Print 18 comment(s) - last by Dystopic.. on Oct 10 at 6:28 PM

Business systems were upgraded first and flight control systems could be updated in early 2009

The FAA isn’t big on change when it comes to its IT infrastructure. However, the FAA is now pushing forward with a plan that could see its IT infrastructure totally overhauled by early 2009. Sun Microsystems and Cisco are being eyed as the providers of choice for the new infrastructure.

The FAA over the last several months upgraded its old internal business systems to new open-systems including servers and storage from Sun and Cisco. The IT systems that were upgraded were not related to the FAA's flight control operations. Upgrades were to the FAA's business administrative functions that handle human resources, email, messaging, internal document routing, and storage according to eWeek.

After the business systems were upgraded, officials with the FAA were impressed by the performance increase and are considering upgrading the FAA's critical air traffic control systems with a similar infrastructure.

In August 2008, DailyTech reported that the FAA experienced a massive crash of its flight plan computer network that led to significant delays in air traffic. The reason for the network crash was traced to network IPX9000 packet switch.

There has been no debate inside the FAA as to whether or not the aging flight control system needs to be updated. The contention among officials has been what system to use and how to fund the upgrades.

According to eWeek, the FAA exercised the second option on its SAVES contract approved by Congress as the method to fund system upgrades. Upgrades will include Sun open-source OpenSolaris/ZFS/SunFire server/Thumper storage infrastructure with built-in virtualization technology.

One key factor in any upgrades within the FAA's IT infrastructure is security. A major factor in the upgrades is the tightening of security at all access points. To improve security, the FAA has chosen a product called CounterACT. CounterACT is a clientless network access control and malicious threat detection system used to ensure that all connected and connecting devices on the FAA network are in compliance with network security policies. The software also ensures that connected or connecting devices are free from self-propagating threats.

Gord Boyce, president of ForeScout the maker of CounterACT told eWeek, "The FAA did a nine-month deep dive to make sure our product met their requirements. The meat of their business-side deployment is just now beginning. They expect to roll us out to the rest of their network over the next nine months."

A key feature of the security software chosen by the FAA is that it not only identifies what is connected to the network, but identifies all devices that are attempting to connect to the network as well. CounterACT can see all devices that request an IP address and requires no prior knowledge of a device to enforce network security policies on the device.

Boyce continued saying, "One of our biggest differentiators in the market is the fact that we are clientless. We don't need to have any prior knowledge of a device as it connects to your network. Whether that's an IP phone, an IP printer, a contractor that you've never seen before, a managed desktop or laptop—anything that wants to get an IP address, we're going to be able to identify and interrogate it, and do some sort of a policy enforcement on it."

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

Not bad.
By Ordr on 9/25/2008 12:39:06 PM , Rating: 3
I wouldn't mind landing that contact.

RE: Not bad.
By bhieb on 9/25/2008 1:05:17 PM , Rating: 3

I would not want to be the firm responsible when/if the system crashes or gets hacked. But I agree lucrative nonetheless.

RE: Not bad.
By Master Kenobi on 9/25/2008 1:53:35 PM , Rating: 2
It's been a long time coming. The real problem that resulted in the massive delay of any upgrade was that they constantly wanted to integrate the latest technologies, which changed ever other week. The requirements were as fluid as water, which makes it impossible to do. I'm guessing someone stepped up and took over the project with the idea of getting something in place, rather than persuing a pipe dream.

RE: Not bad.
By shin0bi272 on 9/25/2008 5:28:29 PM , Rating: 5
so they are the duke nukem forever of aviation eh?

RE: Not bad.
By Dystopic on 10/10/2008 6:28:32 PM , Rating: 2
Responsibility / Accountability in government contracts??? Are you 12?

RE: Not bad.
By watkinsaj on 9/26/2008 2:28:58 PM , Rating: 2
It will probably be lucrative, but a mission critical project like this will be difficult to get off the ground.

RE: Not bad.
By Dystopic on 10/10/2008 6:20:21 PM , Rating: 2
actually, would not be that difficult, I am sure they are running concurrently, and doing a structured rollout, is properly staffed, and with sufficient funds.

What's the difficult part?

Just a thought
By HighWing on 9/25/2008 3:45:15 PM , Rating: 3
anything that wants to get an IP address, we're going to be able to identify and interrogate it, and do some sort of a policy enforcement on it.

One can not notice how much reference to "requesting an IP" is mentioned... ok so it's a DHCP security device. but the first thing that comes to my mind is "What about a device that has a static IP?"

RE: Just a thought
By aquraishi on 9/26/2008 7:23:06 AM , Rating: 2
it's simple 802.1x dressed up to sound more important. It's not truly clientless but for all practical intents and purposes is as Windows, Linux, UNIX, even iPhones all have 802.1x clients built-in. Wouldn't surprise me if many printers and other devices do as well. It's a good way to secure network access at the 'network' layer - I'm not arguing that - but I wonder how much this vendor is overcharging the FAA and how much of your tax dollars are going to pay for it?

RE: Just a thought
By joeld on 9/26/2008 8:57:54 AM , Rating: 2
well, they spent 9 months testing the system/software -- Looks like they are already heavily invested in it and it's not even in use yet.

RE: Just a thought
By Dystopic on 10/10/2008 6:27:44 PM , Rating: 2
ALL HD security SW is high dollar, you are mostly paying for the support contract. The vendor will probably maintain dedicated staff at the FAA to deal with issues.

It is clientless, meaning there is no SW agent to be installed.

I would not go for Solaris personally
By suryad on 9/26/2008 7:40:19 AM , Rating: 1
I would go with some distro of Linux actually possibly RedHat since that is what the Enterprise uses. Also the performance having used Solaris leaves a lot to be desired. I do not know how the new versions of Open Solaris compare with the latest versions of Linux but I would still think Linux would be the better choice.

By Zoomer on 9/27/2008 7:40:53 AM , Rating: 2
Don't worry, it will be a 100x or more performance increase nevertheless, since they are coming from some crazy old mainframe. :p

By Dystopic on 10/10/2008 6:24:53 PM , Rating: 2
nope not in a million years.

SUN will provide the hardware & OS - no linux vendor in any standing - except for SGI & SUN- has both ends. The FAA wants a 1 stop shop for hardware & OS level.

Linux SUPPORT is the issue. Sun Solaris, either Sparc or Intel is UNIX, so the software base is practically identical. Performance wise, OpenSolaris can be just as fast as RH.

No matter what if your HW isnt upto the task, you are just watching hourglasses.

By MGSsancho on 9/26/2008 2:29:37 AM , Rating: 2
its called the STARS system programmed by raytheon on sparc III machines. well my source is a best friends, sisters boyfriend whos programming it. oh and said best friend is an air traffic controller.

this has been some time coming. hopefully they will use non discontinued hardware

By Mr Perfect on 9/26/2008 1:23:08 PM , Rating: 2
Hmm. My source is my father's brother's nephew's cousin's former roommate.

I think yours is better.

Big Deal
By BMFPitt on 9/28/2008 7:35:32 AM , Rating: 2
Call me when we're ready to get rid of Lotus Notes...

But can it run Crysis??
By Desslok on 9/25/08, Rating: 0
"If you can find a PS3 anywhere in North America that's been on shelves for more than five minutes, I'll give you 1,200 bucks for it." -- SCEA President Jack Tretton
Related Articles

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki