Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Government to Have Only 50 Gateways

Posted by Soulskill on from the e-downsizing dept.

Narrative Fallacy brings us a story about the US government's plan to reduce the roughly 4,000 active internet connections used by its civilian agencies to a mere 50 highly secure gateways. This comes as part of the government's response to a rise in attacks on its networks. "Most security professionals agreed that the TIC security improvements and similar measures are long overdue. 'We should have done this five years ago, but there wasn't the heart or the will then like there is now,' said Howard Schmidt, a former White House cyber security adviser. 'The timetable is aggressive,' he said, but now there is a sense of urgency behind the program. Small agencies that won't qualify for their own connections under TIC must subcontract their Internet services to larger agencies."

10 of 150 comments (clear)

  1. Re:Is it just me... by Pfhor · · Score: 5, Insightful

    Are you kidding?

    Trying to maintain standards and practices across 4,000 gateway points vs 50. Let alone the agency bureaucracy that would be involved in doing site checks and working across various agency boundaries would be a nightmare. It would take eons to get those things in place to do consistent auditing and management to ensure standards and procedures are followed, let alone actually do them. Might as well consolidate bandwidth costs and number of checkpoints down to 50 in the process.

  2. Re:Great Wall of China by ibjhb · · Score: 4, Insightful

    I could be wrong but I think this applies to only government computers and not the whole Country's Internet...

  3. From lots of little contracts to BIG CONTRACTS! by mikelieman · · Score: 5, Insightful

    I wonder what 'Loyal Bushie Companies' are being paid back with the contracts for this work?

    --
    Technology -- No Place For Wimps! Grateful Dead and Jerry Garcia Chatroom -- http://www.wemissjerry.org
    1. Re:From lots of little contracts to BIG CONTRACTS! by iamsamed · · Score: 5, Insightful

      I wonder what 'Loyal Bushie Companies' are being paid back with the contracts for this work? Considering the questionable way contracts have been awarded by the Government over the last several years, the parent's comment is more "Insightful" than "Troll".

      And, as a taxpayer, is a legitimate question that should be addressed by our Government. Especially, when, not if, it comes to light that the project runs over budget by millions of dollars which they inevitably do. Disgustingly, fleecing of the taxpayer has become de rigeur.

  4. Re:Great Wall of China by danwesnor · · Score: 5, Insightful

    Government employees are allowed to own home computers connected to the real internet, where they can stroke pr0n and post wikileaks to their heart's content.

  5. Re:Great Wall of China by Ihmhi · · Score: 4, Insightful

    You'd have to be a dumbass to leak material via your workstation in a government facility. Actually, you wouldn't be a dumbass, you'd be a Guantanamo inmate.

    --
    Random Thoughts From A Diseased Mind (Not For Dummies)
  6. Re:Is it just me... by innerweb · · Score: 5, Insightful

    Let me see...

    • 1) Each point of failure might have a greater chance to block a part of the network (depends on design). They could design it so that the 50 points lead to a network that is redundant behind the 50 points. If one point were to be blocked, then the traffic could be re-routed to other points. Much more secure and manageable than 4000 points. Bandwidth is only as much of an issues as the 50 points of connectivity allow/limit.
    • 2) Actually, as to honeypots and counter-surveillance, you are getting much better control. There is not limit to how many false access points you can seed (outside of resources). With fewer access points to monitor, policing the network becomes much easier.

    With 50 gateways, if the internal network is built correctly (unlike say a how certain cable company does their's), then I can not think of any real net negatives except the complexity of the internal network now. But, given the serious issues the 4000 has, the complexity of the internal network is a relatively non-existent issue.

    InnerWeb

    --
    Freud might say that Intelligent Design is religion's ID.
  7. Re:Great Wall of China by jschottm · · Score: 4, Insightful

    History shows that any "fence" or edifice to "security" is almost always, like the Great Wall designed to keep it's citizens in, rather than invaders out.

    First, there is no consensus that the Great Wall was created to keep citizens in, as nice as a soundbyte as it makes. Second, history does not show what you claim it does. Off the top of my head, European castles, the Maginot Line, the fences around U.S. military bases in Vietnam, the fences Israel uses to restrict Palestinian access to Israel itself, and the fences that the U.S. attempts to use at the Mexican border to keep illegal immigrants out are all examples of fences designed to keep the "other" from coming in.

    In fact, fences being used to keep _citizens_ in is relatively uncommon. They are most commonly used to keep the "other" out, to mark property lines, or to keep animals, livestock, or children within a certain area.

    But in any case, what exactly is your point? That you can compare the actions of a feudal society's relationship to its people to basics of computer security in a pithy two sentence statement and be insightful? Would you also claim that the edifice of WSUS for patch management is another example of the man trying to keep the federal employees down? Your fence analogy doesn't even hold up - this is a _gate_ - designed for deliberate flow to and fro.

    The article does specifically state that the monitoring systems are designed to keep certain information from leaving via the internet (whether intentionally or not) but that doesn't indicate that this is some feudal oppression system to choke the minds of federal employees. They are free to use whatever internet provider they wish when they get home, are they not? It's a firewall on steriods designed to protect government computers and data. Don't try to make it into something that it's not.

  8. Re:Is it just me... by Original+Replica · · Score: 4, Insightful

    You make a series of pretty huge assumptions here, many of which are unlikely. 1) you assume that the 50 gateway points will be managed properly. 2) you assume that access to those gateway points will be managed effectively. 3) you assume that the underlying network design is intelligently put together.

    I think the assumption is more along the lines of:
    50 gateway points are more likely to be managed properly than 4000 points.
    Those 50 points will have a great deal of attention and resources allocated to them, about 80 times the amount per point of the previous 4000 points.
    When the government really cares about a project (read military) they can be very intelligent, just look at the stealth bomber. They are only haphazard when it is a project that exists only to please the public (read medi-care, or social security)

    --
    We are all just people.
  9. Re:Newbie Mistake by gludington · · Score: 4, Insightful

    You'll never get enough Zealots out with only fifty Gateways... We could use a government that relies less on Zealots and more on research and climbing the tech tree.