The U.S. Defense Information Systems Agency (DISA) said it has successfully completed its Thunderdome prototype, a set of commercially available technologies that combines zero trust principles with specific security technology to modernize and improve the Department of Defense’s (DoD) capabilities against cyber threats.
DISA's Zero Trust Initiative
For the past 12 months, DISA has developed and implemented a zero trust architecture to fortify the DoD’s networks and cyber defenses. The included technologies are:
- Secure access service edge (SASE)
- Software defined-wide area networks (SD-WAN)
- Customer edge security stack (CESS)
- Application security stacks
These technologies are aimed at improving both security and network performance in an existing enterprise environment. The architecture, which assumes a constant risk to the U.S. cyber defenses, demands controls and validation at every step of the process.
The project aligned with President Biden’s executive order to improve the nation’s cyber defenses issued in May 2021.
More About DISA
DISA is the DoD's IT combat support agency that provides real-time information technology and communications support to the highest levels of the federal government and military command. While Thunderdome's technologies are integrated with each other, they are not dependent upon one another.
In a DISA statement, Lt. Gen. Robert J. Skinner, DISA director and Joint Forces Headquarters-DoD Information Network commander, said:
“Thunderdome will help us achieve this advantage by making DoD’s networks more secure and thereby more challenging for threat actors to gain access to DoD systems.”
The project included a six-month $6.8 million contract extension awarded to consultant Booz Allen a year ago. In total, DISA and partner industries spent two years accomplishing the testing and implementation phase for the prototype, according to DISA.
To prove that Thunderdome works, DISA onboarded approximately 1,500 test users at three locations to use its remote and on-premises capabilities to perform their daily responsibilities. Officials said that Thunderdome increased network performance. DISA independently validated its services and improved security.
Commenting on the Thunderdome project, Christopher Barnhurst, DISA deputy director, said:
"This is a huge advancement for DISA, and the department, on the zero trust journey. Thunderdome has confirmed its potential by laying a zero trust technology foundation, but the work doesn't end there. To truly accomplish the department's zero trust goals, DISA's next steps include changing the culture to implement policies and procedures to make use of zero-trust technologies and approaches in every program."