The FAA isn’t big on change when it comes to its IT infrastructure. However, the FAA is now pushing forward with a plan that could see its IT infrastructure totally overhauled by early 2009. Sun Microsystems and Cisco are being eyed as the providers of choice for the new infrastructure.
The FAA over the last several months upgraded its old internal business systems to new open-systems including servers and storage from Sun and Cisco. The IT systems that were upgraded were not related to the FAA's flight control operations. Upgrades were to the FAA's business administrative functions that handle human resources, email, messaging, internal document routing, and storage according to eWeek.
After the business systems were upgraded, officials with the FAA were impressed by the performance increase and are considering upgrading the FAA's critical air traffic control systems with a similar infrastructure.
In August 2008, DailyTech reported that the FAA experienced a massive crash of its flight plan computer network that led to significant delays in air traffic. The reason for the network crash was traced to network IPX9000 packet switch.
There has been no debate inside the FAA as to whether or not the aging flight control system needs to be updated. The contention among officials has been what system to use and how to fund the upgrades.
According to eWeek, the FAA exercised the second option on its SAVES contract approved by Congress as the method to fund system upgrades. Upgrades will include Sun open-source OpenSolaris/ZFS/SunFire server/Thumper storage infrastructure with built-in virtualization technology.
One key factor in any upgrades within the FAA's IT infrastructure is security. A major factor in the upgrades is the tightening of security at all access points. To improve security, the FAA has chosen a product called CounterACT. CounterACT is a clientless network access control and malicious threat detection system used to ensure that all connected and connecting devices on the FAA network are in compliance with network security policies. The software also ensures that connected or connecting devices are free from self-propagating threats.
Gord Boyce, president of ForeScout the maker of CounterACT told eWeek, "The FAA did a nine-month deep dive to make sure our product met their requirements. The meat of their business-side deployment is just now beginning. They expect to roll us out to the rest of their network over the next nine months."
A key feature of the security software chosen by the FAA is that it not only identifies what is connected to the network, but identifies all devices that are attempting to connect to the network as well. CounterACT can see all devices that request an IP address and requires no prior knowledge of a device to enforce network security policies on the device.
Boyce continued saying, "One of our biggest differentiators in the market is the fact that we are clientless. We don't need to have any prior knowledge of a device as it connects to your network. Whether that's an IP phone, an IP printer, a contractor that you've never seen before, a managed desktop or laptop—anything that wants to get an IP address, we're going to be able to identify and interrogate it, and do some sort of a policy enforcement on it."
quote: anything that wants to get an IP address, we're going to be able to identify and interrogate it, and do some sort of a policy enforcement on it.