DISA announces contract award for Thunderdome Prototype
Thunderdome will be DISA's state-of-the-art zero trust security and network architecture

by Dillon McConnell
Office of Strategic Communications and Public Affairs
January 25, 2022 

FORT GEORGE G. MEADE, Md. – The Defense Information Systems Agency (DISA) and the Department of Defense at-large are amidst a global-power competition in an ever-changing cyber landscape with increasing risks and threats from sophisticated adversaries. With the onset of the COVID-19 pandemic, the cyber-attack surface has also intensified as more individuals telework and as more applications and data migrate to the cloud.

In response, on Jan. 24, DISA awarded a $6.8 million contract to Booz Allen Hamilton for execution of a Thunderdome Prototype, a zero trust security solution, that aligns with the president’s executive order to improve the nation's cybersecurity posture. During this six-month effort, the agency will operationally test how to implement DISA’s Zero Trust Reference Architecture, published in March 2020 for DOD, by taking advantage of commercial technologies such as Secure Access Service Edge (SASE) and Software Defined-Wide Area Networks (SD-WAN).  Thunderdome will also incorporate greater cybersecurity centered around data protection and integrate with existing endpoint and identity initiatives aligned to zero trust.

“Over the course of the next six months, we plan to produce a working prototype that is scalable across the department,” said Jason Martin, director of DISA’s digital capabilities and security center. “During that time, we will do what DISA does best – build, test, validate and implement the premier cybersecurity solutions for the Department of Defense and warfighter around the world.”

Next generation of cybersecurity

As an enhanced security set of capabilities, Thunderdome will greatly help to defend and guard our systems against sophisticated adversaries. Thunderdome will modernize DISA’s cybersecurity infrastructure to significantly improve our security posture as well as improve user access to cloud hosted applications by enabling dynamic, adaptable security from the user to the data and application edge.

“Thunderdome reflects a substantial shift to a next generation cybersecurity and network architecture for DOD,” said Chris Barnhurst, DISA deputy director. “Rooted in identity and enhanced security controls, Thunderdome fundamentally changes our classic network-centric defense-in-depth security model to one centered on the protection of data and will ultimately provide the department with a more secure operating environment through the adoption of zero trust principles.”

As the threat landscape continues to change and evolve, so too must DISA in order to continue to anticipate and react by evolving, changing or adding cyber capabilities. Last year the department made the decision to phase out the Joint Regional Security Stacks (JRSS), based upon both independent and baseline reviews, and transition to a new zero trust security and network architecture. DISA is actively developing a department-wide strategy where mission partners will transition from current cybersecurity solutions, such as JRSS, to Thunderdome or other zero trust implementations. DISA is conducting a six-month prototype, which will inform scalability of Thunderdome across DOD and the overall implementation strategy to transition JRSS users to an enterprise-wide offering of Thunderdome.

Aligns to federal cybersecurity modernization efforts

DISA’s Thunderdome prototype is a zero trust solution that aligns with several federal government cybersecurity modernization efforts to include the president’s executive order on improving the nation's cybersecurity, the DOD Chief Information Officer’s (DODCIO) Digital Modernization Strategy as well as DISA’s Strategic Plan.

As part of this modernization, Thunderdome will enable the streamlining of DOD’s endpoint security solution set, enhance our security posture as we continue to invest in cloud technologies and implement new security capabilities. SASE technology will be used to supplement the current perimeter defense function and allow for direct internet access for DOD applications, regardless of hosting environment.

Successful deployment of Thunderdome as a new security model will achieve DOD’s overall goals to integrate network and security solutions in the cloud and enhance protections of end-user devices.

Focused on the warfighter

DISA remains steadfast to deter adversaries and accelerate efforts to connect and protect the warfighter in cyberspace. We are taking bold and decisive action to ensure that the information technology supports our current and future warfighters and that our weapons systems are protected anytime, anywhere.

Thunderdome will help us to modernize our network and leverage industry advances in technology to deliver IT solutions that enhance security and data protections. Working shoulder-to-shoulder with our mission partners, we are focused on providing secure capabilities to the warfighter at a velocity of action to win.