Slashdot Mirror

← Back to Stories (view on slashdot.org)

Building Secure Computers?

Posted by Cliff on from the even-keyboard-adccess-won't-make-it-easy dept.

maotx asks: "Growing into the job of a system administrator, I've been tasked with something I'm not quite prepared for: purchase or build a computer that meets DoD compliance for classified 'Secret' information. Several vendors, including Dell our primary supplier, offers computers that will work, but being new to the criteria I want to make sure the right computer is purchased. The computer will be used to create secure CAD drawings (Solidworks, OrCAD, etc) and must have, from what I can tell, a removable hard drive and security stickers to prevent tampering. What is you're experience in setting up a secure computer and is it better to have a vendor do it, or yourself?"

4 of 628 comments (clear)

  1. Don't ask Slashdot by kevlar · · Score: 5, Interesting

    Ask the Dept of Defense. Asking Slashdot about DoD guidelines is like asking an elementary school for details about the space shuttle. No offense to /. community.

    1. Re:Don't ask Slashdot by nzkbuk · · Score: 4, Interesting

      You give that version of windows too much credit.
      it wasn't "Windows NT" that got the rating (as much as M$ hyped it, and I don't remeber the exact spec, but the spec gave the EXACT make and model of computer (and hence hardware spec (that didn't include a network card)) as well as the exact patch level of NT and it specified the applications installed.

      In short it wasn't generically Windows NT, or even Windows NT4 sp2. it was much better defined than that, but that being said, yes M$ has achieved a security rating, and I'd have to agree (unlike a bunch of the posts on this topic I've seen), the security model has to fit with the company. if they are asking as a DoD contractor, the question is in the wrong place. If the question is from a company that management feels they need to secure their computing enviroment, then it's all good.

    2. Re:Don't ask Slashdot by jcr · · Score: 4, Interesting

      the spec gave the EXACT make and model of computer (and hence hardware spec (that didn't include a network card)) as well as the exact patch level of NT and it specified the applications installed.

      It also required that the entire IP stack be deleted. It was quite a joke in the computer security business at the time.

      -jcr

      --
      The only title of honor that a tyrant can grant is "Enemy of the State."
  2. Re:You cannot do it most likely by DaEMoN128 · · Score: 4, Interesting

    No network is not a DoD requirement. Not being connected to an unencrypted netowk is. If you have an accredidted Secure Network.... you can network these. It is worth the extra money... trust me. I have been in your shoes. Contract writers like warrenties.

    --
    Stop signs are only Suggestions