Because DoD is operationally dependent on networked information systems, Computer Network Defense (CND) has emerged as a core mission area for DoD. DoD Instruction 8530.2 describes CND as an interrelated set of activities that includes operations, services, and support functions within the overall strategic environment. The Instruction envisions Computer Network Defense operations and services to support actions that protect, monitor, analyze, detect and respond to unauthorized activity within DoD information systems and computer networks. The strategic environment necessary to provide these services supports a broad range of defensive capabilities that are useful to both the DoD as well as civilian agencies.
Noblis' capabilities in Computer Network Defense are broad ranging. The Noblis Information Assurance Center of Excellence (IA CoE) has extensive experience in each of the focus areas defined in DoDI 8530.2, with certified individuals available to provide support in each of the focus areas. The following table summarizes Noblis capabilities in the CND area:
| ND Focus Area |
Noblis Capabilities |
| Protection |
- Vulnerability Assessments
- Red Teaming
- Education and Awareness
|
| Monitoring, Analysis, and Detection |
- Situational Awareness
- Cross-enclave Information Flow (DoD/Law Enforcement)
- Intrusion Detection and Intrusion Prevention Systems
|
| Response |
- Plan of Action Development and Monitoring
- Plan of Action Development and Monitoring Active Defense Systems
|
The Noblis IA COE Computer Network Defense program works to improve integrated in-depth capabilities to meet the increasing threats in tactical mission environments by assisting programs that extend information assurance between war fighters and the network service perimeter, provides support for asset accounting, vulnerability assessment, and baseline compliance status. These programs permit security service providers to have an accurate assessment of the health of their network assets so that appropriate effort can be directed toward resolving vulnerabilities. A final component of the Noblis CND program is ongoing monitoring and assessment to assist operational staff with assured command and control for network components.
Noblis uses commercial off-the-shelf technologies as well as best-in-class security technologies to meet the CND system needs. We provide support for the entire system lifecycle, from architecture development, through procurement and deployment, as well as operational support.
Noblis has built tools to support the CND mission operations including Cyber threat analysis systems, vulnerability tracking and management, and system assessment technologies. We have provided product assessments, integration testing, security test and evaluation support, and red team assessment of deployed systems.
Noblis has also developed training materials and delivered awareness training in cyber defense, product assessment, and digital forensics.
As an example of CND work, Noblis has performed an in-depth vulnerability assessment for a Department of Defense customer in the area of network defense capabilities. Our assessment of this service's network operations lead to concrete suggestions for operational improvements and an independent assessment of the service's own analyses.