation and maintenance of its information
    technology resources. The Defense Information Systems Agency (DISA) develops and
    publishes policy, in the form of the Security Technical Information Guides (STIGs), which
    are used when hardening secure systems used in the DoD.

    While significant advances have been made in the areas of threat definition and vulnerability monitoring, little progress has
    been made in automating the arduous tasks of implementing and maintaining STIG policy
    on the hundreds of thousands of systems operated by the DoD.

    The problem, therefore, is not creating and maintaining secure, compliant environments.
    The problem is creating and maintaining secure, compliant environments where software
    applications will actually run reliably.

    Enterprise Solutions

    To define an enterprise solution, one needs to first define an enterprise. For example, in the
    DoD, an enterprise might represent an individual program, a component, or merely a single
    base, network, or domain. Or, does “enterprise” refer to the entirety of the DoD? Assuming
    that the definition stands as the entirety of the DoD creates issues with typical enterprise
    solutions. Commercial enterprise solutions were developed around the corporate model of
    computing, including a single or a few domains, data centers, or networks. In contrast, the
    DoD’s infrastructure is significantly more fractured, decentralized, and complex—including
    security domains.

    This is the key to the leverage a simple signature that can be easily developed once and then used
    securely across enterprises, in all networks and domains, with little training and no changes
    to security, networks, or infrastructure.

    Download PDF

    Share This: