ECS drives mission success with intelligent data infrastructure

Headquartered in Fairfax, Virginia, ECS is a federal systems integrator that delivers advanced solutions in cybersecurity, artificial intelligence (AI), application and IT modernization, science, and engineering. The company solves complex challenges for customers across the U.S. public sector, defense, and commercial industries.

ECS operates as a managed service provider for the Army Endpoint Security System (AESS). Using a fully managed platform-as-a-service model that delivers real-time situational awareness on a global basis, the AESS minimizes the Army’s attack surface, increases endpoint protection, and drives automation of key metrics to the U.S. Department of Defense (DoD) Cyber Scorecard.

The AESS provides traditional and advanced security (such as dynamic whitelisting and machine learning), threat prevention, web control, firewall, and adaptive data protection. As the first line of defense against cyber adversaries, the AESS blocks 1.5 million malicious events every month at the Army’s distributed endpoints around the world.

“As the nature of cyber warfare continues to evolve, the Army depends on ECS to defend its unified networks against emerging threats,” explains Mark Maglin, vice president of DoD Cybersecurity at ECS. “The Army’s attack surface is massive and constantly expanding. Especially when it comes to tactical environments that are dealing with limited bandwidth or intermittent service, being able to provide standardized security and visibility across the entire network is a formidable challenge.”

To enable maximum uptime and flexibility for the AESS, ECS relies on powerful all-flash storage from NetApp. ECS has partnered with NetApp for years to provide enterprise-grade performance and security for the Army’s global IT operations as a 100% remotely managed service residing in the Army’s distributed data centers, using five global regional nodes in a data mesh.

An intelligent data infrastructure provides all the security capabilities the Army needs to protect its data no matter where it lives (or where it goes), including least-privileged access, multi-factor authentication, and end-to-end encryption, while enabling data-centric Zero Trust. Built-in redundancy combined with powerful data monitoring and management features provided by NetApp help Army personnel drive successful mission outcomes even in the most remote environments.

With an intelligent data infrastructure built on NetApp, the AESS enables the Army to move from detection to engagement in milliseconds by convicting and blocking malicious activity at the lowest level in the stack. By isolating and process-recording suspicious activity at the data layer for additional analysis, Army security personnel can address and discover anomalies before they become a problem. NetApp’s storage health automation provides proactive alerts on any potential issue in the environment, minimizing the impact of unscheduled downtime.

NetApp provides ECS with the confidence they need to meet the Army’s robust security requirements with an array of federal and DoD certifications, including CSfC (approved by Federal Government for storing Top Secret data), ISO 27001:2013, and CMMISVC/3. The AESS is the only deployed cybersecurity solution to offer all endpoint security and management capabilities required by Joint Forces HQ DoDIN/DISA.

“The stability of our NetApp solution speaks for itself,” says Maglin. “When it came time to refresh our environment, we didn’t even bother looking at another option. We’ve never experienced any downtime—even as we refreshed across all five nodes of our environment. I was impressed.” 

Advanced VMware integration enables searchable, space-efficient backups for almost 1,000 VMs and volume copies. And as ECS continues to scale and grow their environment, the AESS benefits from advancements in storage technology that enhances the efficacy of the entire system.

“Our NetApp and VMware architecture is critical to our resilience and availability. The performance and reliability of our NetApp storage bolsters the success of the rest of our solution,” says Maglin. “With the performance increases in the latest generation of NetApp hardware using NVMe drives, we were able to condense our footprint down to a single controller.”

As the Army’s operations evolve and the nature of warfighting changes, ECS is partnering with NetApp to implement the most future-proof capabilities into the AESS infrastructure. ECS is looking to the promise of AI and machine learning to enable elastic, proactive endpoint protection. By analyzing and neutralizing threats before they occur, the AESS can stay one step ahead of would-be cyber adversaries.

“With our elastic capabilities supported by NetApp, we can develop machine learning algorithms that can enhance the Army’s predictive analysis capabilities and reduce their vulnerabilities using the AESS,” says Maglin. “There’s a lot of development these days from an AI perspective, and we’re excited to begin to utilize that innovation for the AESS solution.”