Thursday, November 18, 2010

2010 MilCom Conference Experience

by Steve Weingart

We recently visited the 2010 MilCom (Military Communications) conference and trade show in San Jose, CA. and found it to be a worthwhile experience; the size and flash rivaled the RSA conference. The conference portion of the event was also substantial, with many simultaneous tracks in both unclassified and classified sections. The quality of the presentations that our group attended was excellent, and at conferences, that is not always a sure thing.

A few of the things we learned: while “smaller,” “lower power,” “faster,” and “better” are always the main themes for communications equipment, “security” is taking an even higher-than-usual place in the requirements this year. Many vendors were saying that their DOD customers were really pushing them to meet the FIPS 140-2 Cryptographic Standard for Sensitive but Unclassified Data. Because waivers for this standard have been disallowed since FISMA (Federal Information Security Management Act) came into effect just after 9/11, this is not a surprise. But that it is finally happening is noteworthy. However, the most unusual thing we heard is that the DOD is now requiring CC (Common Criteria) testing for many new purchases of networking equipment. In the future, network devices and appliances -- like routers, firewalls, switches, and intrusion detection and protection devices -- will need to be CC evaluated and certified.

As a side note, the NIST SCAP (Security Content Automation Protocol) folks are moving ahead on standards for XML language communications between network devices. After this is in place, there are going to be some very secure and interoperable network devices available. The purpose for this, in the long run, is the ability to achieve networks that can sense attacks and respond by reconfiguring (or even disconnecting) until the threat is eliminated.

Next year, MilCom returns to the East Coast at the Baltimore Convention Center, which should bring back the throngs of Beltway folks and raise the attendance to overflowing.

No comments:

Post a Comment

Comments are moderated with the goal of reducing spam. This means that there may be a delay before your comment shows up.