US Air Force,
HURLBURT FIELD, Fla: Buying software to protect your home computer ensures it is safe from Internet viruses and hackers. When Air Force officials buy intrusion detection software for the service's computers, they don't browse through the aisles of the local computer store.
The Intrusion Detection Exploration Analysis team, a part of the Air Force Information Operations Center at Lackland Air Force Base, Texas, tests commercial software for the Air Force before it is purchased.
“In the IDEA lab, we use FANTOMNet, an in-house-developed traffic generation suite that provides real, non-random, repeatable traffic across any given assessment network,” said Rob Coursey, IDEA facility lead engineer. “We strive to demonstrate to the requesting agency how a given system or piece of software might be able to monitor or operate in its worst case environment.”
This type of testing ensures that the product will meet the needs of the agency and at the same time validate that the vendor claims are accurate. The results provide decision makers with a full picture of what a device can actually do before it is purchased and fielded.
The IDEA lab technicians examine a wide variety of network security devices that include high speed intrusion detection/prevention systems, virtual private network or vpn solutions, host-based security solutions and centralized alert management solutions.
“In short, we are flexible enough to support just about any given assessment request,” said Mr. Coursey.
“What we do here gives us a better picture of the limits of our gateway security,” said Capt. Brian Lee, chief of Network Warfare Assessments. “It ensures computer information is safe and protected.”
The IDEA lab team has tested products for computer-centric agencies within AFIOC but also has done work with Army, Navy and National Security Agency departments.
One of their most notable tests was for the Air Force Communications Agency. AFCA is the lead agency for the Combat Information Transportation System. Officials there are creating an updated version of the current unclassified Internet system most users know as the Non-secure Internet Protocol Router Net or NIPRNET. CITS will reduce the number of gateways the Air Force has to the Internet. Currently there are more than a hundred gateways but that number will drop to 16 when the project is complete.
“The IDEA Lab's job is to assess the Intrusion Detection System that will reside in the 16 new gateways helping to protect the data within the Air Force's computer systems,” said Lt. Col. Edward Jakes, deputy director of AFIOC's Information Operations Directorate.
by 1st Lt. Ashley Conner
Air Force Information Operations Center Public Affairs
