Editing
CARDS2 Discussions
(section)
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
== 2/9/2023 Aquarian CARDS DHS Meeting == Dan Big thing: Download red TrKEK from CARDS (Fill to devices) Who do we talk to at NSA to understand if there’s any possibilities to do this properly? For example KMI DOCKS (Spelling) should be able to do this over the network but they use a token. One contingency TrKEK, not all the accounts TrKEKs, and it’s only available for fill to CFD. ConTrKEK(OpTrKEK) -fill-> CFD Currently we send new TrKEK wrapped in their current TrKEK. The new TrKEK is a different Short title. Also to note…. All FEMA accounts are TS, so the contingency key for FEMA accounts is TS when red… TrKEK talk spiraling to electronic DRF (currently blank paper out of band) Dan: Strength in numbers, he has his wish list, but understands roping in DoS FBI etc etc to build a better product Searching, better searching, CARDS does currently have searching, but I don’t think it’s exposed to CAMs (spotlight available in DoS CARDS) Java Script and Palisade Asked about A&A for Palisade, it’s under iApps ATO. Concern about ATO/A&A to bring Palisade in. Can Palisade run in a VM? Dan says you can’t load thins on a thin client.. Serial/COM port access to a thin client. Concerns about machine re-imagining blowing away settings Solved by user profiles or a COMSEC specific machine image Having app available on Software Center It’s honestly hard working with the HSDN folks. They will say things are solved, but they won’t be solved (GPO for serial/com ports) HSDN program office contacts: Greg Evans, Bible Dan: Palisade is the ‘engine’ and accessed via browser Dan is wondering about a Citrix (or similar) based app when he talks about VMs Browser based Citrix like application? How does interaction with Serial/COM ports work? There’s animosity and perhaps a misunderstanding about ‘Java’, it’s a dirty word up here. Java-script served via browser = bad Java running on as an app = good Oracle > SQL Migration ~80K a year they’re paying for oracle right now, expecting to breach 100K with price changes. Approach to moving away from CARDS Palisade using enterprise MS SQL, Palisade working from browser. Comparisons to KMI (KMI runs locally, has a local database, despite the conv, you can login without a connection.) JC: 1-2 people for 2 years thought the numbers were conservative Additional Capabilities NCIRS machine to machine API for incident reporting? CAM nominations/personnel workflow PII Concerns Are there existing approval tools used on HSDN for automating administrative functions. Jim Questions: NCIRS on high side Forms and adding initial pdf report to incident Personnel administration, separate crypto access brief No database Pii bad Just adding here: is there a high side service for work flow? There should be an source to enable machine to machine queries to validate access. Features page TACLANE Key tracking -> Filled in device tracking (Although, is there an API where we could have a machine to machine GEM API? Where we could push key to it and receive device information) Described that we’d seek feature parity first before tackling enhancement KMI Aware Still a nice to have dream that might have in the 5 years or later (They’ve been saying it for the past 10 years) Dan: would rather see a COR feature in KMI iApp serves as a KMI store front to help get to the last mile (cross domain), serves as a GEM so to speak Look at the bigger picture and breakout into smaller chunks for better planning/pricing/time Dan: new mangt at DoS their thoughts and feelings about it all and a new CARDS. Daniel fixing and adding features to IApp. iApp will be like the DoS Page Group at DoS. Is DoS sold and stuck on iApp? CARDS is approved as a CMCS. How do we get a new product approved? iApp is not approved What is an approved system? Is it just the fact that the systems only store Black Key? Everything else is just classification.
Summary:
Please note that all contributions to AquaWiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
AquaWiki:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Create account
Log in
Namespaces
Page
Discussion
English
Views
Read
Edit
View history
More
Search
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Tools
What links here
Related changes
Special pages
Page information