Information Assurance: Cyber-defenders

Photo By Petty Officer 2nd Class Nathaniel Moger | Access Denied! J-6 Information Assurance runs proxies to protect Joint Task Force...... read more read more

Photo By Petty Officer 2nd Class Nathaniel Moger | Access Denied! J-6 Information Assurance runs proxies to protect Joint Task Force Guantanamo servers from malicious websites. IA defends JTF servers from internal and external threats while ensuring they comply with Defense Information Systems Agency, U.S. Army and U.S. Southern Command procedures and policies.  see less | View Image Page

GUANTANAMO BAY, CUBA

07.11.2008

Story by Petty Officer 2nd Class Nathaniel Moger 

Joint Task Force Guantanamo Public Affairs

✔ ✗ Subscribe

34

By Nathaniel Moger
Joint Task Force Guantanamo Public Affairs

GUANTANAMO BAY, Cuba - While troopers from all branches of the armed services are participating in the boots-on-the-ground war on terror, contributions to the effort can take many different forms. Ever since the days of "loose lips can sink ships" during World War II, keeping troop activity and planning away from the enemy has been just as important as executing missions properly.

In today's war, the enemy can be anywhere, at anytime, traversing internet connections and phone lines much more easily than they ever could over land, sea or air. The Information Assurance managers at Joint Task Force Guantanamo are the overseers and, at times, gatekeepers to the information on JTF networks.

"We essentially safeguard the networks to ensure that it's safe from outside threats," said Air Force Capt. Nicholas Jameson, JTF's IA manager. "We also make sure the users know how to be responsible. It overlaps very closely with OPSEC [operations security]."

Jameson's office divides its focus into two distinct missions: a strong defense and ensuring compliancy with command policies and procedures.

The defensive aspect is the stuff of movies. Terms usually reserved for the computer savvy heroes of futuristic cyber-thrillers are bandied about the same way acronyms are in the Pentagon.

"We're making sure that our network is patched and that users are trained," said Jameson. "We implement practices like locking the proxies to protect ourselves from adversaries and any viruses, Trojans or worms that could come through."

IA's biggest customer, the JTF's J-6, operates and maintains JTF servers, while IA handles the firewalls, proxies, anti-virus programs and the intrusion detection system. Jameson equates it to detention operations.

"There are layers of defense," said Jameson. "You can't just walk up and talk to a detainee. You need to go through different layers of security. The firewall is one of those layers. When info comes in from the outside world, the firewall validates whether that info is legal or not."

The proxy handles outgoing information and the intrusion detection system monitors the many different currents in the stream of information.

"[The proxy] is what stops JTF people from going to malicious websites," explained Jameson. "And if someone from the outside is trying to access our network through suspicious or unauthorized channels, the intrusion detection system will block it."

The anti-virus programs scan incoming information for viruses.

The other side of IA is making sure the JTF complies with the Defense Information Systems Agency, the U.S. Army and U.S. Southern Command's information and network policies.

"We certify and credit networks, saying they're legal to operate," said Jameson. "For instance, a user can't just go in and install an application. We need to make sure it's licensed and safe to go on the network."

It isn't all constant vigilance and blocking browsing. Dustin Robbins, who originally came to the JTF as a uniformed member of the Public Affairs Office in 2006, returned as a J-6 help desk civilian contractor before moving into IA. He thought one of the most interesting aspects of the job is balancing JTF bandwidth to accommodate both work and play.

"We have to maintain the integrity of the network, ensuring that bandwidth usage stays low enough that the military can conduct their business," said Robbins.

In the end, the members of the IA office have to play the bad guy and make unpopular decisions. However, this doesn't wear on them at all, since they know how much IA and OPSEC mean to such a high-profile command such as the JTF.

"We do have to play the bad guy – the opposite of the yes man," said Jameson, "not because it's the easy answer, but because "no" is in the best interest of protecting the government."