Continuous Monitoring + Policy Management Leads to Network Resilience and Successful Command Cyber Readiness Inspections

Over the past few years, DISA has been moving network infrastructure into Joint Regional Security Stacks.

DISA’s website says, “A joint regional security stack is a suite of equipment that performs firewall functions, intrusion detection and prevention, enterprise management, virtual routing and forwarding (VRF), and provides a host of network security capabilities…security of the network is centralized into regional architectures instead of locally distributed …JRSS allows information traversing DoD networks to be continuously monitored to ensure response time as well as throughput and performance standards. JRSS includes failover, diversity, and elimination of critical failure points as a means to assure timely delivery of critical information.”

RedSeal is the official continuous monitoring solution for the JRSS. We are actively working with our clients to deploy this feature to help them achieve network resilience.

However, many clients don’t realize that combining continuous monitoring with policy management solves another actual problem: preparing for and passing Command Cyber Readiness Inspections (CCRIs).  Teams have to nearly shut down operations for weeks at a time to prepare for these important events. Failure can affect careers.

CCRIs take place on annual cycles and information networks get wildly out of compliance.  To keep networks operationally compliant, RedSeal monitors configurations daily and send alerts when actions have been taken that violate policy.  Plus, RedSeal is the only platform that allows its customers to verify STIG compliance on all of their Layer 2 & 3 devices as part of their continuous monitoring practice. This, in turn, allows for less prep time needed for CCRIs.

At a recent Centcom briefing by RedSeal, a DISA representative noticed that “it would make more sense if you import PPSMs [ports, protocols and services management] into RedSeal.” This would reduce the time to identify new, daily activity that created non-compliant configurations.  A number of RedSeal customers have successfully deployed the combination of PPSM policies with RedSeal’s continuous monitoring capability.  RedSeal automatically conducts scheduled analysis of the platform to check compliance with PPSMs and alerts on any failures, no matter how small.

Customers have found that automated continuous monitoring plus policy management equals network resilience.   CCRIs can now become a byproduct of daily network and security operations.  Successful real time policy management means more successful, less taxing CCRIs and higher network overall resilience.