By John McHale
FORT HOOD, Texas - Officials at the U.S. Army Directorate of Information Management (DOIM) located at Fort Hood selected the SecureNet intrusion detection/prevention system and SpySnare spyware prevention system from Intrusion Inc., in Richardson, Texas, to prevent hackers, viruses, and spyware from disrupting Army IT operations.
Intrusion’s SecureNet system detects and blocks unauthorized network intrusions. The Ft. Hood SecureNet installation addresses the common “insider threat” behind the site’s perimeter firewall where many of the greatest potential vulnerabilities exist. SecureNet sensors are deployed lower into the site’s network, at the department level, and thus, increase threat visibility across the full Ft. Hood network.
“We’re taking a proactive stance to make ourselves better and more relevant in our information warfare and cyber security mission,” explains Lt. Col. Ed Morris, director of the Ft. Hood DOIM. “With the SecureNet deployment at Ft. Hood, we are able to get specific details about whom we’re fighting and from where they came. Once we get the enemy in our sights, we’re able to take aim and eliminate the offender.”
Intrusion’s SpySnare spyware prevention system was also selected by Ft. Hood for deployment at the site’s network perimeter. SpySnare detects and blocks in-bound and out-bound spyware infections and unauthorized peer-to-peer (p2p) communications, a common source of spyware infections, at the Ft. Hood site.
“These spyware programs started out originally as just a nuisance to our users, but today, they’re beginning to impact the reliability of our systems and have even broader implications related to the security of our data,” says Maj. Bert Belisch, 114th Signal Battalion operations and planning officer. “Now that we added the Intrusion SpySnare sensor at the firewall, we’re able to spot and block unauthorized p2p sessions, file transfers and spyware infections across the entire site.”
Most spyware programs are independent executable files that take on the authorization abilities of the victim’s computer, Intrusion officials say. They include auto-install and auto-update capabilities and can report on any attempts to remove or modify them.
Unlike spyware removal applications that reside on individual desktops and are designed to remove the spyware program after the system has been infected, Intrusion SpySnare prevents spyware programs from being inserted on customer computers by blocking them at the customer’s perimeter, company officials say. SpySnare uses Intrusion’s high-performance low-latency network analysis engine to implement critical deep-packet inspections in order to determine if spyware signatures are attempting to get into the customer’s network. By using specific signatures for known spyware, SpySnare provides real-time awareness of network traffic, delivering intelligence and removing much of the guesswork involved in establishing the necessary network defenses and preventing spyware infections. Once SpySnare detects a spyware signature match, it instantly flags and drops the spyware traffic and alerts the administrator.
Along with the new SecureNet and SpySnare deployments, Fort Hood is implementing Intrusion’s innovative Security Status Review (SSR) program.
Codeveloped with the U.S. Army, SSR leverages Intrusion’s SecureNet Provider forensics and real-time display tools, to allow DOIM IA staff to proactively document important security trends which allows DOIM leadership to make critical IT policy and procedure decisions, Intrusion officials say. Also, Intrusion’s SSR tools, in combination with SecureNet Provider, helps guide and document “under attack” incident response measures to allow Army personnel to repel attacks in real-time.
In addition to the 1st Cavalry Division and the 4th Infantry Division, Fort Hood is also home for the Headquarters Command III Corps, 3d Personnel Group, 3d Signal Brigade, 13th Corps Support Command (COSCOM), 13th Finance Group, 89th Military Police Brigade, 504th Military Intelligence Brigade, the 21st Cavalry Brigade (Air Combat), the Dental Activity (DENTAC), the Medical Support Activity (MEDDAC), Army Operational Test Command (AOTC) formerly TEXCOM, and various other units and tenant organizations.
For more information, please visit www.intrusion.com.
