Jump to content

That Cyber Thread


17D_guy

Recommended Posts

NMCI sucked pus-covered gangrenous donkey balls while I was in the other service; I haven't heard anything in the years since to indicate it's gotten any better.

The green-ness of the grass on that side is an illusion.

Edit: spell more gooder

The problem is that there simply isn't the bodies at the base level to do a good job. Rather than one monster service contract, there will be lots of little ones. It will be happening very soon with email. Base data centers will also be contractor operated soon.

Link to comment
Share on other sites

As much of a pain as it might be, there just isn't a good way to balance speed/efficiency with control/security on the Air Force network. There have been decisions (ESD) that have made things worse, but it's never going to be as good as your personal systems. It can't be. The Air Force network has to be set up to account for the lowest common denominator. While everyone on this forum might be somewhat tech savvy, most people are not. The federal government also has a lot more restrictions than the private sector because of the nature of the information we deal with. As sad as it might be, outside of the IC, the Air Force has the best network in the DoD.

From the cyber ops side, none of this applies, and the work is getting done by people that drink way too much energy drink and eat way too many hot pockets and pop tarts...which is exactly how it should be.

  • Upvote 1
Link to comment
Share on other sites

In my daily dealings with the Anchors Aweigh crowd in my other work, NMCI sucks. Having to burn CD's and snail-mail it bc NMCI stripped my .pptx attachment from an email is just plain stupid. It makes me start looking for my Windows 95 update pack and AOL CD in the mail bc I MUST be caught in a time warp and am living in 1994.

Link to comment
Share on other sites

The problem is that there simply isn't the bodies at the base level to do a good job. Rather than one monster service contract, there will be lots of little ones. It will be happening very soon with email. Base data centers will also be contractor operated soon.

In my daily dealings with the Anchors Aweigh crowd in my other work, NMCI sucks. Having to burn CD's and snail-mail it bc NMCI stripped my .pptx attachment from an email is just plain stupid. It makes me start looking for my Windows 95 update pack and AOL CD in the mail bc I MUST be caught in a time warp and am living in 1994.

As stated the NMCI contract is awful. The Air Force will not play with the Navy on Cyber if NMCI is involved. They do not take any of it seriously and there's a number of.. problems that have occurred on their networks due to the lack of choke-con.

Also, having to pay $450+ to move a workstation around the office is a little steep.

I enjoyed this little article - http://www.airforcetimes.com/story/military/2015/04/13/whos-been-cut/25574185/

Mobility pilots.. ouch. But then in my corner,

  • Cyberspace operations lost 136 airmen, or 5 percent of officer cuts.

This is on top of the cuts the 33S AFSC faced for.. 5 years? I don't know, I wasn't an O then. There's a significant bathtub in the Cyber force. My Sq CC's almost guaranteed Col, not for outstanding performance or any other leadership metric, but because the attrition rates in the year groups are so high and all the other eligibles are leaving. I like my CC, so that's not a slight--that's straight from her.

Also, base comm contracted out isn't bad as long as the contractor is responsive and you pay them. Vandenberg had contracted base comm and it was a great working relationship. One of the best I'd been involved with. Just like the ESD would have been if the contractor was paid and sized accordingly. Everyone's of the opinion, "It's simple geek stuff, how hard could it be?" Then the negotiations start and the cyber support service and infrastructure maintenance is constantly down-valued. Which is why in the other thread I said just because you don't value something, doesn't mean it's not important. Well, if the AF had valued the customer service, support, and requirements inherent with the ESD it would have succeeded.

the AF didn't. The AF failed. Then the ESD failed.

Where so many other businesses, large ones, have succeeded. Union Pacific has a consolidated help desk. It's 24/7, has 3~5 ring pick up requirements and services all of CONUS. They also pay very well to keep the "easy job" service technicians, focus on training and job advancements for top performers.

I can't even get that kind of respect for my Amn on the base, let alone out of the behemoth that is mother-AF. Actually, that's not fair. The base here is really appreciative of the work my guys do.

This valuing of "easy jobs" could be applied to all the support career-fields. How much would you guys pay for a full-up, competent finance and MPF? With NCO's who know what they're doing and know their job inside and out... like we used to have. That didn't have to write a request to a central processing agency and wait for a reply to do something? That could execute your DTS and other orders with little to no problems?

Well, whatever you think, the AF decided we all could use an additional duty as our own MPF/Finance troop. Don't forget your IAO additional duty as well.

Link to comment
Share on other sites

  • 2 weeks later...

https://www.my.af.mil/gcss-af/USAF/ep/contentView.do?contentType=EDITORIAL&contentId=cE3494DD04C7C2F3E014CD716CF8208A1

ESD To Stop Accepting Phone Calls

The Enterprise Service Desk (ESD) will no longer be accepting phone calls effective May 4, 2015. Please contact your Base Comm Focal Point (CFP) for IT issues or your Cybersecurity Liaison (CSL/IAO) for Account Management requests.

Link to comment
Share on other sites

  • 1 month later...

So.. McCain decided BAH was too much for the DoD to cover while leadership's decrying the retirement, "rising" medical costs and the general poor return on investment all around on actual people. Here's section section 591, from the Senate version of the NDAA (S.1376) -

SEC. 591. REVISED POLICY ON NETWORK SERVICES FOR MILITARY SERVICES.

(a) Establishment Of Policy.—It is the policy of the United States that the Secretary of Defense shall minimize and reduce, to the maximum extent practicable, the number of uniformed military personnel providing network services to military installations within the United States.

(b) Prohibition.—Except as provided in subsection (c ), each military service shall be prohibited from using uniform military personnel to provide network services to military installations within the United States 2 years after the date of the enactment of this Act.

( c) Exception.—Nothing in subsection (b) shall be construed as prohibiting the use of military personnel providing network services in support of combatant commands, special operations, the intelligence community, or the United States Cyber Command, including training for these organizations.

(d) Waiver.—The Secretary of Defense or the Chief Information Officer may waive the prohibition in subsection (b) if necessary for the safety of human life, protection of property, or providing network services in support of a combat operation.

(e) Report.—

(1) IN GENERAL.—Not later than March 30, 2016, the Chief Information Officer shall submit to the congressional defense committees a plan for the transition of the current performance of network services from military personnel to other means.

(2) ELEMENTS.—The report required under paragraph (1) shall include the following elements:

(A) An assessment of the costs of using military personnel versus other means to provide network services for the military services.

(B) An estimate of the savings of transitioning the current performance of network services from military personnel to other means.

© An estimate of the number of military personnel that could be reallocated for military-unique missions.

(f) Validation Of Cost And Savings Estimates.—The report required under subsection (e) shall be validated by the Director of Cost Assessment and Program Evaluation.

Looks like blue-suit base support is over boys, time to go home.

Link to comment
Share on other sites

Stupid question time:

If the NDAA passes with that language in it, we'll be dealing with the lowest-bidder version of Comcast for our base networks 2 years later?

Nothing good (for DoD) could possibly come from that...

It's almost like they're actively trying to break the military.

Link to comment
Share on other sites

Hey, when NIPR is down, we can just all go home for the day..... am I right?

Comcast, where have you been all my life?

Oh, and does this mean I'll be able to plug in USB drives and use iPads as something more than an e-reader?

Edited by Champ Kind
Link to comment
Share on other sites

Huawei will be the first bidder and will probably offer to do the job below cost. They're just here to help.

  • Upvote 1
Link to comment
Share on other sites

(b) Prohibition.—Except as provided in subsection (c ), each military service shall be prohibited from using uniform military personnel to provide network services to military installations within the United States 2 years after the date of the enactment of this Act.

( c) Exception.—Nothing in subsection (b) shall be construed as prohibiting the use of military personnel providing network services in support of combatant commands, special operations, the intelligence community, or the United States Cyber Command, including training for these organizations.

Looks like blue-suit base support is over boys, time to go home.

Disagree. I want to see blue-suiters operating in the cyber domain to achieve combat effects and not just keeping the street clean. For the support function (which is markedly different than the combat fuction), I think we can provide better support through services contracts vice creating rice-bowls. Amazon Web Services is a good example: I've simply never heard of it failing. I have no idea why we continue to maintain base data centers for base-specific applications when AWS is both cheaper and more reliable. Airmen need to be shooting from the castle walls and not cleaning the crap.

Link to comment
Share on other sites

Disagree. I want to see blue-suiters operating in the cyber domain to achieve combat effects and not just keeping the street clean. For the support function (which is markedly different than the combat fuction), I think we can provide better support through services contracts vice creating rice-bowls. Amazon Web Services is a good example: I've simply never heard of it failing. I have no idea why we continue to maintain base data centers for base-specific applications when AWS is both cheaper and more reliable. Airmen need to be shooting from the castle walls and not cleaning the crap.

Don't have a lot of time to reply right now. You'll see the AF has been pushing for this sort of thing for awhile. I think I said in a earlier post that DISA said they were the arbiter of all things cloud.. then certified no cloud services besides their own. DoD CIO punched them in the dick and now they're moving on to approve other cloud providers. But don't think they don't have downtime (AWS and Google have both had outages). Sure, it's not the same as my/your base, but their business model is different, their mission is different, and their costs are different.

If "we" low-ball it just like ESD, and other "Cyber Support Servcies" have been it won't be any better than what you've got now.

*COUGH* NMCI *COUGH*

Yep. Thanks. $400 to move that network drop in an office please.

Link to comment
Share on other sites

Disagree. I want to see blue-suiters operating in the cyber domain to achieve combat effects and not just keeping the street clean. For the support function (which is markedly different than the combat fuction), I think we can provide better support through services contracts vice creating rice-bowls. Amazon Web Services is a good example: I've simply never heard of it failing. I have no idea why we continue to maintain base data centers for base-specific applications when AWS is both cheaper and more reliable. Airmen need to be shooting from the castle walls and not cleaning the crap.

As a former AD (now Reserve) 17D and working for a big cloud provider at my day job, there is plenty of interest to provide services to the DoD. Biggest hurdle is that what keeps our costs down is the ability to essentially share that computing power with multiple customers (as well as a lot of non-US citizens doing dev/build/mx) which the DoD cloud service provider regs keep choking on.

The regs are also in constant flux, which makes it hard to plan a business case for $XXXM+ in investment to folks who have very little concept of why the regs are written the way they are. DISA (as 17D_guy mentioned) is the big broker, and many of the regs are still written with traditional enterprise networks in mind. Some concerns are valid, some aren't, which defeats a lot of the cost savings. But, I think the next 18-24 months will show a lot of progress as the various branches start pushing DISA to compromise a bit more.

And yes, we do have outages just like your traditional base server farms. The difference comes in the redundancy model that cloud offers and there are various pricing options to help with that. Of course, multi-region/multi-service outages can happen with things such as zero-day attacks, human error, bad rollover configs, etc..

Link to comment
Share on other sites

Anybody have a list of current diaper wearing reg compliant wireless mouse for a NIPRnet computer system? I've scoured the STIGs and AFSSIs, but cannot find what the requirements are or a list of compliant products. Muchos gracias in advance.

Cheers

Link to comment
Share on other sites

Anybody have a list of current diaper wearing reg compliant wireless mouse for a NIPRnet computer system? I've scoured the STIGs and AFSSIs, but cannot find what the requirements are or a list of compliant products. Muchos gracias in advance.

Cheers

^ Same for wireless USB slide clickers please (ie, Logitech Presenter)

Eh, I'll try to look into it. Clickers.. should be fine.

Is your IA shop saying otherwise? Have them site the source as Warrior states. Note who says it's default no, vs yes.

Murder them.

Another thing to add to this is the oncoming JIE and JRSS -

http://www.disa.mil/Initiatives/JRSS

http://www.disa.mil/About/Our-Work/JIE

I imagine this is akin to what prop guys felt like when jet engines came along. But you know.. minus the fun.

Link to comment
Share on other sites

I imagine this is akin to what prop guys felt like when jet engines came along. But you know.. minus the fun.

From where I sit, it looks a bit like the JSF: Some big joint "program" sucking up service-specific funding then returning capabilities that are less than when you started. Without getting to in the weeds, there are some capability gaps that will emerge when we give up on the gateways (16 AFNET exit points for those at-home viewers who are not immersed in the gory pain of the AFNET) and switch to JRSS. JRSS is funny in that it isn't actually a program at all -i.e.... there's no program element that Congress approved. Instead, its all the services throwing money at this based on DoD CIO direction.

I see a trend of increasing centralization at DISA, and I'm not sure that's a good thing.

Link to comment
Share on other sites

Back at we had wireless mice, in an open storage vault. Now in AETC I can't get this capability in our unclassified briefing rooms, and trying to figure out the requirements to make it happen is unbelievably painful. So, any data otherwise will help. PM with actual nerd shit so as not to gum up the thread.

Edited by Tulsa
Link to comment
Share on other sites

Back at we had wireless mice, in an oh my gosh,open storage vault. Now I'm the the piss up a rope and prove me otherwise BS AETC command because I'm a civilian and frozen into inaction to preserve my job mode. So, any data otherwise will help. PM with actual nerd shit so as not to gum up the thread.

Dude, are you posting drunk or representing the Chinese? All your mice are belong to us.
  • Upvote 1
  • Downvote 1
Link to comment
Share on other sites

Back at we had wireless mice, in an open storage vault. Now in AETC I can't get this capability in our unclassified briefing rooms, and trying to figure out the requirements to make it happen is unbelievably painful. So, any data otherwise will help. PM with actual nerd shit so as not to gum up the thread.

Yeah, I don't understand the Air Force and their ridiculous EMSEC and wireless device policies. Where I work now, we have multiple boxes from multiple agencies spanning all classifications (unclass through SAP) sitting next to each other. They are all hooked up to switch boxes and use the same monitors, mice, keyboards, etc. They also all use the same wireless clicker. It's been the same setup in joint deployed environments, from what I've seen.

At my last duty station, which was an Air Force base, we had red tape all over the desks to show you the line you couldn't cross with your mouse or any other equipment. People literally got written up for moving an optical mouse hooked up to NIPR over the SIPR red line. Not only is that too stupid for me to process, they actually employed people who went around checking/monitoring this shit.

Link to comment
Share on other sites

Gravedigger, from what I've found it seems wireless IR mouse are ok to use as long as the room is enclosed and made of material impervious to IR energy. Does this jive with what you've seen? Yeah, I agree, it seems all of a sudden we went full retard.

  • Downvote 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...