CCRI & DISA STIG Compliance
By combining the IPS container with SIPRGuard two-factor user authentication, Trusted Systems helps the owning agency satisfy DISA STIG Finding ID V-31132.
Information Assurance – Network Connections – Physical Protection of Classified Network Devices such as Routers, Switches and Hubs (SIPRNet or Other Classified Networks or Systems Being Inspected)
Overview
Finding ID Version Rule ID IA Controls Severity
V-31132 IA-12.01.01 SV-41289r2_rule DCPP-1 EBCR-1 ECND-2 ECTM-2 PESS-1 High
Description
SIPRNet or other classified network connections that are not properly protected in their physical environment are highly vulnerable to unauthorized access, resulting in the probable loss or compromise of classified or sensitive information.
Trusted Systems’ definitive IPS container prevents unauthorized access to communications equipment:
– GSA-approved alternative to CAA or facility build-out
– Highest level Class 5 physical protection available
Frequently Asked Questions
IPS (Information Processing System) Security Containers are a cost effective alternative to a CAA or facility/SCIF build out, allowing on-line, closed-door, unattended, 24/7 operation of stand-alone or networked classified applications.
The IPS Container is an armored computer cabinet constructed specifically for the protection and operation of any combination of classified equipment: Type 1 encryption devices, switches, routers, patch panels, servers, workstations, laptops, etc. It’s an integrated security solution that combines physical protection with internal cooling, rack mounting and secured cable connectivity.
IPS Containers meet the GSA Class 5 protection criteria, the highest level of physical protection as specified under Federal Specification AA-C-2786, having their own distinct blue GSA approval label.
By using an IPS container, authorized users no longer need to rely on full-scale SCIFs to access a classified network. In essence, an IPS security container enables secure networks to go to the user, instead of the user going to a secure site.
Trusted Systems offers a multitude of sizes, cooling options, rack mount configurations and cable connectivity layouts. This allows IPS Containers to be small enough for single user or tactical applications, yet large enough for network data centers or large communications nodes, and everything in between.
By using a Trusted Systems IPS Container in a deployment, the owning agency saves substantial cost, time and complexity by eliminating the need to create a separate SCIF or secured equipment room.
Where a SCIF has a permanent location and fixed size, the Trusted Systems IPS Container is a fully authorized CAA alternative, self-contained, modular, scalable, and most importantly, transportable. This offers a high degree of flexibility for network deployments, upgrades or reconfigurations due to changes in architecture.
Trusted Systems IPS Containers are more than just storage containers; they protect classified network applications for SIPRNET or JWICS nodes, wireless access points, client workstations, DRSN or VOSIP circuits, VTC connections, server farms, blade clusters, communications closets and laptop repositories.
In these days with emphasis on joint forces integration and BRAC relocations, this modularity of infrastructure security provides great latitude when relocating networks at minimal cost in a shorter period of time.
SafeGuard transforms the traditional facility-based IPS Container into a network-centric solution with an integrated IP-addressable Intrusion Protection System known as “IPS 2.0 with SafeGuard”.
Now classified networks can be continuously monitored and controlled remotely with real-time proactive countermeasures against threats from overheating, power disturbances, and most significantly, unauthorized access from insiders and outsiders alike.
