Controversial Einstein systems to inspect U.S. government's Internet traffic

The largest U.S. carriers -- including AT&T, Qwest and Sprint -- are deploying special-purpose, intrusion-detection systems dubbed Einstein boxes in their networks as part of an 18-month-old effort to tighten security on federal networks.

Developed by the Department of Homeland Security (DHS), the Einstein software provides real-time monitoring and analysis of Internet traffic flowing in and out of federal agency networks. Einstein is an early warning system designed to detect worms and other malicious code entering federal networks. Einstein 3.0 is under development by the U.S. Computer Emergency Readiness Team.  

Carriers are deploying Einstein systems as part of the federal Trusted Internet Connections Initiative, which aims to reduce the number of Internet access points operated by federal agencies and to protect the remaining Internet access points with a standard suite of managed security services.

Only U.S. federal government Internet traffic -- not commercial or personal Internet traffic -- will pass through the Einstein systems for inspection, carriers say.

The U.S. General Services Administration has awarded contracts to three carriers that involve deploying Einstein systems. In April, GSA awarded contracts to Qwest and Sprint to provide what it calls Managed Trusted Internet Protocol Services, (MTIPS). AT&T won a similar contract last December. 

Verizon Business and Level 3 Communications say they expect to receive MTIPS contracts from GSA soon. GSA is awarding the MTIPS contracts through its massive Networx program, a 10-year, $20 billion federal telecom deal held by these carriers.

To meet the U.S. government's cybersecurity requirements, Qwest says it is using its MPLS transport infrastructure to move federal network traffic into special CyberCenters, where the traffic will pass through secure, redundant gateways including Einstein systems. In these CyberCenters, Qwest will apply managed security services including firewall policy enforcement, IDS, antivirus, antispam and e-mail scanning.

"The whole MTIPS initiative is about taking our civilian agencies and getting them up to the level of the intelligence community and the Defense Department" in terms of cybersecurity, says Diana Gowen, senior vice president and general manager of Qwest Government Services.

Gowen says Qwest is building out secure enclaves in its network and deploying Einstein and other security gateways.

"We should have most of what we need to do from a hardware and equipment perspective racked, stacked and tested by July," Gowen says, adding that the U.S. government will then certify and accredit the carrier's MTIPS services. "Our plan is to be done by the end of the third quarter, and then we can provide services to the government in…October."

Qwest has a handful of customers including several Treasury Department agencies already signed up for its MTIPS services.

Jeff Mohan, executive director of AT&T's Networx Program Office, says AT&T has received multiple orders for MTIPS services. AT&T hopes to have its MTIPS solution certified in August.