by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : September 2013
32 GCN SEPTEMBER 2013 • GCN.COM I was invited to Citrix's Bethesda, Md., headquarters to meet with Woodruff and to test the security and performance of a system running Version 1.2 of Secure- View. The test unit was actually a note- book, with four different feeds streaming on it. The first line of defense, and why Se- cureView would be a good solution even for users with only a single network feed, is that it uses a trusted boot process. When XenClient XT is installed, the sys- tem's configurations are measured at their baseline state and stored in the sys- tem's Trusted Platform Module chip. In- tel's Trusted Execution Technology mea- sures the OS configurations each time it's booted to ensure nothing has been altered. The new measurements are used to unlock the encryption keys, and only if they match the baseline will any system powering SecureView even boot. Thus, any modifications made by programs or hackers will prevent the system from even turning on, shutting down trouble before it can even begin. That's because SecureView takes over the computer's local system, which is relegated to being just one of the feeds available and is unaware of, and unable to contact, any of the others. The boot screen for SecureView shows the various network feeds the host ma- chine can access, and they can be color coded to show their security levels. Each of the SecureView virtual machines --- that is, each of the network feeds --- is independent, though it may not look like that to a user. The SecureView feature called Multi- view allows multiple feeds to run on the same screen. In the demo, there were two live feeds, a movie and a 3D presenta- tion running on different networks in the background while a user typed in a docu- ment on the simulated top-secret net- work in the forward-most window. So an analyst could work on a top-secret report with a live CNN video feed in the corner of his screen with no danger of anything leaving its proper network. The secret is that it's all done with pixel replication. The feeds in the background are actually duplicates of the real thing, though even with live video, it was impossible to tell. Data can't be copied from one place to another. Remember, as part of hardening XenClient to XT, the dom0 was made into a virtual machine at the hypervisor level. So if a user tries to cut and paste some- thing from one network to another, the data will never make it. It's the same with trying to move something to the desktop, because essentially there is no longer a host system, just a collection of virtual machines the user can work with. Woodruff showed that setting up a ma- chine to use SecureView was also easy, well below the four-hour threshold origi- nally tasked by the Office of the Direc- tor of National Intelligence. Essentially, system resources are assigned to each feed. "The upper limit to how many feeds you can have is dependent on your hard- ware," Woodruff said. "Typically we as- sign two to three gigabytes of memory per network. If you find that you need more, you can always go back and change that." SecureView is surprisingly inexpen- sive. I've seen secure KVM solutions that cost more. First, an agency needs to have a computer that supports Intel vPro --- a Dell Optiplex 9010 or an HP Compaq Elite 8300 would work fine. Citrix's XenClient XT would run about $599 for a single li- cense, though the company offers govern- ment and volume discounts. If an agency could set up SecureView itself, or AFRL can set it up for a fee. AFRL also will main- tain the software for as little as $25 per seat, depending on the quantity. SecureView was surprisingly graceful given how secure it was. Switching from one network to the next was extremely easy, and even monitoring other networks was possible with Multiview, assuming there is a big enough screen. So far, Se- cureView has impressed a lot of govern- ment agencies as well. It got a favorable evaluation against the new NIST SP 800- 53 Security Controls Catalog. It earned the Top Secret and Below Interoperability Authority to Operate certification from the Defense Intelligence Agency. And the new 2.0 version of the program is in the process of getting Secret and Below In- teroperability certification, which would allow it to operate on DOD's secure and unclassified networks (SIPRnet and NI- PRnet) simultaneously. Not only is SecureView rock-solid in terms of security, it has one of the most elegant interfaces I've encountered. It's also a surprisingly inexpensive solution that perfectly matches the needs of the government security community. • SecureView takes over the computer's local system, which is relegated to being just one of the feeds available and is unaware of, and unable to contact, any of the others. CASE STUDY CYBERSECURITY