Get documents about "NMCI Gets Into A Hotspot
Document Sample
NMCI Gets Into A Hotspot
By Mike Hernon
For years now, Navy Marine Corps In- widely known vulnerabilities that may be ent Encryption, which is available only
tranet (NMCI) users have jealously eyed exploited. For example, is that wireless through NMCI. This allows you to securely
the laptop-wielding, Wi-Fi-connected network named “FREE STARBUX Wi-Fi” connect to NMCI via an encrypted virtual
masses in coffee shops, hotels and air- that shows up as available for connection private network. Additional security in-
ports as they turned idle time into pro- really coming from the coffee shop you’re cludes the encryption of data-at-rest and
ductive time. Barred from full network in or from the van in the parking lot? the Host Based Security System for intru-
access, NMCI users on the go had to settle Setting up such imposter or “rogue” ac- sion prevention.
for cellular phones, air cards and Outlook cess points that can divert your laptop to This newly announced Wi-Fi hotspot
Web Access to provide mobile support. a hacker-controlled destination and/or in- offering is distinct from, and in addition
While these capabilities provide some stall malware is just one potential avenue to the existing solution for wireless local
fairly productive mobility tools, access to for hackers. Another common attack is to area networks (WLAN) for access on those
the information and resources on NMCI take advantage of the lack of encryption Navy or Marine Corps bases and instal-
that would further support the mobile on a public access point to intercept and lations (i.e., base area networks), where
worker remained unavailable — until read the traffic transmitted between the WLANs are currently in place. Depending
now. laptop and the network. on your needs, you may install either or
With the release of Wireless Public Hot- Of course, these threats are above and both solutions on your laptop.
spots (WPH) service, NMCI users within beyond the fact that you are conducting
the continental United States can now official business in the middle of a bus- Cutting the Cord
use free or for-fee public Wi-Fi hotspots tling coffee shop or airport terminal, and All components required to enable
to securely access NMCI. This capabil- wearing a uniform or sporting a Defense wireless access to either public or base
ity provides mobile users with the same Department badge that just might make access points are available through the
computing environment they would have you a more attractive target for hackers. Contract Line Item Numbers (CLIN) on the
when sitting at their wired computer. This NMCI contract. There are one-time costs
enhanced capability will allow remote Locking It Down to Open It Up to procure the hardware and software, as
users to remain better connected and The threat to the network from these well as a monthly recurring fee, each or-
more productive outside of their wired vulnerabilities is real; the impact from a dered through a separate CLIN. Addition-
environment, whether on travel, tele- breach could not only affect the user that ally, the following constraints apply:
commuting from home, or in any location is being targeted, but the entire network. • Windows XP operating system installed;
outside the office where Wi-Fi is available. Clearly, before approval could be given by • Broadband Unclassified Remote Access
the Navy and Marine Corps Designated Service (BuRAS v4.0.5) installed;
Private Network, Public Wi-Fi Accrediting Authorities (DAA), network • Navy NMCI domain only (as of this writ-
Integrating any secure, private network, engineers had to develop a solution ing, the Marine Corps DAA has not ap-
such as the NMCI, with public Wi-Fi access that would minimize the risks of Wi-Fi proved the solution);
points outside the control of network ad- access. • Unclassified use only; and
ministrators is not done lightly. Before de- As a result of these efforts, connecting • Not available for non-NMCI networks,
livering any enterprise mobility capability to NMCI via a public hotspot is done in a such as the science and technology
to the Department of the Navy workforce, significantly different way than how you domains.
a careful analysis of the delicate balance would normally use your laptop’s internal
between the benefits and inherent risks Wi-Fi antenna to connect to a hotspot at For the latest offerings and pricing
of wireless technologies is conducted. home or in a public location. information, visit the NMCI Homeport
Opening up network access through The NMCI solution relies on two com- wireless page at https://www.homeport.
publicly available Wi-Fi hotspots pres- ponents that reside on the laptop; one navy.mil/services/wireless. Additional re-
ents significant information assurance is hardware, and the other is software- sources on the site include a user guide
(IA) concerns about introducing threats based. The hardware consists of an ap- and an online tutorial.
that might potentially harm the network. proved wireless network interface card
The use of public Wi-Fi access points, which installs in the laptop’s PCMCIA slot. Mike Hernon is an independent consultant to the
which are normally unsecured and un- (Laptops with an ExpressCard slot will DON CIO on a variety of telecommunications-
encrypted by design to foster maximum require an adapter.) The necessary client related topics. He was formerly the chief infor-
sharing of the signal, brings a number of software component is the Wireless Cli- mation officer for the City of Boston.
CHIPS January - March 2010 37
Related docs
