HostBased Security System HBSS - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

HostBased Security System HBSS

Description:

AVERAGE AVERAGE. ESTIMATED DEGREE OF. MANHOURS DIFFICULTY ... Degree of Difficulty: 1-Very 2-Above Average 3-Average 4-Below Average 5-Minimal ... – PowerPoint PPT presentation

Number of Views:3224
Avg rating:3.0/5.0
Slides: 13
Provided by: wary
Category:

less

Transcript and Presenter's Notes

Title: HostBased Security System HBSS


1
Track 4 LandWarNet Network Operations (NetOps)
Host-Based Security System (HBSS)
Session 6 22 August 2007/1430-1530
Mr. Mike Spragg NETCOM/9th SC(A), ESTA/OSCI/ENPD
2
Track 4, Session 6 HBSS
  • PURPOSE To discuss the HBSS capability and the
    purpose that it serves the Army.
  • OBJECTIVES By the end of this brief you will
    know the
  • Background behind HBSS 
  • Planning required for implementation
  • HBSS components
  • DISA and Army roles
  • Training currently available
  • Army implementation timeline

3
  • HBSS Selected for Enterprise-Wide Solution
  • DoD IA/CND Enterprise-Wide Solutions Steering
    Group (ESSG)
  • Tasked DISA to procure a DoD enterprise-wide
    automated, standardized tool to provide
    end-point, or host-based security, against both
    insider threats and external threats that are
    able to penetrate boundary defenses or enter
    through backdoors.
  • History
  • Initial Contract Awarded March 2006
  • BAE Systems (Prime), McAfee, Inc (Sub)
  • HBSS Pilot April 2006 Present
  • JTF-GNO Warning Order July 2007
  • Enterprise-Wide Implementation August 2007
    (Tent)
  • NETCOM/ESTA Enterprise Network Planning Division
    (ENPD) has the overall lead for the Army-wide
    HBSS implementation.

4
  • HBSS supports two AENIA capabilities Anti-Virus,
    Host Intrusion Prevention System
  • HBSS Deployment Objectives
  • 100 of all Enterprise NIPRNet and SIPRNet
    workstations will have HBSS installed.
  • 100 of all Enterprise NIPRNet and SIPRNet
    servers will have HBSS installed or a have a
    coverage plan.
  • NIPRNet deployment will be pushed first, but both
    can be done simultaneously.
  • All Army echelons will have trained and certified
    HBSS users
  • One full cycle of captured INFOCON data

5
  • HBSS Capabilities
  • Provides defense-in-depth
  • Protects host machines from exploits and
    malicious activity
  • Provides centralized management of host-based
    capabilities
  • Up to 60,000 hosts from one manager
  • Automated support for INFOCON baselining (SD
    527-1)
  • Centrally managed Host-Based Firewall System
  • Centrally managed Host-Based Intrusion Prevention
    System (HIPS)
  • Robust Buffer Overflow protection
  • Signature and behavioral based IPS
  • Application monitor
  • Protects against system degradation

6
  • HBSS Enterprise Planning
  • Requirements needed prior to implementation
  • Network Diagrams (to include bandwidth)
  • Site Surveys
  • Implementation Design Plan
  • HBSS Implementation Goals
  • To have the Army Global Network Operation and
    Support Center (A-GNOSC) and the Theater Network
    Operation and Support Centers (TNOSC) manage HBSS
    at the Army Echelon level.
  • ePO server placement
  • Dependent upon host count, host locations,
    bandwidth, and manpower
  • Note Focus is to implement HBSS on the NIPRNET
    first, then follow-up with
    implementation on the SIPRNET.

7
  • HBSS Pilot Manpower Survey Results
  • AVERAGE AVERAGE
  • ESTIMATED DEGREE OF
  • MANHOURS DIFFICULTY
  • Deployment Configuration of the ePO
    Server 71.94 2.38
  • Population of Hosts from the ePO
    Server 37.03 2.94
  • Deployment of the CMA 27.84 2.88
  • Creation of Distributed Repositories 17.25 3.25
  • Configuring HIPs Policy 35.00 2.00
  • Deploying the HIPs and INFOCON Modules 13.13 2.9
    3
  • Managing and Researching IPS Events in ePO 23.27
    per week 2.47
  • Regular Maintenance of ePO Server 7.08 per
    week
  • Degree of Difficulty 1-Very 2-Above Average
    3-Average 4-Below Average 5-Minimal

As of 25 FEB 07
8
  • DISA Provisions
  • ePO Servers Warranty
  • SQL Servers Licensing
  • HBSS Software (Ghost images)
  • Help Desk Support
  • 24x7 Tier 1 and Tier 2 support with backup
    technical support from FSO team
  • 24x7 Tier 3 support with vendor
  • Army Provisions
  • Backup ePO Servers
  • Distributed Repositories (as needed)
  • Engineering and Installation Support

9
  • HBSS Classroom Training Course
  • This three-day course is a System Administrator
    level, hands-on, open-book tested course that
    will cover the installation, configuration and
    operation of the HBSS solution.
  • HBSS 101 Online Training
  • Course provides an overview, features,
    capabilities and benefits of deploying HBSS on
    your networked systems. Training available on the
    DoD AKO IA Portal.
  • HBSS Training Schedule
  • PACOM August 2007 (2 classes)
  • KOREA October 2007
  • EUR November 2007
  • SWA November 2007

10
  • Tactical Pilot Site Determined
  • PM TRCS will host a tactical pilot for HBSS. The
    tactical pilot will test the functionality of the
    HBSS components and its ability to communicate
    effectively over the tactical network.
  • Tactical Pilot Testing Schedule
  • HBSS Training June 2007
  • Establish Tactical Test Plan June-July 2007
  • Prepare for Testing July - August 2007
  • Start Testing August 2007
  • Conclude Testing August 2007

11
  • Conceptual Army-Wide Deployment Schedule

3rdQ-FY07 - Korea Theater 4thQ-FY07 -
Southwest Asian Theater 4thQ-FY07 - Europe
Theater 1stQ-FY08 - Pacific Theater 2ndQ-FY08 -
CONUS Theater 4thQ-FY08 - Functional
NOSCs FY09-FY10 - Tactical Environment
12
  • HBSS POCs for the Army
  • LTC Richard Turner, Ch NetOps Implementation
  • Comm 520-538-8903 DSN 879-8903
  • richard.j.turner_at_us.army.mil
  • Cathleen Vetter, HBSS Project Lead
  • Comm 520-538-8026 DSN 879-8026
  • cathleen.vetter_at_us.army.mil
  • HBSS related Web Sites
  • https//gesportal.dod.mil/sites/HBSS-Program/defau
    lt.aspx
  • https//powhatan.iiie.disa.mil/tools/hbss/index.ht
    ml
  • https//www.us.army.mil/suite/page/399876
Write a Comment
User Comments (0)
About PowerShow.com