DISA to deliver web-browsing protection to 1.5M users

The Defense Information Systems Agency is moving into production for its $199 million cloud-based internet security tool, aiming to migrate 1.5 million users in the first year.

protected laptop (La1n/Shutterstock.com)

The Defense Department's IT agency is beginning production on its tool that allows internet users to browse without exposing DOD's network to cyber vulnerabilities on non-government websites.

The Defense Information Systems Agency awarded its first other transaction authority production contract for $199 million to By Light Professional IT Services to support its cloud-based internet isolation (CBII) pilot program, the agency announced August 19.

DISA previously indicated it wanted to scale the program from the initial 100,000 users to 3.5 million as the Defense Department has embraced telework on unprecedented levels this year to cope with COVID-19 pandemic..

DISA is moving its users first before other DOD organizations, Sherri Sokol, CBII's program manager told reporters Sept. 3. A total of 1.5 million users are planned for migration in the first year of production.

Steve Wallace, systems innovation scientist for DISA's Emerging Technology Directorate, said the agency will look at bandwidth savings and the number of cybersecurity vulnerabilities avoided to measure the program's success.

Wallace said the tool allows DISA to actively see how much bandwidth a user is taking up and allows for a "much deeper view into the user's interactions with websites and the internet," including domains or sites that were good once initially clicked but developed vulnerabilities from third-parties working in the background of a site.

"If that site goes from good to bad, we will have already isolated that user's interactions with the site," Wallace said.

CBII also helps manage content downloads, with an eye to reducing network congestion as well as providing safe surfing. "When a user clicks on a pdf or an office document or something like that, the CBII renders that document remotely and then if the user chooses to, then they can download it to their machine," Wallace said, adding that such downloads to the endpoint device dropped 70% with the tool.

In addition to new tracking capabilities, DISA is pleased with its first foray into OTAs with a program that required swift changes during a global emergency.

Sokol said being able to prototype with different organizations in DOD helped shape requirements and would be something, combined with the OTA use, DISA wants to keep using in the future.

"Some of our requirements changed because of the stress that was being put on the network and we were able to work through that with the vendors to meet our needs based on what was going on with the pandemic," said Vanessa McCollum, DISA's chief contracting officer for emerging technologies in the Defense Information Technology Center.