We understand the requirements to get and maintain SIPRNet enclave connectivity while ensuring long-term, sustainable security. Our engineers are DISA-trained Team Leads and Reviewers. Incorporating this additional CCRI experience and knowledge into all our activities provides unparalleled value to our engagements and outcomes. This unique blend of knowledge enables us to engineer SIPRNet solutions that meet various Department of Defense requirements from day one, reduce the costs of having additional technical reviews following enclave completion, and ensure you receive your Authority to Connect (ATC) and Authority to Operate (ATO).
Our SIPRNet Subject Matter Experts (SMEs)
Our SMEs know the STIGs, which STIGs to apply, how to conduct the checks, and implement and prioritize the settings based on risk and Return on Investment (ROI). SecureStrux is highly regarded for our technical expertise, and most importantly, our commitment and demonstrated success in delivering solutions that strengthen the security posture of our client organizations.
Our Subject Matter Experts have developed and taught numerous DISA-approved courses on OS hardening, database security, web security, McAfee ePO and HBSS endpoint security, application security, vulnerability management, and network security. Our personnel are cross-trained in multiple technologies to bring efficiencies to the project and guide client staff on configuring, securing, and sustaining their SIPRNet environment.
The SecureStrux SIPRNet Project Plan
The standard SecureStrux approach for SIPRNet services is a five-phase approach (see the process below). The SecureStrux Team Lead will provide project management of the project scope for all phases with high-level insight into the SIPRNet enclave project requirements at project initiation. SecureStrux will meet with all appropriate site personnel and senior leadership to introduce team members, obtain proper logical and physical access, and verify any technical details needed for installing and configuring the enclave. Our SIPRNet support efforts will provide and satisfy the requirements for:
- End-user secure baseline images with baseline applications and all applicable patches, updates, and drivers pre-installed
- Offline media with backup configurations of all equipment
- Documentation, policy, and procedures required to receive an Authorization to Operate (ATO), Approval to Test (ATT), Authorization to Connect (ATC) as per the applicable DoD Office
- Configuration of equipment and software following applicable federal, DCSA processes, and DISA STIGs to receive node certification and accreditation/ authorization
- Training to applicable personnel on the operations, maintenance, and configuration of all infrastructure and workstation equipment
Complete Circuit Approval Process
Review Preliminary Enclave
Assist with the completion of the NISP SIPRNet Circuit Approval Process (NSCAP) requirements and work with the AO to ensure the government side requirements are completed as part of the NSCAP process as needed.
Complete Non-DoD Connection Request Process
Pre-project planning and support that may be required before the Connection Request.
Provide any information required to complete the DoD Connection Request and Sponsor Validation Letters.
Answer questions that may arise before receiving the DoD CIO SIPRNet connection approval letter.
Install and Configure SIPRNet Hardware and Software
SecureStrux will install and configure hardware and software assets to communicate internally, ensuring all workstations, VTC, and network equipment communicate properly with internal SIPRNet components and all required software functions as intended.
Network Infrastructure – firewall, core router, distribution, and user access switch, and virtualization host servers to include:
• Windows 10 Enterprise Edition End-User Workstations
• Windows Active Directory (AD) Server (if part of the enclave)
• Wireless Intrusion Detection System (WIDS)
Documentation and Accreditation Submission for DoD ATO
SecureStrux will complete all documentation required for an accreditation package submission through eMASS and train the staff in preparation for the DoD ATO on-site assessment visit as part of the DoD RMF A&A process.
ACAS, HBSS, and External Connectivity Configuration for DISA ATC
Verify HBSS and ACAS connectivity to meet TASKORD 12-0863 and provide hands-on configuration training. Review the Endpoint Security and ACAS tool.
Install DoD Root Certificate Authority (CA) certificates on the certificate server inside the enclave
Configure servers, workstations, and VOSIPs
Create the HBSS system tree and install and configure required endpoint products to ensure OPORD 16-0080 compliance.
Configure ACAS scan policies and repository and verified credentialed access to meet full compliance of TASKORD 20-0020.
How We Work
SIPRNet Enclave Buildouts (Scoped Projects)
We work with you to get your SIPRNet connected and authorized. Whether you want us to manage and execute the entire process, or provide support for specific phases or capabilities, we can support your organization’s SIPRNet Enclave build-out requirements.
SIPRNet Enclave Maintenance and CCRI After Action (Scoped Projects)
Embedded Defense Plan
The Embedded Defense Cyber Package from SecureStrux will help ensure you are maintaining your SIPRNet effectively, including ongoing patching, STIGing, ACAS & HBSS support, and OPORD and TASKORD updates.
Our all-inclusive Embedded Defense Cyber Package will provide consistent and predictable cybersecurity support on a fixed budget. The Embedded Defense Cyber Package brings our entire breadth of capabilities to your team, enabling you to approach your SIPRNet maintenance and Command Cyber Readiness Inspections (CCRIs) from a holistic perspective. Whether you need a fresh perspective, custom training, or just some extra knowledge and hands, our service ensures you stay in a cyber-ready status.
Partners in SIPRNet Build-outs
Simplify your path to a connected SIPRNet by working with SecureStrux. From the start of the process until you receive your ATC (Authority to Connect) our team of consultants will guide your team through the entire process.