[Infowarrior] - DOD declares war on spam in bid to protect networks

[Richard Forno]

Defense declares war on spam in bid to protect networks

By Bob Brewin 05/14/2009

http://www.nextgov.com/nextgov/ng_20090514_2422.php

The Defense Information Systems Agency asked technology companies on  
Wednesday for ideas on how to build an e-mail defense system on the  
perimeter of its networks that can scan 50 million inbound messages a  
day to catch spam, viruses and cyberattacks.

In a notice to industry, DISA said it needs to protect 700  
unclassified network domains and that, while there are many individual  
e-mail domains administered by Defense Department units, "there is a  
possibility these may be combined into one enterprise DoD e-mail  
domain."

Defense currently scans e-mails for viruses and spam coming into  
systems serving the military services, commands or units. DISA wants  
to extend the protection to the interface between the Internet and its  
unclassified network, the Non-classified Internet Protocol Router  
Network. The agency also wants the ability to scan all outbound e- 
mails from the 5 million users.

The issue of spam is serious, Defense reports. Army Lt. Gen. Keith B.  
Alexander, director of the National Security Agency, told an audience  
attending the RSA Security Conference in San Francisco in April that  
about 20 billion e-mails are sent globally every day, of which 65  
percent to 70 percent are spam.

DISA's request ties in with recommendations that the Defense Science  
Board issued in April that said Defense is more vulnerable to  
cyberattacks because of its decentralized networks and systems. The  
board envisioned a major role for DISA in developing the architecture  
for enterprisewide systems.

The agency asked IT companies to submit ideas for developing an  
unclassified e-mail security gateway that would provide a security  
border that at a minimum could filter viruses, spam, phishing attacks  
and content in the e-mails sent to 5 million Defense personnel. The  
system would protect the "logical first hop" into Defense networks and  
would not be intended to take the place of individual e-mail security  
systems that the services, commands, bases and units operate.

Margaret Diego, global product marketing for Trend Micro in Cupertino,  
Calif., said her company can provide such services, starting with  
matching the addresses of incoming e-mails against a database of known  
senders of spam. Trend Micro scans e-mail for viruses and spam, and  
then performs content filtering in the body of the e-mail. If the  
message passes all the checks, it's sent to the recipient.

The biggest problem DISA faces in deploying an e-mail system on such a  
massive scale is management, including policies that govern the kinds  
of traffic that can be passed through the system, said David Frazer,  
director of technology services for F-Secure, an Internet security  
company based in Helsinki, Finland.

Once a new threat is discovered, it must be included in e-mail  
protection software and pushed out to servers that run the protection  
system, he said.

Gary Moore, chief technology officer for Entrust in Dallas, a  
manufacturer of scanning software for outbound e-mail traffic, said  
Defense will need to deploy a massive server and network  
infrastructure to sift through 50 million e-mails a day and estimated  
the cost of such a system at $100 million.