DISA wants to scale web-browsing protection pilot

The Defense Information Systems Agency has expanded use of a web-browsing pilot that protects DOD’s networks via cloud-based internet isolation. Production is expected to begin this summer.

cloud security (vectorplus/Shutterstock.com)

Defense Department personnel, like much of the U.S. workforce, have shifted to telework when possible to help slow coronavirus infections -- but those shifts have added cyber challenges to DOD networks. To combat that, the Defense Information Systems Agency has sped up use of its web-browsing pilot that protects networks by putting space between enterprise networks and the internet.

Since DOD issued its maximum telework orders in March, use of the cloud-based internet isolation pilot has increased threefold, a DISA spokesperson confirmed to FCW. The program, which helps isolate about a third of internet-based threats via an air gap between DOD’s networks and web browsing, was originally built for 100,000 users and is expected to eventually scale to 3.5 million DODIN users, reported GCN, FCW’s sibling site.

However, since coronavirus-driven social distancing efforts took hold in mid-March, DISA’s pilot has scaled 327% and is expected to keep growing, a DISA spokesperson told FCW via email. That growth has yielded a 25% reduction in “what reaches the endpoint, versus what source code is sent to the vendor cloud through native web browsing.”

That reduction jumps to about 40% for bandwidth-heavy services, such as video streaming. DOD has limited audio and video streaming to mission-critical activities after seeing an increase in cyber attacks that correlated with a spike in use of services like YouTube and Pandora. DISA has also provided telework guidance for employees to enhance “strong cyber and operational security awareness” and updates IT systems to block new malware and emerging threats, DISA officials said.

Steve Wallace, DISA’s system information scientist for the emerging technology directorate, told FCW the pilot will move to production this summer, which will make the capability available to all of DOD.

“Our plan is to move the program from pilot to production in the next 2 to 3 months,” Wallace said. “Production will open the capability up for the entire department with migration starting immediately thereafter.”

“We have a lot of lessons learned out of the pilot that will aid in the deployment of a production capability and we continue to incorporate mission partner feedback in order to meet their needs,” he added. “DISA has learned a tremendous amount from the prototype that we are leveraging in our selection.”