SIPRNet History and General Information
SIPRNet, (or the Secret [formerly Secure] Internet Protocol Router Network) is the official information transmission network of the United States Department of Defense (USDOD), and United States Department of State. For all intents and purposes, SIPRNet functions as a classified version of the Internet that is maintained and operated by several divisions of the United States Government to assure privacy in the transmission of sensitive information.
Created in 2005, SIPRNet was instituted to replace the former Defense Secure Network 1 (DSNET1) as the “SECRET” portion of the DISN (Defense information Systems Network.).There are four USDOD agencies jointly responsible for the management of SIPRNet; Joint Staff J6 [the directorate for Command, Control, Communications, and Computers], the National Security Agency (NSA), The Defense Intelligence Agency (DIA), and The Defense Information Systems Agency (DISA). Any information passed via SIPRNet is automatically designated with a “SECRET” classification, and becomes the property of the DISA.
SIPRNet is maintained, and security to SIPRNet is managed, by the Defense Information Systems Agency (DISA). The DISA is a division of the USDOD functioning as a combat and security support agency. The DISA provides real-time information technology and communications to the President, Vice-President, Secretary of Defense, Military, and Combatant Commands via the Defense Information Systems Network (DISN).
While there is no such entity as a SIPRNet computer or terminal, any computer that is to be utilized in connecting to SIPRNet is marked and tracked by the DISA. To accomplish this task, the user connects via computer to a secure line, which connects into a SIPRNet server. This secure line negotiates an encrypted connection which meets pre-designated SIPRNet standards. If these standards are not met when connected, the communique is then dropped. This same process is utilized in not only land-line and wireless connections, but is also effective when Voice over Internet Protocol (VoIP) is the transmission delivery system. The DISA uses this encryption method to maintain an audit of all SIPRNet users, as well as all transmissions.
SIPRNet Transmission and Computer Practices
Any computer with a non-removable drive that is approved for connection to SIPRNet must be permanently kept in an area that has been approved by the DISA for having “SECRET” information in the open. These areas must meet strict specific codes outlined by the DISA and the USDOD. Approved areas often include command posts, and other spaces where security clearances are required before entry.
Laptops with hard drives are frequently protected by containment in a safe inside of secured areas. These safes must be approved by the USDOD and DISA for the protecting of “SECRET” materials. it is common practice for all classified information to be kept on a removable unit, and to lock up the classified drive.
As well as the information that is passed via SIPRNet, any media storage device (ie, CD or memory stick) that has been connected to SIPRNet and used to store or transfer information from the network becomes classified at the “SECRET” level as well. This information can no longer be accessed on any computer that has not been given security clearance to connect to SIPRNet by the DISA.
Significance of SIPRNet
The United States Government operates under three differing levels of sensitivity classifications for information; Confidential, SECRET, and Top SECRET. SIPRNet is designated to handle the transmissions of information up to and including that which is considered to be “SECRET.” Information that is issued a classification of “SECRET” is deemed to be the second highest level pertaining to issues of national security. The US Government has defined “SECRET” information as that which, if released, would cause “serious damage” with regards to issues of national security. The “SECRET” designation covers most classified information.
Difference Between SIPRNEt and NIPRNet
Operating in conjunction with SIPRNEt, and used to handle information the government has deemed below the sensitivity designator of “SECRET” at the “Confidential” designation point, is NIPRNet (or Non-classified [but Sensitive] Information Protocol Router Network). NIPRNet is also owned and operated by the USDOD.
NIPRNet functions as an “airgapped” analogue to SIPRNet. “Airgapping” is a security feature often utilized in non-military areas such as nuclear power plants, aviation, and medical records and equipment. “Airgapping” creates a symbiotic relationship between two or more networks co-existing to serve the purpose of a single entity which requires varying levels of security classifications.
Users with SIPRNet access are automatically granted cross-over access to NIPRNet. NIPRNet access does not, however, allow a user the same rights to SIPRNet, as SIPRNet requires a higher level security clearance to access. The airgap security feature ensures absolute security (physically, electronically, and electromagnetically) when accessing either network. This symbiotic relationship provides interoperability between “SECRET” information, Confidential information, unclassified information and allows for access to the public Internet.
IPS (Information Processing System) containers are GSA approved security containers constructed specifically for the protection of classified communications equipment. IPS containers are class 5 containers that are designed for closed-door, unmanned on-line operation of PC computers, network servers, workstations, and crypto equipment that process classified information and materials. There are a variety of sizes including laptop or netbook storage safes up to full rack mount door style designs. IPS containers feature: 19" or 24" rack-mounting assemblies, universal cable exit assemblies, power supplies, and air cooling systems. They are built to federal specification AA-C-2786, and its Amendment 2, and come equipped with a lock meeting FF-L-2740A (currently the Kaba Mas X-09 lock). In many cases, the IPS Container is used with SIPRNet connected crypto equipment.