Oct 02 2023

How DOD Can Look Beyond SIPRNet and NIPRNet

Emerging commercial technology can help agencies meet their secure communication needs.

The Department of Defense should look beyond existing communication protocols — the Secret Internet Protocol Router Network and Non-classified Internet Protocol Router Network — toward commercial solutions that support secure information sharing, say comms experts.

To that end, the National Security Agency’s Commercial Solutions for Classified (CSfC) program offers agencies access to a range of best-of-breed ­products that can protect classified information and systems.

With commercial solutions, “you can communicate faster, and it will also lower the cost of the operations of those systems,” says Terry Halvorsen, former DOD CIO and now vice president of federal client development at IBM.

Click the banner below to learn how Backup as a Service boosts data protection.

Has Encryption Made SIPRNet and NIPRNet Irrelevant?

Encryption upgrades have made the key communication protocols more effective and more readily available on the commercial side; for example, through the tools found in the CSfC Multi-Site Connectivity Capability Package.

“Although there have been advances made in our encryption capabilities, I don’t believe that these advances make SIPRNet and NIPRNet irrelevant,” says Mark DeVol, federal area vice president for Cradlepoint. Instead, the advances have expanded DOD’s options.

Modern encryption “has opened up the aperture,” Halvorsen says. “It gives us many more possibilities, particularly on the unclassified side.”

The move from hardware-based to software-defined encryption is proving to be a game changer.

“That makes encryption more readily available, and it tends to lower the cost,” Halvorsen says. “And you can field software-based encryption faster.”

MORE FROM FEDTECH: The CSfC program continues to evolve.

What Would Retiring Networks Look Like for DOD?

In the most likely scenario, defense agencies will make a gradual transition from existing networks to commercially supported solutions, experts say.

“You'll initially see augmentation of SIPR and particularly NIPR,” Halvorsen says.

At first, the use of software-based encryption “will allow us to have more pathways to deliver the communications or the data,” he says. As acceptance grows, “we will get to a point where the NIPRNet becomes more of the backup and not the dominant platform that is used to move the data around,” Halvorsen adds. “You'll see the data being moved around on a collection of commercial methods and commercial systems.”

This transition is already underway. Vendors are working with DOD to explore the possibilities for using private cellular networks in some circumstances.

“This would allow the DOD to use a cellular technology such as 4G LTE or 5G but on a network that they control,” DeVol says.

Such a move “would give them the ability to extend their network connectivity to areas where commercial cellular isn’t available,” as well as places where wired connectivity is unavailable or too expensive to run, he adds.

DISCOVER: Spectrum sharing supports DOD’s 5G efforts.

Interoperable Commercial Solutions Are the Future of DOD Security

Defense leadership recognizes there are advantages to embracing commercial technology.

“The DOD has been trying for years to move away from custom-built, proprietary solutions — which are typically very costly to maintain — and adopt more commercial, off-the-shelf solutions where they can,” DeVol says.

With today’s COTS solutions, “you can communicate faster, and it will also lower the cost of the operations of those systems,” Halvorsen says, adding that a move to interoperable commercial solutions would give defense agencies far greater flexibility in how they share information.

“Today, I can send an email into NIPRNet from anywhere, but I'm not actually on that network,” he says. “If I can use a system that is more open, I can communicate with more flexibility, faster and at lower cost.”

Terry Halvorsen
We can have software-based encryption that doesn't require hardware; that technology is becoming more and more acceptable every day.”

Terry Halvorsen VP Federal Client Development, IBM

That means greater communications availability.

With an interoperable approach, industry and academia will be better able to communicate with DOD, which in turn is looking to talk to U.S. allies more securely.

“If they're doing that on a common network that’s commercial, that's going to make it work at the allied-coalition level a lot more easily,” Halvorsen says. “That needs to be done for us to move forward.”

More methods of communicating make it harder for foreign adversaries to stop DOD from doing so.

“If I have 12 ways to communicate versus one, it's really hard to shut it down,” Halvorsen says.

The use of commercial products will also make adversaries more wary of trying to disrupt communications.

“If they’re meddling more openly with commercial systems, they could then be disrupting economics, even their own economics,” Halvorsen says. “That could lead to more countries lining up against that entity.”

Adversaries must think harder about those implications, he adds.

EXPLORE: DISA’s director shares what’s new with Thunderdome.

What Alternatives Are Out There for Handling Sensitive Information?

A wide range of commercial products could help DOD advance beyond its existing communications protocols.

Within the CSfC program, “we can see that there are many products from various vendors available to be used to design and deploy COTS solutions for mobile access, campus wireless LAN, multisite connectivity, and data at rest,” DeVol says. “These capability packages outline what the network architecture and security framework need to look like to transmit classified and nonclassified materials while maintaining the highest level of security.”

Such an approach “can greatly reduce cost and complexity compared with the more traditional ways of working,” he says. “It would also allow the DOD to deploy current technologies versus technologies that always seem to be many generations behind.”

Halvorsen points to several emerging tools and technologies that could help DOD meet its needs for secure communications.

“We can have software-based encryption that doesn't require hardware; that technology is becoming more and more acceptable every day,” he says. “You'll also see improvements in network management. You'll know more quickly that you have a problem, and because it's software-based, you'll be able to field the solution to the problem faster — whether it's new encryption or rerouting the pathway.”

New networking tools, software-based encryption capabilities and modernized commercial applications for connectivity: “All of that is letting us gain more flexibility, reducing the cost of operations and requiring less hardware,” Halvorsen says.

Lance Cpl. Paley Fenner/Marine Corps

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT