UNCLASSIFIED 1

UNCLASSIFIED

UNITED IN SERVICE TO OUR NATION

C2 of DISA’s Enterprise

Mr. Scott RodakowskiCenter for Operations, DISA

UNCLASSIFIED 2 2UNCLASSIFIED

UNCLASSIFIED

"The information provided in this briefing is for general informationpurposes only. It does not constitute a commitment on behalf of the UnitedStates Government to provide any of the capabilities, systems or equipmentpresented and in no way obligates the United States Government to enter intoany future agreements with regard to the same.  The information presentedmay not be disseminated without the express consent of the United StatesGovernment. This brief may also contain references to Unite StatesGovernment future plans and projected system capabilities. Mention of theseplans or capabilities in no way guarantees that the U.S. Government willfollow these plans or that any of the associated system capabilities will beavailable or releasable to foreign governments."

Presentation Disclaimer

UNCLASSIFIED 3

UNCLASSIFIED

UNITED IN SERVICE TO OUR NATION

DISA’s Enterprise Infrastructure and Services

Robust, diverse, resilient, and protected communications and computing environment enabling warfighting operations

2,500User

Applications

65 Petabytes

DECC Storage

11 Computing

Centers

16 STEP/

Teleports

17,000Circuits

10 Sites /12 Circuits

135,000 MobilityUsers

Network Services- NIPR/SIPR- UC- DRSN- IRIDIUM

CLOUD SERVICES

Cyber Security

JRSS

UNCLASSIFIED 4

UNCLASSIFIED

UNITED IN SERVICE TO OUR NATION

Coalition Partners

Coalition Information Sharing• Coalition DMZ• Cross Domain Enterprise Solutions• Mission Partner Environment (MPE)• All Partners Access Network (UISS)• CENTRIX• BICES-X

Internet

Internet Access Points • Sensors • Web Content Filtering• Demilitarized Zone (DMZ)• Distributed Denial of Service Mitigations• Enterprise Email Security Gateway• Domain Name Service (DNS) Hardening

Cloud Access Point

Cloud Service Providers

DoD Information Network (DoDIN)

Operate & Assure DISA’s Enterprise

Regional Operations

Center Central

Defensive Cyber Operations Center• Analysis of Sensor Data• Threat Analysis• Intel Fusion• Counter Measures• Boundary Protection• Internal Defensive Measures• Compliance• Key Cyber Terrain• Direct Cyber Protection Teams

CONUS GlobalOperations Center

Cyber Analytic Cloud• Events• Alerts• Logs• Incidents• Configuration• Performance

Cyber Analytic Cloud• Events• Alerts• Logs• Incidents• Configuration• Performance

CORE DATA CENTER

CORE DATA CENTER

CORE DATA CENTER

Host Based Security Systems (HBSS)

IP Services• Global IP Voice, Video, Data

Deployed Forces

Teleport

Satellite Services• Integrated ISR and SATCOM

Gateways

Satellite Services• Integrated ISR and SATCOM

Gateways

Single Security Architecture

Optical Core• 10 Gbs Operational• 100 Gbs Capable• Packet-Optical Transport

DISACommand Center

C2 of DISA’s Enterprise Infrastructure & Services

UNCLASSIFIED 5UNITED IN SERVICE TO OUR NATION

DEFENDCOMMAND & CONTROL (C2)OPERATE1,400 Mil, 5,600 Civ and 8,000 Contractors

in 18 States, 8 Countries~11.3B Budget

DISA Provides, Operates and Assures:$24B Enterprise, 11 Core Data Centers

>1000 Enterprise Apps, Worldwide Transport>500 Teleport Missions, >50 RPA Flights

EVENTS

Events/day DCO Events / day >10M Alarms

-24 Critical Auth SVC Interruptions-2400 Trouble Calls

ExercisesOperations

CPT Employment

>500 Sensors>798M Events

>300M Blocks

Events requiring Orders

INCIDENTS

ACTIONS

>2,000 Tickets>22,000 Changes

45 Orders Tracked >36 Cybersecurity incidents >14 Phishing Attacks

>80% Emails Blocked

Incidents / Day DCO Incidents / day Compliance Monitoring

Critical Issues Orders Tippers / Counter Measures10 Worked 7 Published

3 Received25/75

DoD’s Cyber Forward Edge of the Battle Area 3M+ Users Defended102 CDSP Customers300 TB of Data/38M E-mails Processed

30+ Named Operations, support to virtually all DoD members - OUR GOAL = 100% Mission Assurance

INTERNET DoDIN DISA Enterprise

Day in the Life of DISA UNCLASSIFIED

UNCLASSIFIED 6

UNCLASSIFIED

UNITED IN SERVICE TO OUR NATION

Operation Freedom Sentinel Afghanistan

USCENTCOM

Full Spectrum Operations

Homeland DefenseDrug Interdiction

USNORTHCOM / USSOUTHCOM

Disaster ReliefNepal

USPACOM

Inherent ResolveIraq/Syria

USCENTCOM

Ukraine EngagementUSEUCOM

Operation Gladiator ShieldGlobal Cyber

UNCLASSIFIED

Operation United AssistanceJukebox Lotus / Juniper Micron /

Juniper NimbusUSAFRICOM

UNCLASSIFIED

UNCLASSIFIED 7

UNCLASSIFIED

UNITED IN SERVICE TO OUR NATION

DISA NetOps Center (DNC)‐ Network Services/Transport/DCO

LEGEND:

DISA Special Support

Defense Enterprise Computing Center (DECC)‐ Computing/Enterprise Services

DISA Field Office

DISA Network Operations Global Command and Control

DECC Oklahoma City

DECC OgdenDECC Mechanicsburg

DECC MontgomeryDISA‐NORTHCOM

DISA TRANSCOM

DISA STRATCOM

DISA SOCOM

DISA SOUTHCOM

DISA AFRICOM

DISA Global Operations Command (DGOC)

DNC EUCOM

DNC PACOM

DNC CENTCOM (MacDill and Kabul)

DISA Center for OperationsDISA Command Center (DCC)‐ Fort Meade

• C2 of DISA’s Global Infrastructure and Services

• C2 & direct DODIN/DCO Activities within AOR ISO CCMD Priorities & Objectives

• 24x7 network operations and DCO of DISA’s transport, switching, and computing infrastructure

• Collaborate, synchronize and coordinate Agency capabilities with CCMD requirements

• 24x7 Operations for DISA and mission partner applications• Cyber Security & Maintenance of DISA’s computing environment

White House Communications Agency (WHCA)

Joint Staff Support Center (JSSC)‐ Pentagon

• Provide support and services to the National Military Command Center

• 24x7 GCCS-J Tier I/II service support

UNCLASSIFIED 8

UNCLASSIFIED

UNITED IN SERVICE TO OUR NATION

USAFE / AFAF624TH / MCCC

USAREUR / USARAFRCC

NAVEUR / NAVAFNCTS / NIOC

MARFOREUR / MARFORAFMCNOSC

THEATER SERVICE OPERATIONS

ENTERPRISE INFRASTRUCTURE

ENTERPRISE FOUNDATIONAL SERVICES

ENTERPRISE APPLICATIONS

The DISA Enterprise

C2 of DODIN OPS, DCO-IDM & JIEUnity of Command and Unity of Effort

4 FEB 2015 ‐‐ 1700

• Escalation• Resolution• Reporting

USCYBERCOMJOINT OPERATIONS CENTER

• Incidents• Triage• Categorization

Integrated Tasking Authority

• Synchronize• Coordinate• De‐conflict

• Plan• Monitor• Assess

BENEFITS OF CHANGE:• Enhanced Mission Effectiveness• Defensible Cyber Terrain• Resource & Personnel Efficiencies• Operational Responsiveness

GLOBAL SERVICE DESK

DNC CONUS / PAC

SMC

CATALYST FOR CHANGE:• Delivery of Enterprise Services• Core Data Center & Shared IT Infrastructure• Single Security Architecture• EOC Maturity

USEUCOMC‐CPTJOINT FORCE CYBER           

COMPONENT COMMAND

DODIN COMMANDENTERPRISE 

OPERATIONS CENTERD‐CPT

S‐CPT

S‐CPT

S‐CPT

S‐CPT

Priorities & Dire

ction

Priorities &Synchronization

Tasking &Synchronization

119THEATER SERVICE DESK

DODIN ENABLED MISSIONSDODIN USERS

Priorities & Dire

ction

USAFRICOMC‐CPTJOINT FORCE CYBER           

COMPONENT COMMAND

JFHQ DoDINGEOC

DISA NetOps Center

DISA Ope

ratio

ns

UNCLASSIFIED 9

UNCLASSIFIED

UNITED IN SERVICE TO OUR NATION

Day in the Life of DECC Ogden

NIPRNET SIPRNET JWICS

DefendCommand

Operate• DISA DECC Ogden Operates IT Systems

hosting Mission Partner Applications for 3.5 M Users

• Fully ITIL Compliant

Global Mission Supporting DFAS, DLA, JCS-Joint Staff, DCMA, U.S. Transportation Command, FEMA, U.S. Navy, Army, & Air ForceRemotely Manage Systems at 7 sites, DWCF Funded

EVENTS• 2000 Managed Operating Environments• 42 z/OS Partitions

• 2.9 PB Managed Storage• 45000 System Backups/week

• 500,000 Batch jobs/weekINCIDENTS

ACTIONS

• 3 Operational turnovers/day• 5500 Incidents/week

• 320 Change Requests/week

• 10 Maintenance Windows/month

DLA Enterprise Business System, $1,200,000,000 transactions

processed annually

94,580 SQraised floor

USTRANSCOM Defense Personal Property System,

555,000 Shipments/Year

Wide Area Workflow,

$1,500,000,000 invoices/day

• Weekly ACAS Scans• Monthly SRG Compliance Checks

• Yearly AT 801 Audit

• Physical Security• Personnel Security

• 24X7X365 Operations

• Fully Secure Enterprise Class Data Center Located on Hill AFB, Utah

UNCLASSIFIED 10

UNCLASSIFIED

UNITED IN SERVICE TO OUR NATION

DECC Ogden Cybersecurity

• Securing Mission Partner Information Systems DoD Policy/Defensive Operations

• DoDI 8500.1 – Cybersecurity• DoDI 8510.01 – Risk Management Framework (RMF) • US Cyber Command Orders and Directives (OPORDS/TASKORDS/FRAGOS)• JFHQ-DODIN/DISA Headquarters Orders and Directives (TASKORD)

Assessment and Authorization (Formerly Certification and Accreditation)• Risk Management Framework (RMF) – Replaced DIACAP as the process to perform risk analysis of an application or network enclave

to grant an Authority to Operate (ATO). Automated Cybersecurity Tools

• Host Based Security Systems (HBSS) – Suite of McAfee applications running on Windows/UNIX/Linux systems providing firewall, antivirus, rogue system detection, intrusion detection, and vulnerability compliance.

• Assured Compliance Assessment Solution (ACAS) - Tenable network scanner running weekly and ad hoc credentialed compliance scans across Windows/UNIX/Linux systems.

• BladeLogic – BMC tool used to deploy Windows/UNIX/Linux vendor patches and run weekly compliance scans. Continuous Monitoring Risk Scoring (CMRS)

• DoD database system used to track cybersecurity compliance and determine risk. Automatic data feeds from HBSS and ACAS are rolled up to this system. Risk algorithms are used to calculate and a risk score (A, B, C, D, or F) by agency, directorate, or application.

Manual Compliance Checks• Security Requirements Guides (SRG)/Security Technical Implementation Guide (STIG) – These guides are developed to

provide in-depth hardening requirements for operating systems, network devices, applications, databases, and web servers.