Enterprise Electronic Security System (ESS) Architecture Review and A&A Support

Technical Description of the Electronic Security System (ESS) at Army Medical Center

System Overview

The Electronic Security System (ESS) at the Medical Center integrates advanced security technologies to provide comprehensive security coverage. This system includes C-Cure 9000 for access control, Closed Circuit Television (CCTV) for video surveillance, and RFID Anti-Abduction / Anti-Elopement Technologies to prevent unauthorized movement of individuals.

Key Components

  1. C-Cure 9000: This access control system manages and monitors access points throughout the facility. It integrates with other security systems to provide a unified security management platform.
  2. CCTV: The surveillance system includes multiple cameras strategically placed to monitor critical areas. The video feeds are transmitted to central monitoring stations where they are recorded and analyzed.
  3. RFID Anti-Abduction / Anti-Elopement Technologies: These systems use RFID tags to track the movement of individuals, particularly in high-risk areas such as pediatric and behavioral health care units.

System Complexity

The Enterprise ESS at the Medical Center is a network of advanced hardware and software components, designed to provide comprehensive security coverage and operational integrity. The system’s complexity is evident through its integration of diverse technologies, robust infrastructure, and extensive deployment of both hardware and software solutions.

Core Hardware Components and Their Integration

  1. VMWare Host Servers: The ESS employs Hewlett Packard HP servers, each running HPE-ESXi. These servers form the backbone of the virtualized environment, enabling efficient resource management and high availability. Their capability to run multiple security applications and services concurrently without performance degradation highlights the system’s robustness.
  2. Physical and Virtual Servers: With a total of 12 servers, comprising both physical HP units and virtual servers, operating on Windows Server, the ESS ensures efficient management of core security applications, databases, and access control systems. The mix of physical and virtual servers adds scalability and redundancy, crucial for continuous operation and fault tolerance.
  3. Workstations: The deployment of 36 HP workstations, Z2 Workstations, ProDesk, Desktop Mini models, all running Windows Pro, ensures that security personnel have direct access to monitoring and control interfaces. The diversity in workstation models caters to various operational needs, from high-performance computing tasks to compact and energy-efficient setups.

Network Infrastructure

  1. Network Switches: The ESS’s network backbone is formed by 49 high performance switches ensuring high-speed, reliable data transmission across the facility, managing the large volume of data generated by various security devices with minimal latency and high throughput.
  2. SAN Switches and Storage: To meet storage needs, the ESS includes SAN switches and storage systems running Linux. These high-capacity, high-performance storage solutions are essential for retaining vast amounts of video surveillance footage and security logs, providing fast data access and efficient data management crucial for real-time security operations.

Advanced Security Devices

  1. Intelligent Controllers: The deployment of 178 intelligent controllers underscores the system’s complexity. The controllers manage the access control systems, securing entry and exit points throughout the facility. The large number of controllers indicates a highly granular and distributed access control system capable of managing numerous doors and security checkpoints.
  2. Video Encoders and IP Cameras: Video surveillance is handled by 52 video encoders and 442 IP cameras. These devices, installed across the facility, provide extensive coverage and high-resolution video feeds. The cameras include models tailored for specific surveillance needs, from fixed positions to pan-tilt-zoom capabilities, further enhancing the system’s complexity and effectiveness.

Time Synchronization and Coordination

  1. NTP Master Clock: The inclusion of a NTP Master Clock ensures precise time synchronization across all devices within the ESS, critical for correlating events and maintaining the integrity of security logs and video recordings.

Comprehensive Software Infrastructure

The ESS’s complexity is further underscored by its diverse software stack, integrating operating systems, COTS applications, proprietary applications, and essential frameworks.

Our Tasks Included:

  • Assessment and Authorization (A&A) Support: Providing comprehensive A&A support for the ESS.
  • Documentation Development: Creating detailed Authorization Packages, including network boundary diagrams, architecture diagrams in Purdue Model and traditional views, detailed data flow diagrams, PPSM, HW/SW inventories, Categorization memos, Privacy Assessments, POA&Ms, Security Plans, and other required artifacts.
  • A&A Coordination: Managing the A&A process via eMASS and engaging directly with key stakeholders including DHA authorization personnel, medical center facilities management division, DHA Facilities Enterprise teams, and OEM vendors.
  • Continuous Monitoring: Conducting coordinated scan and remediation activities, maintaining documentation, and POA&Ms.
  • Project Management: The implementation and maintenance of the ESS follow an Agile Project Management approach. This involves close collaboration between the cyDaptiv Cyber Team, product Subject Matter Experts (SMEs), and government personnel to ensure timely delivery and integration of security solutions.

Our Expertise Also Includes:

  • UFGS-25 05 11, Division 25 – Integrated Automation
  • UFC 4-010-06 Cybersecurity of Facility-Related Control Systems (FRCS)
  • NIST SP 800-82 Rev. 3, Guide to Operational Technology (OT) Security
  • DHA Standalone Information System And Closed/Restricted Network Assessment And Authorization Guide
  • DHA Procedure Manual: Standard Isolation Architecture for Cybersecurity of Facility-Related Control Systems (FRCS)

At cyDaptiv, our team has proven expertise in evaluating the security configuration of complex enterprise scale systems, as demonstrated by our work on the Electronic Security System at the Army Medical Center.

Our capabilities include thorough assessment and authorization support, comprehensive assessment and remediation support, detailed and accurate documentation, and continuous monitoring support. We have a deep understanding of industry standards such as UFGS, UFC, and NIST guidelines, ensuring compliance and resilience against every evolving threats.

With our detailed approach and technical proficiency, cyDaptiv delivers robust and reliable cybersecurity solutions tailored to meet the stringent requirements of critical infrastructure facilities.