We provide NIPRNet support to small and large organizations, including Federal and DoD entities, and all military branches. We understand the requirements needed to get and maintain NIPRNet enclave connectivity while ensuring security.
Our engineers are Defense Information System Agency (DISA)-trained NIPRNet reviewers who incorporate this additional knowledge level into all our activities. This unique blend of knowledge enables us to engineer solutions that meet various Department of Defense requirements from day one, reduce the costs of having additional technical reviews following enclave completion, and ensure you receive your NIPRnet ATO.
Our NIPRNet Expertise
Our NIPRNet Subject Matter Experts (SMEs)
Our SMEs know the NIPRNet STIGs, which STIGs to apply, how to conduct the checks, and implement and prioritize the settings based on risk and Return on Investment (ROI). SecureStrux is highly-regarded for our technical expertise and, most importantly, in our commitment and demonstrated success to delivering solutions that strengthen our client organizations’ security posture.
SecureStrux’s NIPRNet Subject Matter Experts have developed and taught numerous DISA-approved courses on OS hardening, database security, web security, McAfee ePO, and HBSS endpoint security, application security, vulnerability management, and network security. Our personnel are cross-trained in multiple technologies to bring efficiencies to the project and guide client staff on configuring, securing, and sustaining their NIPRNet environment.
Our Approach to NIPRNet
Our approach to driving NIPRNet Enclave efficiencies
Our method includes recommending actions that occur in advance to minimize any potential delays before services initiation. These include:
- Dedicating knowledgeable client personnel to supporting the effort
- Compiling accurate and complete documentation on the current DoD Industrial Security Program
- Our cumulative experience performing engineering, cybersecurity assessments, and implementation services will optimize efficiencies by:
- Utilizing standard DoD tools to expedite activities
- We leverage our ability to contact DISA and the applicable DoD Agency to resolve common issues.
- Providing documentation templates based on known, approved DISA and DCSA documentation, policies, and procedures.
- Assessing the suitability of the SecureStrux custom insider threat solution developed to automate the USCYBERCOM Insider Threat mandate.
- Evaluate and test the applicability of the SecureStrux patent-pending solution for relevant technologies not currently automated by the SCAP Benchmarks.
The SecureStrux NIPRNet Project Plan
The standard SecureStrux approach for NIPRNet services is a five-phase approach (see the steps below). The SecureStrux Team Lead provides project management of the project scope for all phases with high-level insight into the NIPRNet enclave project requirements at project initiation. SecureStrux meets with all appropriate site personnel and senior leadership to introduce team members, obtain proper logical and physical access, and verify any technical details needed to install and configure the enclave. Our support efforts provide and satisfy the requirements for:
- End-user secure baseline images with baseline applications and all applicable patches, updates, and drivers pre-installed
- Offline media with backup configurations of all equipment
- Documentation, policy, and procedures required to receive an Authorization to Operate (ATO), Approval to Test (ATT), Authorization to Connect (ATC) as per the applicable DoD Office
- Configuration of equipment and software following applicable federal, Defense Counterintelligence and Security Agency, and DISA STIGs to receive node certification and accreditation/ authorization
- Training to appropriate personnel on the operations, maintenance, and configuration of all infrastructure and workstation equipment
-
Complete Circuit Approval Process
Review Preliminary Enclave.
Assist with the completion of the NISP NIPRNet Circuit Approval Process (NSCAP) requirements and work with the AO to ensure the government side requirements are completed as part of the NSCAP process as needed.
-
Complete Non-DoD Connection Request Process
Pre-project planning and support that may be required before the Connection Request.
Provide any information necessary to complete the DoD Connection Request and Sponsor Validation Letters.
Answer questions that may arise before receiving the DoD CIO NIPRNet connection approval letter.
-
On-Site Discovery Assessment
Review the proposed secure room(s), existing hardware assets, software, and documentation against DoD and DISA compliance requirements to understand the current project status.
Identify gaps, if any, and provide recommended solutions to address gaps.
Develop a Project Plan and coordinate project logistics.
Determine optimal WIDS solution based on compliance requirements and cost/benefit analysis.
-
Install and Configure NIPRNet Hardware and Software
SecureStrux will install and configure hardware and software assets to communicate internally, ensuring all workstations, VTC, and network equipment communicate properly with internal NIPRNet components and all required software functions as intended.
Network Infrastructure – firewall, core router, distribution, user access switch, and virtualization host servers to include:
• Windows 10 Enterprise Edition End-User Workstations
• Windows Active Directory (AD) Server (if part of the enclave)
• Wireless Intrusion Detection System (WIDS)
-
Documentation and Accreditation Submission for DoD ATO
SecureStrux will complete all documentation required for an accreditation package submission through eMASS and train the staff in preparation for the DoD ATO on-site assessment visit as part of the DoD RMF A&A process.
-
ACAS, HBSS, and External Connectivity Configuration for DISA ATC
Verify HBSS and ACAS connectivity to meet TASKORD 12-0863 and provide hands-on configuration training. Review the Endpoint Security and ACAS tool.
Install DoD Root Certificate Authority (CA) certificates on the certificate server inside the enclave.
Configure servers, workstations, and VoIP phones.
Create the HBSS system tree and install and configure required endpoint products to ensure OPORD 16-0080 compliance.
Configure ACAS scan policies and repository and verified credentialed access to meet full compliance of TASKORD 20-0020.
Partners in NIPRNet Build-outs
Simplify your path to a connected NIPRNet by working with SecureStrux. Our consultants will guide you from the start of the process until you receive your ATC (Authority to Connect).
How We Work
NIPRNet Enclave Buildouts (Scoped Projects)
We work with you to get your NIPRNet access connected and authorized. Whether you want us to manage and execute the entire process, or provide support for specific phases or capabilities, we can support your organization’s NIPRNet Enclave build-out requirements.
NIPRNet Enclave Maintenance and CCRI After Action (Scoped Projects)
We work with you on your CCRI after-action support and ongoing NIPRNet maintenance project. Whether those needs are ongoing patching, STIGing, ACAS & HBSS support, or OPORD and TASKORD updates, we can support your organization’s NIPRNet Enclave maintenance and update requirements.
Embedded Defense Cyber Plan
The Embedded Defense Cybersecurity Package from SecureStrux will help ensure you are maintaining your NIPRNet effectively, including ongoing patching, STIGing, ACAS & HBSS support, and OPORD and TASKORD updates.