Mission first: Securing our networks

  • Published
  • By Col. Ward Heinke
  • Commander, Air Force Network Operations Center
The Air Force Network Operations Center here has the mission of protecting and defending the Air Force's portion of the Defense Department's network, which is often referred to as the Global Information Grid.

We operate under the operational direction of the Joint Task Force for Global Network Operations and partner with our sister services to protect the critical national defense communications infrastructure.

We accomplish this mission in two primary ways: first, by securing our networks from intrusion and exploitation and second, by ensuring that the finite capacity of our networked infrastructure is always available to support mission critical systems used by our Airmen to defend the nation.

The first part, securing the network, means that we constantly scan our networks for indications of intrusion by our adversaries. Sensors on our networks provide alerts to net defenders who investigate. They track down points of intrusion and enable us to clean up any compromised or infected systems or machines.

Many compromises or infections can be traced to malicious software, or malware, contracted from web sites on the Internet (civilian experts estimate that more than 31 percent of Internet web sites are compromised in this fashion) or through infected e-mails (phishing attacks) sent to a service member that loads spyware onto their computer when opened.

This malware can be used to steal passwords, personal information, and create back doors into our systems that are then used to spread further infection or to download sensitive information.

In addition to constant scanning, we combat this activity by aggressively patching the components that make up our networks, blocking access to web sites that are known to host (wittingly or unwittingly) malware, analyzing e-mails and their attachments for unwanted payloads, and filtering out e-mail that appears to be spam.

We also ensure our networks have sufficient bandwidth to conduct our mission activities by limiting its use for personal, non-mission related activities. Our first priority is to ensure our Airmen have the capacity to perform their mission safely, efficiently, and effectively. We allow some recreational and personal use of Air Force networks, primarily for morale purposes, but we have an obligation to keep it to levels that protect the conduct of our mission operations. Without this check, we run the risk of mission critical services being crowded out to the point that their performance is degraded or they cease to work altogether.

To ensure the availability of bandwidth for mission requirements, we often find it necessary to limit the downloading of streaming video or audio, personal e-commerce, view social networking sites, or perform other non-mission activities. When multiplied by the number of users on our DoD networks accounts, these things can put the accomplishment of our mission at risk.

We use filters that block general categories of sites because there are simply too many sites on the Internet to analyze each one independently to determine whether or not blocking it is necessary for security, mission utility, or morale.

Sometimes sites needed by our personnel, such as blogs and news sites, get caught up in the filters because they have not been properly categorized. Whe our members identify the need to access a blocked site, for morale or mission purposes, we have processes to unblock such sites for our members.

In the end, our obligation is to ensure Air Force networks are available when needed by our warfighters to defend the nation, and we do this by securing our network systems and assets and by moderating non-mission use.