16 septembre 2020 | International, Naval, Autre défense
ALBUQUERQUE: The Defense Information Systems Agency awarded $198.9 million for a Cloud Based Internet Isolation contract to Menlo Security and By Light, the agency announced today. DISA hopes Menlo Security's tech can, by keeping downloads in the cloud, reduce harmful downloads across the entire Pentagon workforce. By keeping browsing inside the cloud, the program will save on bandwidth, and protect against the department's 3.5 million users accidentally downloading malware.
It is a kind of “air-gapping,” the style of computer security that keeps networks safe by making sure that computers are not physically connected at all times. Leaving the browser, and all its contained history, in a virtual environment in any of a number of servers makes it harder for adversaries, be they criminals, nonstate actors, or nations, to target the actual computers or tablets used by the military.
Internet browsing is mostly downloading files directly to the end-user's computer or mobile device. What the Cloud Based Internet Isolation (CBII) does is make sure that all that downloading happens, not on the end user's computer, but instead in a remotely secured server.
“The remote worker will perform the task of going to their net or an Internet based application, that fetch and execute,” Menlo Security VP Mike Fraga says. What is different is that, instead of downloading directly onto the user's device, “getting the information and actually queuing is done in a disposable container in Menlo cloud. And so then we replicate what's happening on the application or the internet down on a remote workers device.”
In essence, CBII promises to do all this while making the user experience virtually indistinguishable from having the browser directly running on the computer. Users are functionally interacting with an image of a browser window, instead of the browser itself, but that illusion should be imperceptible.
“That's going to significantly reduce the risk in the attack surface,” said By Light VP Jason Cole, “alleviating all the congestion at those Internet access points.”
For security purposes, this means that instead of monitoring all traffic for harm on every device, the Pentagon can instead look at the connection between computers and clouds. If a piece of malware was downloaded, it becomes a much smaller haystack of files for the forensics team to go through, since downloading to a computer becomes an active choice, instead of the passive function of browsing.
Many of the normal conveniences of browser-based functionality are continued within Menlo's cloud-based environment.
Instead of users having to log in anew to every site they visit every time they load the remote cloud, the software “maintains an encrypted cookie-jar in our cloud for each user that largely mirrors how the user's native browser handles cookies,” said Kowsik Guruswamy, Menlo Security CTO.
“When a user navigates to a site, Menlo injects the user's site-specific cookies into the isolated browser so they can stay logged in,” Guruswamy continued. “The encryption key for each user's cookie jar is stored in their own browser, such that only they can unlock the contents.”
Beyond the security of the environment, the move to cloud-based browsing also promises an overall savings in data use.
“We're estimating about a 20% bandwidth reduction for any general web browsing, but then a 50 to 70% bandwidth reduction for streaming media,” said Cole.
That savings is valuable everywhere, and is especially valuable in areas where bandwidth is already constrained, like on ships underway or at remote bases with low connectivity. Even in more domestic settings, the pandemic-induced shift to remote work often means users have to send data back through company-owned network infrastructure for security reasons, which eats up time in the process, and comes with risks.
“I think companies overall are struggling with not only the latency so that their end users can have a good experience to accomplish their job, but gaps in security based on all that backhauling, and there's some blind spots there,” said Fraga.
The servers are, like much of the cloud infrastructure available today, provided through Amazon Web Services. Menlo's approach is already in use with banks like JPMorgan Chase, HSBC, and AmEx.
“Isolation overall is an innovative technology,” said Fraga. Isolation, in the fashion promised by cloud-based browsing, is a preventative technology. It reduces the number of paths into computers, making it easier for other detection solutions to find the fewer threats that might slip through.
9 décembre 2023 | International, Aérospatial
China's aviation regulator's deputy head on Friday told a Boeing executive in Beijing the airplane maker was welcome to deepen its development in the Chinese market.
31 mars 2020 | International, Aérospatial
ByEd Adamczyk March 30 (UPI) -- The State Department approved a sale of upgrades to South Korea's F-16 fighter planes, the Defense Security Cooperation Agency said on Monday. The $194 million sale, expected to be approved by Congress, calls for South Korea to obtain Mode 5 Identification Friend or Foe equipment, known as IFF, and Link 16 Technical Datalink equipment for its F-16 Block 32 fleet. IFF, in use since the 1940s and improved regularly, identifies and tracks military aircraft, and Mode 5 is the most recent implementation of the system. It uses waveform modulation, coding, and cryptographic techniques to quickly determine the identity and heading of an aircraft. Link 16 is a military data link network allowing military ships and aircraft to share tactical picture of a situation in real time, and offers an offers an exchange of text messages, imagery data and two channels of digital voice transmission. Each system is currently in use by NATO countries. The proposed deal includes the sale of radios, Combined Interrogator Transponders, a Joint Mission Planning upgrade, secure voice modules, crypto fill devices, aircraft ferry support, training, integration support and test equipment, and contractor, engineering, technical and logistics support services. The Republic of Korea Air Force has 180 F-16s, in two variants. https://www.upi.com/Defense-News/2020/03/30/State-Dept-approves-194M-upgrade-deal-for-South-Koreas-F-16s
21 septembre 2021 | International, Aérospatial
How can the U.S. Air Force deliver on its ambitions despite increasing budget pressure, growing costs of sustainment, and long-deferred modernization?