The MDeX System can include back up MTS and RMS appliances for high availability to support continuity of operations of the enterprise. The MTS and RMS appliances are highly robust platforms with fault tolerant components designed to address high availability needs.
For transfers, the MTSs can be implemented in a mesh architecture where multiple MTSs can be bound to common SDIs. When primary and back up MTSs are active, if one MTS fails then the other MTS continues the data flow.
System Monitoring and Management Capabilities
The MTS is controlled, managed, and monitored by the RMS. Operators use the RMS to issue commands to the MTS and to monitor events (e.g., audit, performance, quarantine) that it receives from the MTS. Events are generated on the MTS for audit, system, application, and transaction activities and are periodically sent to the RMS. Alerts and notifications for critical events are generated and directly sent to the RMS with follow-on notifications configured particular to respective enterprise services. Additionally, each security domain may send chat-relevant events through notifications configured for the respective enterprise services. All events on the RMS can also be distributed to associated enterprise management service providers (e.g., security management, health and status management, and mission management) for overall enterprise situational awareness.
Computer Network Defense
The MDeX System provides cyber network defense capabilities. MTS events are pushed to the RMS for analysis and audit reduction. The RMS includes Splunk, a third party event management engine. Splunk visualizes machine data by providing a comprehensive tool set to monitor events for potential anomalies, threats, and attacks, content and unauthorized flows. The resulting quarantine actions send alerts to the RMS for immediate action.
The MDeX-MTS-SPLUNK integrated capability significantly increases the cyber defense and information assurance function, converting machine data into actionable intelligence.
Plug and Play Architecture
The MDeX System’s modular design and simple Java programming support creates an environment where adding new domains, communities of interest, applications, and content filters requires significantly less custom development compared to most solutions. This gives the mission or organization the flexibility to change their requirements based on mission needs. SDIs supply the edge interface for connectivity between security domains and the MDeX System’s core security appliance, the MTS, allowing for ready integration of the MTS within existing mission and enterprise JMS, SMTP, XMPP, and standard file sharing applications.
Typical cross domain solutions are designed to address specific data types and transfers. When a new data type or transfer organization is added it requires custom development efforts, and a complete certification and accreditation effort for approval to use. This process can take many months and costs a great deal of money. To address this challenge, the MDeX System uses a plug and play architecture and Application Programming Interfaces (APIs) for the customization and refinement of application protocol support and content filtering. These optimization capabilities enable users to add new protocols or content filters without changing the overall security support structure.
Organizations can then isolate any additional certification and accreditation activities to just the new protocols or content filters, without re-certification of the MTS itself. As a result, missions and organizations can deploy MDeX System configurations with minimal certification impact and minimize accreditation timeframes.
The entry-level MTS (MTS E-1) appliance offers a standard two domain configuration that can be upgraded through additional domain licenses. SafeNet AT offers a field upgrade option for government network operators that require additional capacity in a sub-system (Memory swap, Additional Network Ports).
The MTS E-2 appliance offers a standard six domain configuration that can be upgraded through additional domain licenses to a thirteen domain configuration.