Pentagon expands exclusive deal with McAfee

Air Force places US$9.7M order; U.S. military is McAfee's largest customer

The U.S. Defense Department is expanding its exclusive arrangement with McAfee, whose security software is at the heart of the military's cybersecurity efforts.

The six greatest threats to US cybersecurity

McAfee was selected three years ago for the Department of Defense's Host Based Security System (HBSS), which provides standard intrusion prevention and firewall capabilities for all military services.

Through the HBSS program, the Department of Defense is deploying McAfee's Host Intrusion Prevention and ePolicy Orchestrator software packages to centrally manage the security of more than 5 million servers, desktops and laptops.

"From a credibility perspective, this is a great deal for McAfee," says Usman Sindhu, a security and risk management analyst with Forrester Research. "For non-government entities, this brings out some of the capabilities of their solutions and shows that their products have been put to a rigorous test."

Indeed, the U.S. military is now the world's largest customer of McAfee's software.

"The scale is immense," says Tom Conway, director of federal business development at McAfee. "DoD will spend well over $100 million on this five-year program."

McAfee recently announced that it had received a $9.7 million order to deploy HBSS on the Air Force's portion of the Defense Department's classified network, known as the Secret Internet Protocol Router Network (SIPRNet.)

McAfee and its partner Northrop Grumman have already installed the HBSS software suite on the Air Force's Non-Classified Internet Protocol Router Network (NIPRNet). McAfee says it deployed the Department of Defense's HBSS solution on more than 500,000 hosts in a six-month period for the Air Force's NIPRNet contract.

"This was the largest and fastest single McAfee HIPS deployment that McAfee has undertaken to date worldwide," McAfee said in a statement.

The latest Air Force contract also will include McAfee's VirusScan Enterprise, Anti-spyware Enterprise and Policy Auditor software. These packages will bolster the security of SIPRNet, which carries classified tactical and operational communications between the Air Force and the other military services.

"The Air Force has been the most aggressive in rolling this HBSS software out. They've shown that this can be done very rapidly if the leadership pushes it," Conway says. "The [HBSS] software is delivering two benefits to the Air Force: They have more cyber protection, and the tools are providing them with a lot more situational awareness."

The Air Force is using the HBSS solution – dubbed Version 3.0 – to upgrade the security of SIPRNet services at 263 Air Force and Air National Guard sites around the world.

"The HBSS system provides system administrators with significant improvement in situational awareness…and it reduces or eliminates the effectiveness of cyber attacks," says Herb Galindo, Department Manager, Central Region, Northrop Grumman Information Systems. "HBSS also supports a [Defense Information Systems Agency] initiative to have the ability to collect and correlate alarms as cyberattacks occur."

The latest Air Force order will cover the cost of installing, configuring, testing, documenting and training Air Force personnel worldwide on the operation of the HBSS 3.0 software suite. The work will be completed by September 2010, Galindo says.

"The Air Force is pretty far ahead of the other services in HBSS deployment," Conway says. "They're about 90% deployed for NIPRNet. The other services are at 60% to 65%. But they have locations that are harder to get to, such as Navy ships that don't get into port that often or Army camps in Afghanistan."

Conway says ePolicy Orchestrator gives the military a modular architecture that they can use to support additional security capabilities in the future.

"DoD will have a management framework that they can further leverage," Conway says. "DoD now has a common operational management platform if they decide to do network access control or whole disk encryption. McAfee has 75 third-party companies whose products can be managed through this platform."

McAfee's relationship with the Defense Department is leading to improvements in the company's commercial offerings, Conway says. For example ePolicy Orchestrator now features a three-tiered architecture that was required by the military.

"Before we really didn't need anything more than a two-tier architecture because our largest installations were 200,000 or 300,000 nodes. But when you're dealing with 5 million to 7 million nodes, you really need a three-tier architecture," Conway says. "For the DoD, Tier 1 can be the U.S. Cyber Command. Tier 2 is the Air Force, and Tier 3 is the base. Security policies can roll from the top down, while situational awareness moves from bottom up. We added that feature specifically because the DoD needed it."

Sindhu called ePolicy Orchestrator a "well-tested" management platform, and says all of McAfee's customers will benefit from any improvements that are made to this product as a result of the Defense Department's large-scale deployment of it.

"The DoD being very stringent and much more stringent than the regular enterprise requirements can validate how well the McAfee products work,"89 Sindhu says. "If working with DoD ends up enhancing their product set, that's good for their architectural blueprint."

Sindhu says McAfee has been ahead of Symantec, Sophos and other rivals in terms of creating a modular security management framework.

"McAfee customers don't have to pay a huge premium for every single service or technology they want to add on," Sindhu says. "It's good for the customers because they don't have to do forklift upgrades."

Conway says McAfee has been leveraging its relationship with the U.S. military to win business at other federal agencies, including the Department of Homeland Security and the Department of Veterans Affairs.

"DoD has helped us immensely with our commercial clients, too," Conway says. "It's a great reference point for us that the DoD is standardizing on us, and that they've put us through some unique security [tests]."

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags mcafeepentagon

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Carolyn Duffy Marsan

Network World
Show Comments

Most Popular Reviews

Latest News Articles


PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?