The defense IT agency has been crafting requirements for its foray into zero trust, called Thunderdome, and awarded Booz Allen Hamilton $6.8 million to develop a prototype leveraging software defined wide area networks.
The Defense Information Systems Agency is now one step closer to implementing a comprehensive zero trust architecture thanks to a $6.8 million award for a prototype.
The defense IT agency has been crafting requirements for its foray into zero trust, called Thunderdome, and awarded Booz Allen Hamilton the contract to prototype the architecture, according to a Jan. 25 news release.
The Thunderdome prototype is expected to be developed over the next six months, according to the announcement, and will focus on operational testing for implementing the agency's zero trust reference architecture. From there, the agency expects to develop an implementation strategy that feeds into and helps transition DOD await from the Joint Regional Security Stacks program.
Thunderdome has been described as the evolutionary next step for the embattled JRSS program, which suffered from latency and security concerns. The Defense Information Systems Agency is planning to synchronize JRSS and Thunderdome to assess requirements, spending and security needs and ability.
"JRSS isn't going away right away, it'll be here for some time. And what will happen is Thunderdome will cut into it over time. And eventually JRSS will transition to, you know, something else, which is the future of Thunderdome," said Maj. Gen. Garrett Yee, DISA's assistant to the director at a recent conference.
"Firewalls aren't going away; they're just going to different places in the system of systems that we have to defend," Yee said.
The Thunderdome project is expected to fundamentally change the organization, and the Defense Department writ large as its implementation affects several initiatives and offices.
"Thunderdome [is] absolutely going to change the way DISA does business," said Jason Martin, the director for DISA's Digital Capabilities and Security Center, during a recent conference, noting that the project would impact identity control and access management, command and control infrastructure using software defined-wide area networks, data centers and cloud use.
"So you know, when you really think about a major project like that we are truly touching and collaborating with everyone and everything across not only the agency, but the department."