Design of Assured Compliance Assessment Solution (ACAS)
aka Tenable Nessus
Total Time in Months to Design
Customer was upgrading their Enterprise Vulnerability Management solution from eEye Retina to Tenable Nessus solution.
Context / Action
We Designed and oversaw partial integration of the new Assured Compliance Assessment Solution (ACAS). ACAS is a DoD term for the vendor solution called Tenable Nessus. The vendor’s solution comprises of a couple various components that make up ACAS Security Center, Nessus and Passive Vulnerability System (PVS).
Assured Compliance Assessment Solution (ACAS) is an integrated software solution that is scalable to an unlimited number of locations. The solution’s tier ability will give the Department of Defense (DOD) enhanced enterprise security while being simple to install and manage. It can be deployed without difficulty via download to all DOD agencies – without the need to procure and install appliance devices. The DOD will discover that the ACAS product suite easily provides the required automated network vulnerability scanning, configuration assessment, application vulnerability scanning, device configuration assessment, and network discovery it needs. Further, the product suite generates the required reports and data, with a centralized console, and is Security Content Automation Protocol (SCAP) compliant. There is much more to the capabilities of the ACAS and you can find out more information by reading the material referenced below. DISA’s Cyber Development (CD) is providing program management and supporting the deployment of this solution.
The design was complicated due to the number of networks that the solution had to span and the client’s customer based which it serviced. The client provided Enterprise Security services to every DoD service component in the Government (Army, Navy, Marines, Air Force, Coast Guard, OSD, WHS, Secretary of Defense, and many others). Their large architecture spanned throughout the globe.
After performing an assessment of the business and architecture, we designed a solution which leveraged the vendor’s cutting-edge tier structure which provided the mechanism to carve out and utilize the same system for all of the client’s tenets. Their previous designed operated in silos which led the client to have many of the same solutions operating independently. Our consolidated approach centralized the overall management of this vast Enterprise solution.
Are You A Government Contracting Company?
We are a Minority and Veteran-Owned Small Business. And we are always happy to take on Joint Venture Partnerships with other Government Contracting Companies. Let's Talk!
Are You A Government Civilian or Military Leader?
As a former Government, GS-15, Civilian, United States Marine and Pentagon's Security Architect. I understand the struggles of protecting Web Applications within vast Enterprise Architectures. Let's Talk!
3 Steps to Better Protections, Better Solutions & Better Sleep
Schedule A Call
If you have a Government Web Application (Websites) that you NEED protecting then schedule a call. It is Free and in place so that we can better understand your mission and goals.
Get Your Plan
During your call, we will talk about your current situation, your desired situation, and weather or not we are a good fit to work together or not. And if we do work together then we will tell you how we can best protect your web application.
Protect Your Mission
Move forward with your mission and sleep easy by knowing that light will soon illuminate your Cyber world!