The Goal of the pilot is to reduce cyber security material weakness without creating an overly complex environment while maximizing the re-use of existing infrastructure. A balance of operational ability and security must be attained meet the VA’s dynamic environmental and mission requirements.
Based on the VA Office of Inspector General (OIG) findings regarding the VA Medical Device Protection Program (MDPP), an MDPP Working Group, in collaboration with representatives of VA-NSOC (National Security Operations Center) and Office of Information and Technology (OI&T) Service and Delivery and Engineering (SDE), outlined and analyzed the deficiencies of the current Access Control List (ACL)-based implementation of Medical Device Isolation Architecture (MDIA). As a result, the MedFusion project was established to investigate alternative approaches to device isolation (for both medical and non-medical devices) that would utilize network security management appliances and existing network isolation technologies in order to determine current availability and suitability for the task of medical device and special purpose system network isolation.
This solution builds upon existing architecture- providing an agentless network discovery of Open Systems Interconnection (OSI) Layer 2/3 devices that are able to discover and authenticate authorized wired, wireless, Virtual Private Network (VPN) or Bring Your Own Device (BYOD) end-point devices (based on industry and vendor defined characteristics). The pilot network overhead shall be unobtrusive (or negligible) to network performance. In addition, the pilot needs to interface with existing VA discovery Continuous Diagnostics Monitoring (CDM) products such as Gigamon. The pilot solution hardware and software) must integrate with existing Network Security Operations Center (NSOC)