November 18, 2009, 6:40 PM — The U.S. Defense Department is expanding its exclusive arrangement with McAfee, whose security software is at the heart of the military's cybersecurity efforts.
The six greatest threats to US cybersecurity
McAfee was selected three years ago for the Department of Defense's Host Based Security System (HBSS), which provides standard intrusion prevention and firewall capabilities for all military services.
Through the HBSS program, the Department of Defense is deploying McAfee's Host Intrusion Prevention and ePolicy Orchestrator software packages to centrally manage the security of more than 5 million servers, desktops and laptops.
"From a credibility perspective, this is a great deal for McAfee," says Usman Sindhu, a security and risk management analyst with Forrester Research. "For non-government entities, this brings out some of the capabilities of their solutions and shows that their products have been put to a rigorous test."
Indeed, the U.S. military is now the world's largest customer of McAfee's software.
"The scale is immense," says Tom Conway, director of federal business development at McAfee. "DoD will spend well over $100 million on this five-year program."
McAfee recently announced that it had received a $9.7 million order to deploy HBSS on the Air Force's portion of the Defense Department's classified network, known as the Secret Internet Protocol Router Network (SIPRNet.)
McAfee and its partner Northrop Grumman have already installed the HBSS software suite on the Air Force's Non-Classified Internet Protocol Router Network (NIPRNet). McAfee says it deployed the Department of Defense's HBSS solution on more than 500,000 hosts in a six-month period for the Air Force's NIPRNet contract.
"This was the largest and fastest single McAfee HIPS deployment that McAfee has undertaken to date worldwide," McAfee said in a statement.
The latest Air Force contract also will include McAfee's VirusScan Enterprise, Anti-spyware Enterprise and Policy Auditor software. These packages will bolster the security of SIPRNet, which carries classified tactical and operational communications between the Air Force and the other military services.
"The Air Force has been the most aggressive in rolling this HBSS software out. They've shown that this can be done very rapidly if the leadership pushes it," Conway says. "The [HBSS] software is delivering two benefits to the Air Force: They have more cyber protection, and the tools are providing them with a lot more situational awareness."
The Air Force is using the HBSS solution – dubbed Version 3.0 – to upgrade the security of SIPRNet services at 263 Air Force and Air National Guard sites around the world.
"The HBSS system provides system administrators with significant improvement in situational awareness…and it reduces or eliminates the effectiveness of cyber attacks," says Herb Galindo, Department Manager, Central Region, Northrop Grumman Information Systems. "HBSS also supports a [Defense Information Systems Agency] initiative to have the ability to collect and correlate alarms as cyberattacks occur."
The latest Air Force order will cover the cost of installing, configuring, testing, documenting and training Air Force personnel worldwide on the operation of the HBSS 3.0 software suite. The work will be completed by September 2010, Galindo says.
"The Air Force is pretty far ahead of the other services in HBSS deployment," Conway says. "They're about 90% deployed for NIPRNet. The other services are at 60% to 65%. But they have locations that are harder to get to, such as Navy ships that don't get into port that often or Army camps in Afghanistan."
Conway says ePolicy Orchestrator gives the military a modular architecture that they can use to support additional security capabilities in the future.
"DoD will have a management framework that they can further leverage," Conway says. "DoD now has a common operational management platform if they decide to do network access control or whole disk encryption. McAfee has 75 third-party companies whose products can be managed through this platform."
McAfee's relationship with the Defense Department is leading to improvements in the company's commercial offerings, Conway says. For example ePolicy Orchestrator now features a three-tiered architecture that was required by the military.
