The Defense Information Systems Agency (DISA) is looking to implement an enterprise “grey network” to enable Department of Defense (DoD) components to securely support classified remote programs, a DISA official explained.
Dr. Stephen Wallace, systems innovation scientist and head of DISA’s Emerging Technology Directorate, laid out the agency’s approach to a grey network at AFCEA’s TechNet Cyber conference on December 3. The grey network acts as a stopping-off point for users, with one VPN terminating in the network and a second VPN taking users from the grey network to their intended solution.
The enterprise grey network approach is not new to DoD, as it is required for vendors in the Commercial Solutions for Classified (CSFC) program from the National Security Agency. DISA has also piloted a grey network approach with some combatant commands in past years, but the agency aims to make the grey network more accessible to components to support increased telework.
“What we found is that there’s a lot of activity going on in this area, but it’s at many times different islands. What we’re looking for is a global Enterprise Grey Network that has many of the common services that these classified remote programs rely on, but in a consistent enterprise fashion, so that you’re not recreating the wheel time and time again,” said Dr. Wallace.
DISA included enterprise grey core as a new addition to its technology focus areas for Fiscal Year 2021, and is in the planning stages of that effort, where the agency is doing more than monitoring but not yet at the pilot phase for the technology. Speaking to reporters, Wallace noted that DISA does not have a timeline to have an enterprise grey network in place, but is strongly motivated by the urgency of COVID.
“We do realize the urgency in it, and our ability to provide something like that will bring a lot of value to our mission partners, and we’ve heard that from them, so we’re very interested in delivering something like that as quickly as possible,” he said.