Pentagon expands exclusive deal with McAfee

Air Force places US$9.7M order; U.S. military is McAfee's largest customer

The U.S. Defense Department is expanding its exclusive arrangement with McAfee, whose security software is at the heart of the military's cybersecurity efforts.

The six greatest threats to US cybersecurity

McAfee was selected three years ago for the Department of Defense's Host Based Security System (HBSS), which provides standard intrusion prevention and firewall capabilities for all military services.

Through the HBSS program, the Department of Defense is deploying McAfee's Host Intrusion Prevention and ePolicy Orchestrator software packages to centrally manage the security of more than 5 million servers, desktops and laptops.

"From a credibility perspective, this is a great deal for McAfee," says Usman Sindhu, a security and risk management analyst with Forrester Research. "For non-government entities, this brings out some of the capabilities of their solutions and shows that their products have been put to a rigorous test."

Indeed, the U.S. military is now the world's largest customer of McAfee's software.

"The scale is immense," says Tom Conway, director of federal business development at McAfee. "DoD will spend well over $100 million on this five-year program."

McAfee recently announced that it had received a $9.7 million order to deploy HBSS on the Air Force's portion of the Defense Department's classified network, known as the Secret Internet Protocol Router Network (SIPRNet.)

McAfee and its partner Northrop Grumman have already installed the HBSS software suite on the Air Force's Non-Classified Internet Protocol Router Network (NIPRNet). McAfee says it deployed the Department of Defense's HBSS solution on more than 500,000 hosts in a six-month period for the Air Force's NIPRNet contract.

"This was the largest and fastest single McAfee HIPS deployment that McAfee has undertaken to date worldwide," McAfee said in a statement.

The latest Air Force contract also will include McAfee's VirusScan Enterprise, Anti-spyware Enterprise and Policy Auditor software. These packages will bolster the security of SIPRNet, which carries classified tactical and operational communications between the Air Force and the other military services.

"The Air Force has been the most aggressive in rolling this HBSS software out. They've shown that this can be done very rapidly if the leadership pushes it," Conway says. "The [HBSS] software is delivering two benefits to the Air Force: They have more cyber protection, and the tools are providing them with a lot more situational awareness."

The Air Force is using the HBSS solution – dubbed Version 3.0 – to upgrade the security of SIPRNet services at 263 Air Force and Air National Guard sites around the world.

"The HBSS system provides system administrators with significant improvement in situational awareness…and it reduces or eliminates the effectiveness of cyber attacks," says Herb Galindo, Department Manager, Central Region, Northrop Grumman Information Systems. "HBSS also supports a [Defense Information Systems Agency] initiative to have the ability to collect and correlate alarms as cyberattacks occur."

The latest Air Force order will cover the cost of installing, configuring, testing, documenting and training Air Force personnel worldwide on the operation of the HBSS 3.0 software suite. The work will be completed by September 2010, Galindo says.

"The Air Force is pretty far ahead of the other services in HBSS deployment," Conway says. "They're about 90% deployed for NIPRNet. The other services are at 60% to 65%. But they have locations that are harder to get to, such as Navy ships that don't get into port that often or Army camps in Afghanistan."

Conway says ePolicy Orchestrator gives the military a modular architecture that they can use to support additional security capabilities in the future.

"DoD will have a management framework that they can further leverage," Conway says. "DoD now has a common operational management platform if they decide to do network access control or whole disk encryption. McAfee has 75 third-party companies whose products can be managed through this platform."

McAfee's relationship with the Defense Department is leading to improvements in the company's commercial offerings, Conway says. For example ePolicy Orchestrator now features a three-tiered architecture that was required by the military.

"Before we really didn't need anything more than a two-tier architecture because our largest installations were 200,000 or 300,000 nodes. But when you're dealing with 5 million to 7 million nodes, you really need a three-tier architecture," Conway says. "For the DoD, Tier 1 can be the U.S. Cyber Command. Tier 2 is the Air Force, and Tier 3 is the base. Security policies can roll from the top down, while situational awareness moves from bottom up. We added that feature specifically because the DoD needed it."

Sindhu called ePolicy Orchestrator a "well-tested" management platform, and says all of McAfee's customers will benefit from any improvements that are made to this product as a result of the Defense Department's large-scale deployment of it.

"The DoD being very stringent and much more stringent than the regular enterprise requirements can validate how well the McAfee products work,"89 Sindhu says. "If working with DoD ends up enhancing their product set, that's good for their architectural blueprint."

Sindhu says McAfee has been ahead of Symantec, Sophos and other rivals in terms of creating a modular security management framework.

"McAfee customers don't have to pay a huge premium for every single service or technology they want to add on," Sindhu says. "It's good for the customers because they don't have to do forklift upgrades."

Conway says McAfee has been leveraging its relationship with the U.S. military to win business at other federal agencies, including the Department of Homeland Security and the Department of Veterans Affairs.

"DoD has helped us immensely with our commercial clients, too," Conway says. "It's a great reference point for us that the DoD is standardizing on us, and that they've put us through some unique security [tests]."

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Carolyn Duffy Marsan

Network World
Topics: mcafee, pentagon
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
Use WhistleOut's technology to compare:
Mobile phone plans & deals
Mobile phone models
Mobile phone carriers
Broadband plans & deals
Broadband providers
Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?