Skip to main content
By Mark Maglin
Vice President of Department of Defense Cybersecurity
and Patrick Elder
Director, ECS Data & AI Center of Excellence

How AESS Leverages the Army’s Largest Data Mesh to Secure the Frontlines of Technology

How does the Army Endpoint Security Solution (AESS) help the Army protect its people, data, and assets?

AESS is a zero-trust managed security service that ECS has provided for U.S. Army Cyber Command since 2016. It protects one of the largest, most complex networks in the world, including more than 800,000 endpoints across the Army’s global infrastructure. AESS also blocks more than 1.5 million malicious events per month and is the only deployed, fully integrated cybersecurity solution that offers all the endpoint security and management capabilities required by Joint Force Headquarters ― DoD Information Network.

How does it work? Through the innovations of data mesh architecture and a distributed model of data management. Since AESS’ inception, the solution has leveraged data mesh to help the Army protect its data, generate actionable cyber threat intelligence, and gain the network visibility needed to effectively defend its endpoints.

Enabling Efficiency With the Army’s Largest Data Mesh

AESS’s data mesh architecture helps provide real-time enterprise visibility using five geographic regional nodes (CONUS East and West and three OCONUS), each extending to the tactical edge. Data is stored where it’s generated, enabling more efficient scaling, reducing bandwidth, and eliminating a core component of traditional data architecture: a centralized replication repository. Centralized repositories typically create bottlenecks of duplication, stale data, and inconsistent data governance. In contrast, in a distributed model all data remains with its producers in their respective nodes, spread across the globe.

Data mesh architecture removes several risks to the enterprise, including:

  • Getting mired in a swamp of data silos with low quality data
  • Network bottlenecks, especially in denied, disrupted, intermittent, or limited impact (DDIL) tactical networks
  • Single points of failure

But, perhaps more importantly, data mesh architecture also syncs perfectly with AESS’s hyper-efficient security approach.

Previous security systems executed lengthy scans of an entire endpoint every time a query was sent, looking for certain programs, configuration settings, etc. This results in prolonged, high CPU usage, which degrades system and application performance over time and could adversely affect the mission. AESS, on the other hand, continuously monitors endpoints for changes, which are indexed and logged, then uses a distributed query to send the analytics to the data instead of bringing all the data to a centralized analytic engine.

AESS automatically and continuously assesses essential cyber hygiene: policy compliance, configuration, and vulnerabilities. Thus, thanks to the marriage of data mesh architecture and an automated cybersecurity solution, every query is dealing with a more manageable volume of data that is also coming from a known-to-be-secure source.

Maturing the Solution

While this low-bandwidth approach to cybersecurity enables next-gen efficiency for a vast network, AESS’s data mesh enabled innovations continue. The next step in architectural maturity will be implementing a data catalog, which uses metadata to create a searchable and machine-readable inventory of all data products within an organization.

Having a robust data catalog, where data has been curated and normalized to semantic standards, will empower individual users to independently develop useful data analytics.

Executing the Mission

Ultimately, the goal of AESS is to empower cyber operators and decision makers to achieve data-driven decision dominance. How? With faster analysis and better-quality data. AESS enables decision dominance by producing, collecting, and analyzing threat data to improve enterprise visibility and effectively protect the Army’s mission networks. The solution leverages data mesh architecture to realize that goal, working directly with data producers at the tactical edge to assess manageable volumes of data from secure endpoints.

As the solution continues to evolve, including maturing its use of data mesh architecture, ECS will continue to maintain, develop, and improve its support of the Army’s global network — and its most critical missions.

Enjoy ECS Articles Like This One?
Don’t Miss Any.

Sign up for our “ECS Insights” newsletter.

Close Menu

© 2023 ECS. All Rights Reserved.