Download PDF
Forcepoint > Case Studies > Forcepoint's Secure Multilevel Access Solution for Intelligence Community
Forcepoint Logo

Forcepoint's Secure Multilevel Access Solution for Intelligence Community

Technology Category
  • Application Infrastructure & Middleware - Data Exchange & Integration
Applicable Industries
  • National Security & Defense
Applicable Functions
  • Discrete Manufacturing
  • Quality Assurance
Use Cases
  • Predictive Maintenance
  • Remote Asset Management
Services
  • System Integration
  • Software Design & Engineering Services
The Challenge
The Intelligence Community (IC) customer was facing several challenges including crowded desktops, facilities at capacity causing a strain on power, excessive cooling, limited floor space, network proliferation, decreasing annual budgets, and a need for cross domain collaboration. They embarked on an enterprise-wide initiative for a multilevel security solution to support both high-end tactical operations support and low-end administrative users. The complete solution called for a data guard with self-release and reliable (two-person) human review capabilities. The overarching goal was for a desktop solution that can become the enterprise standard for the IC, achieving a “Culture of Collaboration.”
About The Customer
The customer is a member of the Intelligence Community (IC) that supports the US Government and its Allies. They are involved in defense, intelligence, and civil agencies. The customer was looking for a solution that would reduce power, space, and cooling costs while strengthening collaboration, accelerating information sharing, and ensuring the most stringent information protection. They were also looking for a solution that would support both high-end tactical operations and low-end administrative users.
The Solution
The customer selected the Forcepoint end-to-end solution to address their unique IT challenges. The solution consists of three components: Trusted Thin Client (front end), VMware View virtual desktop infrastructure (VDI) (back end), and Trusted Gateway System (data guard). These components provide high resolution video, two-way audio to a single host network, support for up to eight monitors from one thin client, PC over IP (PCoIP) protocol support for improved graphics quality, remote access, and secure multidirectional data transfer. With one wire to the desk, Trusted Thin Client users simultaneously and securely access multiple classified domains from a single thin client. Trusted Gateway System allows for the rapid movement of data between networks of different classification levels. Through the Trusted Gateway System Quick Release feature, text or files can be rapidly transferred to configured levels, increasing knowledge transfer among disparate networks in near real-time. Virtual desktops, through VMware View, provide the ability to quickly remove a compromised virtual computer and create a pristine copy the next time the user logs in. VMware View also provides PCoIP support for enhanced graphics quality. This VDI environment optimizes existing equipment to create secure, virtualized servers and desktops. This centralization makes patch distribution easier, lowers maintenance costs, reduces the amount of equipment to be managed, and reduces recapitalization costs.
Operational Impact
  • The solution allows the IC customer to capitalize on a lower cost, highly efficient solution for enterprise thin client computing.
  • Efficiencies have been gained in power, space, cooling, operations and maintenance.
  • The solution supports multiple workspaces on eight monitors, representing a 500% increase in desktop space and a significant impact on the amount of data an operator can manage.
Quantitative Benefit
  • The power savings in the first two years is expected to pay for the initial cost of the thin clients and monitors. With approximately 1,000 users across five networks, the power cost savings is estimated at $426,000 per year.
  • Centralized administration of servers and back end infrastructure equates to reduced workstation maintenance in the form of patching, re-imaging, service packs, updates, anti-virus signatures, workstation hardening, roaming profiles, workstation reboots and recapitalization of hardware/software. It is expected that the thin clients will have a seven year refresh cycle, rather than three to five years with workstations and PCs. The full optimization of the front end workstations saves in excess of $20 million over a seven year period.

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.