The reason for having so many networks is to segregate data with different classifications. The downside is that can mean having 16 PCs on one person's desk, as well as 16 sets of network devices.
An IT reinvention program has been modernising the DIA's infrastructure, and part of that process has been the use of virtualisation along with trusted separation devices to allow individual PCs to connect to multiple security domains, Michael Mestrovich, DIA senior technology officer for innovation, told the Citrix Synergy 2011 conference.
All virtual desktops and virtual applications are delivered to thick and thin clients in the same way, he explained. Some users really do need the full power of a PC on their desks as they use graphically and computationally intensive applications.
Michael Mestrovich, DIA senior technology officer for innovation
The big advantage of virtualising applications is that they will work as expected wherever the are run, and the isolation provided means there is no need to recertify the security of a configuration after an application has been added. Previously, accrediting a new or modified application could take as long as a year - "that just doesn't work any more," he said, but fortunately is no longer necessary.