16 septembre 2020 | International, Naval, Autre défense

Fewer Threats, More Bandwidth: DISA Awards $199M For Cloud Browsing

Leaving the browser and its history in a virtual environment spread across any number of servers makes it harder for adversaries to target the military's actual computers or tablets.

ALBUQUERQUE: The Defense Information Systems Agency awarded $198.9 million for a Cloud Based Internet Isolation contract to Menlo Security and By Light, the agency announced today. DISA hopes Menlo Security's tech can, by keeping downloads in the cloud, reduce harmful downloads across the entire Pentagon workforce. By keeping browsing inside the cloud, the program will save on bandwidth, and protect against the department's 3.5 million users accidentally downloading malware.

It is a kind of “air-gapping,” the style of computer security that keeps networks safe by making sure that computers are not physically connected at all times. Leaving the browser, and all its contained history, in a virtual environment in any of a number of servers makes it harder for adversaries, be they criminals, nonstate actors, or nations, to target the actual computers or tablets used by the military.

Internet browsing is mostly downloading files directly to the end-user's computer or mobile device. What the Cloud Based Internet Isolation (CBII) does is make sure that all that downloading happens, not on the end user's computer, but instead in a remotely secured server.

“The remote worker will perform the task of going to their net or an Internet based application, that fetch and execute,” Menlo Security VP Mike Fraga says. What is different is that, instead of downloading directly onto the user's device, “getting the information and actually queuing is done in a disposable container in Menlo cloud. And so then we replicate what's happening on the application or the internet down on a remote workers device.”

In essence, CBII promises to do all this while making the user experience virtually indistinguishable from having the browser directly running on the computer. Users are functionally interacting with an image of a browser window, instead of the browser itself, but that illusion should be imperceptible.

“That's going to significantly reduce the risk in the attack surface,” said By Light VP Jason Cole, “alleviating all the congestion at those Internet access points.”

For security purposes, this means that instead of monitoring all traffic for harm on every device, the Pentagon can instead look at the connection between computers and clouds. If a piece of malware was downloaded, it becomes a much smaller haystack of files for the forensics team to go through, since downloading to a computer becomes an active choice, instead of the passive function of browsing.

Many of the normal conveniences of browser-based functionality are continued within Menlo's cloud-based environment.

Instead of users having to log in anew to every site they visit every time they load the remote cloud, the software “maintains an encrypted cookie-jar in our cloud for each user that largely mirrors how the user's native browser handles cookies,” said Kowsik Guruswamy, Menlo Security CTO.

“When a user navigates to a site, Menlo injects the user's site-specific cookies into the isolated browser so they can stay logged in,” Guruswamy continued. “The encryption key for each user's cookie jar is stored in their own browser, such that only they can unlock the contents.”

Beyond the security of the environment, the move to cloud-based browsing also promises an overall savings in data use.

“We're estimating about a 20% bandwidth reduction for any general web browsing, but then a 50 to 70% bandwidth reduction for streaming media,” said Cole.

That savings is valuable everywhere, and is especially valuable in areas where bandwidth is already constrained, like on ships underway or at remote bases with low connectivity. Even in more domestic settings, the pandemic-induced shift to remote work often means users have to send data back through company-owned network infrastructure for security reasons, which eats up time in the process, and comes with risks.

“I think companies overall are struggling with not only the latency so that their end users can have a good experience to accomplish their job, but gaps in security based on all that backhauling, and there's some blind spots there,” said Fraga.

The servers are, like much of the cloud infrastructure available today, provided through Amazon Web Services. Menlo's approach is already in use with banks like JPMorgan Chase, HSBC, and AmEx.

“Isolation overall is an innovative technology,” said Fraga. Isolation, in the fashion promised by cloud-based browsing, is a preventative technology. It reduces the number of paths into computers, making it easier for other detection solutions to find the fewer threats that might slip through.

https://breakingdefense.com/2020/09/fewer-threats-more-bandwidth-disa-awards-199m-for-cloud-browsing/

Sur le même sujet

  • Industry Brings Robotic Vehicles To AUSA, Army Awarding Deals For Initial Prototypes Next Spring

    22 octobre 2019 | International, Terrestre

    Industry Brings Robotic Vehicles To AUSA, Army Awarding Deals For Initial Prototypes Next Spring

    By Matthew Beinart | The Army will release a prototype proposal request for the Robotic Combat Vehicle light and medium of variants before November and award contracts for test vehicles next spring, the lead official for the program told reporters on Monday. The push towards the next phase of the Army's effort to grow a robotic vehicle fleet arrives as vendors such as BAE Systems, Germany's Rheinmetall, as well as a team of Textron Systems [TXT], Howe & Howe and FLIR [FLR] all unveiled potential offerings at this week's Association of the United States Army conference in Washington, D.C. Brig. Gen. Ross Coffman, director of the Army's Next-Generation Combat Vehicle cross-functional team, detailed plans this week for the next phase of the RCV program, which he said would “revolutionize the way [the Army] fights in the future.” The Army will begin to solicit proposals for RCV-Light and RCV-Medium prototypes before the end of the month, with plans to hold a demonstration next March to put the platforms through a platoon-level operations experiment. Following the demonstration, the Army will then select one vendor to build four RCV-Ls and one vendor to build four RCV-Ms, according to Coffman. Those vehicles will then participate in a 2021 experiment going through company-level operations, before ultimately informing a 2023 decision on how the Army wants to construct its robotic vehicle fleet including the addition of an RCV-Heavy. Coffman has said previously that RCV is intended to eventually replace soldiers in dangerous tactical situations on the future battlefield with vehicles that are payload agnostic, semi-autonomous and integrated with a range of sensors and weapon systems (Defense Daily, Aug. 22). BAE Systems unveiled its Robotic Technology Demonstrator at AUSA, which has already participated in a recent demonstration with the Army on an outdoor test track in Sterling Heights, Michigan. “RTD is our way to go after that leap-ahead technology. We've designed it as rolling lab. Our intent is to keep developing this thing. This is a test platform that allows us to keep moving ahead,” Jim Miller, BAE Systems' senior director of business development, told reporters. “This is probably not going to be an RCV-L. It's probably the medium and it may lead us to a heavy option if that's where the Army continues to go.” Miller noted RTD uses a hybrid-electric drive, is currently integrated with a 30mm gun, and contains a range of sensor suites, including a 360-degree situational awareness system and the company's RAVEN soft-kill active protection system. The vehicle also includes a tethered UAS and a legged ground robot developed by Ghost Robotics. Rheinmetall brought its Wiesel Wingman configured toward the RCV-L path, which combines technology from its digitized Weasel platform, in use with the German Army, and the Mission Master unmanned ground vehicle. “That platform already exists in a digitized version. So throw out the hydraulics, the electronic kits inside, the drive-by-wire steering and electric transmission, and you combine it with the sensor and autonomy kit of the Mission Master and then you basically get a new vehicle that we call the Weasel Wingman,” Florian Reisch, director of business development and sales for Rheinmetall's American business, told Defense Daily. Basically you combine the Weasel platform that is able to hold the autonomy kit and then you basically get what the Army is looking for with robotic combat vehicles.” Reisch added that Rheinmetall could be interested in exploring the heavier RCV variants, listing potential options with the company's Lynx or Marder infantry fighting vehicles. “Of course we would be interested in the medium as well because we have different platforms available. We did have different research and development programs where we were modifying these platforms to basically enable them to carry a medium-caliber remote controlled turret. So that would be possible and we are looking at that.” The team of Textron, Howe & Howe and FLIR showcased the Ripsaw 5 platform at AUSA. The companies said it could be scaled down for RCV-L or up to a heavier version for RCV-M. “It's capable for both the RCV light and the RCV medium mission sets that the Army has put forward. What this does is it optimizes the superior value, the logistics, the mission outcome. We've got extraordinary modularity of performance. It's scalable with its high degree of reuse between the light and medium variants, and that just brings unmatched value to the team,” Lisa Atherton, Textron's CEO, told reporters during a teleconference last week. Geoff Howe, senior vice president of Howe & Howe, said the company is continuing to pursue additional technology additions for Ripsaw to grow capability for the robotic vehicle while the Army assesses its needs for a future unmanned fleet. “We are running a parallel program. Our program, we don't stop for anything. We're pushing forward with this technology we've advanced, and our plan is to meet the Army down the road with that parallel program. We're not waiting for anybody. We're pushing this development as far as we can,” Howe said. QinetiQ and Pratt & Miller also announced at AUSA a new partnership to offer a variant of the Expeditionary Modular Autonomous Vehicle (EMAV) for RCV. https://www.defensedaily.com/industry-brings-robotic-vehicles-ausa-army-awarding-deals-initial-prototypes-next-spring/army/

  • Canadian Suspect Arrested Over Snowflake Data Breach and Extortion Attacks

    5 novembre 2024 | International, C4ISR, Sécurité

    Canadian Suspect Arrested Over Snowflake Data Breach and Extortion Attacks

    Canadian authorities arrest Alexander "Connor" Moucka for alleged Snowflake breach linked to data extortion.

  • Big moves ahead on light tank, Bradley replacement and robot vehicles

    28 décembre 2023 | International, Sécurité

    Big moves ahead on light tank, Bradley replacement and robot vehicles

    Added firepower, better troop protection and robotic escorts add punch to ground combat.

Toutes les nouvelles