The US Defense Department is expanding its exclusive arrangement with McAfee, whose security software is at the heart of the military's cybersecurity efforts.
McAfee was selected three years ago for the Department of Defense's Host Based Security System (HBSS), which provides standard intrusion prevention and firewall capabilities for all military services.
Through the HBSS program, the Department of Defense is deploying McAfee's Host Intrusion Prevention and ePolicy Orchestrator software packages to centrally manage the security of more than 5 million servers, desktops and laptops.
"From a credibility perspective, this is a great deal for McAfee," says Usman Sindhu, a security and risk management analyst with Forrester Research. "For non-government entities, this brings out some of the capabilities of their solutions and shows that their products have been put to a rigorous test."
Indeed, the US military is now the world's largest customer of McAfee's software.
"The scale is immense," says Tom Conway, director of federal business development at McAfee. "DoD will spend well over $100 million on this five-year program."
McAfee recently announced that it had received a $9.7 million order to deploy HBSS on the Air Force's portion of the Defense Department's classified network, known as the Secret Internet Protocol Router Network (SIPRNet.)
McAfee and its partner Northrop Grumman have already installed the HBSS software suite on the Air Force's Non-Classified Internet Protocol Router Network (NIPRNet). McAfee says it deployed the Department of Defense's HBSS solution on more than 500,000 hosts in a six-month period for the Air Force's NIPRNet contract.
"This was the largest and fastest single McAfee HIPS deployment that McAfee has undertaken to date worldwide," McAfee said in a statement.
The latest Air Force contract also will include McAfee's VirusScan Enterprise, Anti-spyware Enterprise and Policy Auditor software. These packages will bolster the security of SIPRNet, which carries classified tactical and operational communications between the Air Force and the other military services.
"The Air Force has been the most aggressive in rolling this HBSS software out. They've shown that this can be done very rapidly if the leadership pushes it," Conway says. "The [HBSS] software is delivering two benefits to the Air Force: They have more cyber protection, and the tools are providing them with a lot more situational awareness."
The Air Force is using the HBSS solution – dubbed Version 3.0 – to upgrade the security of SIPRNet services at 263 Air Force and Air National Guard sites around the world.
"The HBSS system provides system administrators with significant improvement in situational awareness…and it reduces or eliminates the effectiveness of cyber attacks," says Herb Galindo, Department Manager, Central Region, Northrop Grumman Information Systems. "HBSS also supports a [Defense Information Systems Agency] initiative to have the ability to collect and correlate alarms as cyberattacks occur."
The latest Air Force order will cover the cost of installing, configuring, testing, documenting and training Air Force personnel worldwide on the operation of the HBSS 3.0 software suite. The work will be completed by September 2010, Galindo says.
"The Air Force is pretty far ahead of the other services in HBSS deployment," Conway says. "They're about 90% deployed for NIPRNet. The other services are at 60% to 65%. But they have locations that are harder to get to, such as Navy ships that don't get into port that often or Army camps in Afghanistan."
Conway says ePolicy Orchestrator gives the military a modular architecture that they can use to support additional security capabilities in the future.
"DoD will have a management framework that they can further leverage," Conway says. "DoD now has a common operational management platform if they decide to do network access control or whole disk encryption. McAfee has 75 third-party companies whose products can be managed through this platform."
McAfee's relationship with the Defense Department is leading to improvements in the company's commercial offerings, Conway says. For example ePolicy Orchestrator now features a three-tiered architecture that was required by the military.
"Before we really didn't need anything more than a two-tier architecture because our largest installations were 200,000 or 300,000 nodes. But when you're dealing with 5 million to 7 million nodes, you really need a three-tier architecture," Conway says. "For the DoD, Tier 1 can be the U.S. Cyber Command. Tier 2 is the Air Force, and Tier 3 is the base. Security policies can roll from the top down, while situational awareness moves from bottom up. We added that feature specifically because the DoD needed it."
Sindhu called ePolicy Orchestrator a "well-tested" management platform, and says all of McAfee's customers will benefit from any improvements that are made to this product as a result of the Defense Department's large-scale deployment of it.
"The DoD being very stringent and much more stringent than the regular enterprise requirements can validate how well the McAfee products work,"89 Sindhu says. "If working with DoD ends up enhancing their product set, that's good for their architectural blueprint."
Sindhu says McAfee has been ahead of Symantec, Sophos and other rivals in terms of creating a modular security management framework.
"McAfee customers don't have to pay a huge premium for every single service or technology they want to add on," Sindhu says. "It's good for the customers because they don't have to do forklift upgrades."
Conway says McAfee has been leveraging its relationship with the U.S. military to win business at other federal agencies, including the Department of Homeland Security and the Department of Veterans Affairs.
"DoD has helped us immensely with our commercial clients, too," Conway says. "It's a great reference point for us that the DoD is standardising on us, and that they've put us through some unique security [tests]."