DOD tests and deploys upgraded JRSS
The Navy and other U.S. military services are now conducting an operational assessment of the Joint Regional Security Stacks to ensure its defensive capability
The Navy is now assessing its implementation of its Joint Regional Security Stacks data consolidation and interoperability initiative by subjecting data networks to a wide range of attack scenarios, emerging threats and operational conditions.
“The Navy is moving forward with a plan to test JRSS to ensure that our JRSS stack includes what will become the next generation network,” Rear Adm. Danelle Barrett told Defense Systems.
The Navy’s JRSS activities, Barrett said, directly correspond to a broader DOD initiative to conduct an operational assessment of the maturity of JRSS technologies, people and processes. The assessment is now being conducted by the Joint Interoperability Test Command (JITC), Barrett explained.
“The testing of JRSS utilizes a succession of events that encompass all levels and types of testing performed during the lifecycle of a version. The test results will be used to inform fielding decisions,” Barrett said. “JITC will observe participating organizations' actions in response to JRSS failovers. A full adversarial assessment will also be conducted using multiple attack vectors.”
The Army, Air Force and Defense Information Systems Agency (DISA) Global will be assessed while conducting their missions, to ensure JRSS meets requirements, she explained.
JITC will execute the assessment by observing elements of the Army, Air Force, and DISA Global during their execution of their Network Operations, Defensive Cyber Operations, situational awareness, and their Cybersecurity Service Provider mission sets, Navy officials explained.
“We need to be able to detect anomalies and assess vulnerabilities. Adversaries are becoming increasingly creative,” Barrett said.
Barrett added that multiple hardware and software defense, such as effective perimeter security measures and defensive tactics, techniques and procedures, are needed for networks to remain resilient and keep operating when confronted with attacks.
Industry has been working closely with the Pentagon on a number of key JRSS efforts, including increasing computer automation, AI, data security and movement to the cloud. JRSS is also prompting greater incorporation of commercially available technology, such as increased use of Windows 10, according to senior DOD officials.
JRSS is also fundamentally designed to increase data security by way of expedited consolidation and adjusted protocols.
The security of the network is centralized into regional architectures instead of locally distributed systems at each military base or post, according to the Defense Information Systems Agency (DISA).
“Deploying JRSS enables the department to inspect data, retrieve threat and malware data on the network and troubleshoot, patch, protect and defend the network,” a DISA statement said.
DISA is developing and delivering JRSS in three capability releases, Barret said. JRSS version (v)1.0 consists primarily of commercial-off-the-shelf defensive cybersecurity products tailored to meet the Army's life-cycle replacement of its top-level architecture security stacks, Navy developers said.
JRSS v1.5 provides the Air Force gateway defensive capabilities and introduces JRSS enterprise management with transformative capabilities, such as full packet capture and analyses. JRSS v2.0 will provide Navy gateway defensive capabilities.
The Army first began migrating and has 23 regional JRSS locations; 291 base, post camp and station installations; and 45 Army organizations moved to JRSS, with nine stacks passing traffic.
Rear Adm. Barrett’s office provided details regarding current and anticipated JRSS integration.
The Air Force has migrated network operations to four of the initial stateside JRSS locations at operational capacity - Joint Base San Antonio, Texas; Oklahoma City; Montgomery, Alabama; and Fort Bragg, North Carolina, U.S. military officials explained.
The Navy is now actively pursuing its first two of eighteen migrations of non-enterprise networks to JRSS V1.5. Navy enterprise networks are scheduled to follow beginning in 4th quarter of 2019, Barrett’s office said.