Can we put this into a little perspective?
First, there are lots and lots of different Defense networks, with
different requirements. Yes, there are common WANs such as NIPRNET,
SIPRNET, and JWICS, but there will be huge differences between a
tactical LAN among vehicles in a logistical command post and a
fixed-site imagery intelligence unit.
http://www.fas.org/nuke/guide/usa/c3i/meecn.htm discusses some of the
requirements for command and control that intended to operate during
nuclear attack. Those requirements are going to be different from
the press release word processing system in the Office of the
Assistant Secretary of Defense for Public Affairs. For tactical
networks (Army anyway), start with the Signal section at
http://www.atsc-army.org/atdls.html
For that matter, I have seen a Cisco 4000 router and some associated
security gear built into an airborne-qualified package. Do remember
to disconnect power and LAN cables before jumping from the airplane.
Second, much of the military's technology is deliberately public, to
encourage technical innovation. Can we say ARPANET?
Third, there's a very big difference between discussions of the
network and the security mechanisms. But even there, DoD publishes
lots of things about security architecture. The Rainbow Series, which
emphasizes computer security first and only then network, is at
http://www.radium.ncsc.mil/tpep/library/rainbow/index.html. The
exact way keys are generated are quite another.
>Are there any listers with knowledge of Defense
>networks out there. I am working with a defence type
>organisation (western world; not saddam!) and need
>info on how the US DOD use cisco in their services.
>
>I guess the minimum level of security for even
>non-class info would be 3des and classified would be
>sent on a completely seperate hardware (kgxxx)
>encryption based network.
Along those lines, once you are in those WANs.
>
>Do they utilise the catalyst range of switches and if
>so how do they maintain high levels of security at
>layer 2. What stops the cleaner plugging in his
>lappie, dhcp'ing an address and shoot'n some nukes?
A lot of this is physical security. ANYTHING to deal with
launching nukes is under a "two-man rule," in which no _cleared_
individual is ever alone with something related to weapon control.
>
>Are there any US DOD public web pages on how they use
>cisco technology?
DoD isn't likely to have Cisco-centric pages, primarily for reasons
relating to competition and procurement. While DoD uses lots of
Cisco gear, they aren't going to give it unfair competitive advantage.
**NOTE: New CCNA/CCDA List has been formed. For more information go to
http://www.groupstudy.com/list/Associates.html
_________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
