Wright-Patterson Air Force Base has recently faced a monumental technology changeover with the migration of installation computers to the Microsoft Windows 10 operating system.
In response to a Department of Defense directive to transition to Microsoft Windows 10 secure host baseline, the Air Force plans to complete the upgrade to the Windows 10 operating system across the enterprise by March 31.
Over the past two years, organizations at Wright-Patterson AFB began budgeting for the purchase of new computers that can utilize this new operating system, according to Karen Newton, 88th Communications Squadron, chief of Network Operations.
In preparation for the changeover, Newton said most organizations chose to procure laptops as opposed to desktop models for mobility purposes. Some existing computers on base were capable of the migration without new equipment needed. Devices that use non-Windows operating systems, such as iPADS, were not within the scope of this effort.
“The enhanced security feature provided by the Windows 10 secure host baseline separates the login process from the operating system, making it more difficult for attackers to infiltrate computer networks,” Newton said. “DoD and the Air Force are taking advantage of Credential Guard, one of the newest features of Windows 10.”
Credential Guard prevents attackers from accessing computers by separating the login process from the operating system. Attackers have long used the old process of utilizing a computer’s cache or user name and password store in the computer memory to gain access, Newton said.
On a base the size of Wright-Patterson and with the number of computers being used, the effort to bring all installation systems in line with the mandate is no small undertaking, Newton said. Wright-Patterson has 34,950 systems, both non-secure and secure, which require either a new computer or a computer migration to make the transition.
“The installation currently is reporting over 70 percent completion for both systems,” Newton said. “We feel confident that the mandate will be met.”
If organizations have an approved waiver excusing them from the March 31 deadline, they will not be removed from the network. She also added that systems that are not Windows 10 compliant and which do not have an approved waiver on April 1, will be then removed from the network.
“Cybersecurity is a top priority for this installation, the Air Force and the DoD,” Newton said. “The 88th CS is committed to migrate all available systems they manage.”
There are even more technology changes on the horizon for Wright-Patterson in the form of enhanced cybersecurity capabilities and Newton named two in particular.
“Cloud Hosted Enterprise Services, an email migration, is coming,” Newton said. “CHES is the suite of Air Force collaborative tools to migrate email, instant messaging and SharePoint into commercial, Microsoft, cloud-based datacenters. This system includes the migration to Office 365 and is scheduled for the base in the April-May 2018 timeframe.”
Another cybersecurity initiative is the Joint Regional Security Stack or JRSS. The base is scheduled to be a part of the Air Force DoD mandate to move to a Joint Information Environment. JRSS replaces the current Air Force NIPRNet Gateway System.
“JRSS provides two sets of security equipment side-by-side to provide top-level security for each base to provide enhanced redundant computer network defense equipment and transport,” Newton said. “Wright-Patt will have two JRSS stacks assigned to it, providing dual redundancy and a third alternate stack available for inbound and outbound traffic.”