DISA Outlines Plans to Wall Off the Public Internet


The agency extended the deadlines for vendors to submit white papers for the cloud-based system.

The Defense Department is giving industry more time to come up with plans to quarantine the agency’s internal networks using the cloud.

The Defense Information Systems Agency on Tuesday extended the deadline for vendors to submit white papers on how to build a cloud-based system that cuts off agency networks from the public web while still allowing employees to access the internet. The tech would close many of the digital doorways hackers and other online bad actors use to attack the Department of Defense Information Network, or DODIN, according to the solicitation.

The new deadline for proposals is Dec. 14.

More than one-third of cyber threats directed at the Pentagon come through web browsers, officials said, and the department spends tens of millions of dollars protecting its networks against those attacks.

But under the proposed system, all internal web browsing would be redirected to remote servers located in federal data centers, essentially creating a digital moat around the agency.

“The … capability, which has been used in the commercial sector to isolate internet traffic, will mitigate the threats and free up the bandwidth capacity,” officials said. “However, it has never been implemented at scale in any [Defense Department] entity or component.”

After evaluating white papers, a handful of vendors will be selected to present their proposals to department leaders. The Pentagon plans to award two prototype other transaction agreements to those with the most promising solutions.

The prototype would only be required to handle 100,000 users at any one time. Vendors would use feedback from the first iteration to scale the system to the entire enterprise, officials said.

Ultimately, the agency expects the system to handle more than 3 million users at any given time, according to the initial request for information. It must also support all approved agency browsers and authentication tools, offer the department a secure way to monitor users’ online activity, and allow officials to whitelist or blacklist sites based on geolocation, category and other factors.

The project comes as the Pentagon’s most recent effort to batten down the hatches on cybersecurity.

In 2015, the department made all web links in emails unclickable in an effort to prevent phishing attacks. In May, it banned cell phones, laptops, tablets and other devices that transmit and store data from all classified areas after a fitness app shared its users’ location data and inadvertently revealed overseas military bases.