Overview of HBSS
Host Based Security System, an official name of Department of Defense (DOD) commercial-off-the-shelf (COTS), a set of software apps utilized in DOD for monitoring and detecting the attacks caused against computer systems and a network of DOD. Host Based Security System is deployed on two platforms, first Secret Internet Protocol Routed Network (SIPRNet) and second Non-Classified Internet Protocol Routed Network (NIPRNet), preference is given to NIPRNet. It is based on electronic policy Orchestrator of McAfee and their product apps related to security like Host Intrusion Prevention System (HIPS).
Components of HBSS
Since the inception of HBSS, it is updating itself with the changes takes place and minor maintenance releases. In the releases, the first and the major one was Baseline 1.0 contained the HIPS, rogue system detection (RSD), electronic policy Orchestrator of McAfee, software compliance officer, assets software and asset baseline manager. After new releases software products are evolved, new products are added and some are fully replaced by various products.
Working of HBSS
HBSS heart lies in McAfee ePolicy Orchestrator (ePO) management engine. The reason behind this as this engine has the responsibility of the following;
·1 Preparing and presentation of the reports related to point product
·2 Offering a front-end to point products on a constant basis
·3 For analysis, data of point product is consolidated
·4 It confirms application patch compliance
·5 All the communications and updates related to point product must be managed
Point Product of HBSS comprises of the following:
·6 Assets baseline module (ABM)
·7 Host intrusion prevention system (HIPS)
·8 Rogue system detection (RSD)
·9 Asset publishing service (APS)
·10 Policy Auditor (PA)
·11 Device control module (DCM)
How to Obtain HBSS
DOD agencies need to deploy HBSS to their network, as per the instructions of JTF-GNO CTO 07-12. To download HBSS software, DISA has made the same available on protected patch server of PKI. Users who wish to download the same must have a common access card and .mil network. Softwares and all updates for free of cost provided by DISA to DOD entities. With this, administrators of HBSS must go through the HBSS training and after its successful completion appointed by section or a unit commander and that too in writing.
How to learn HBSS
In order to learn the whole system of HBSS so that it can operate well, its system administrators must attend a training program, either online or in class, complete the same success and recognized as administrators of HBSS. Duration of Online training is 30 Hrs. and in-class training is of 4 days, without including the travel. HBSS administrators who wish to gain detailed knowledge of the system must go through the advanced class of HBSS. DISA-managed both the training classes and information related to training classes is available on the website of DISA Information Assurance Support Environment (IASE).
Support of HBSS
HBSS administrators required technical support any time and to render the same, it is offered via helpdesk of DISA Risk Management Executive Office (RE) for free of cost. Support is offered via DSN NO., Toll-free no. and E-Mail. There are three levels of support, for Tier I & II DISA FSO offers the support and for Tier III, McAfee offers the support.
Future of HBSS
At present, HBSS updated from Baseline 1.0 to Baseline 3.0, MR3 version. Updates of McAfee ePO version is following by HBSS and it is expected that this trend will continue because of the continuous development of ePO.