Closed ATM View - ITR 9445/2019
Protective DNS for the Australian Cyber Security Centre
Canberra
Project WINTERROSE is a project established to deliver a managed protective DNS capability for both internal and external Australian Cyber Security Centre (ACSC) customers that will contribute to the ACSC Mission to uplift the whole of Australia security posture by reducing the volume of known and likely malicious intrusions.
The protective DNS capability will block known malicious indicators, provide information to customers to improve their security posture, and provide information to the ACSC to improve the Cyber Security mission.
Project WINTERROSE will be delivered in two phases.
Phase one is proposed to be a pilot covering 10-15 organisations with the intent of completing a feasibility study for approximately 3 months to provide quantitative data to the ACSC to determine the feasibility, costs and benefits of upscaling these efforts to protect all levels of Australian government and key systems, including critical infrastructure.
The scope of this work is as follows:
a) A protective DNS that blocks malicious threats based on the threat feeds it receives; it will Log the details and send to a sinkhole service.
b) An Analytics engine that can validate threat feeds, and report on logs
c) Support services including ITIL service management functions
Phase two is dependent on the outcome of phase one, and is proposed to scale to all levels of Australian government and key systems, including critical infrastructure and is proposed to include the addition of an internet facing Self-service Portal that allows users to sign up, configure and receive reports on the service.
Nil
Phase 1: July-December 2019