On October 9, 2007, the Joint Task Force for Global Network Operations (JTF-GNO) released Communications Tasking Order (CTO) 07-12 (Deployment of Host Based Security System (HBSS)) mandating the deployment of HBSS on all Combatant Command, Service and Agency (CC/S/A) networks within DOD with the completion date by the 3rd quarter of 2008.
[2] The release of this CTO brought HBSS to the attention of all major department heads and CC/S/A's, providing the ESSG with the necessary authority to enforce its deployment.
Agencies not willing to comply with the CTO now risked being disconnected from the DOD Global Information Grid (GIG) for any lack of compliance.
This proved to be invaluable to easing the deployment task on the newly trained HBSS System Administrators and provided a consistent department-wide software baseline.
DISA further provided step-by-step documentation for completing an HBSS baseline creation from a freshly installed operating system.
The first major release of HBSS was known as Baseline 1.0 and contained the McAfee ePolicy orchestrator engine, HIPS, software compliance profiler (SCP), rogue system detection (RSD), asset baseline manager (ABM), and assets software.
MR2 contains the following software: The heart of HBSS is the McAfee ePolicy orchestrator (ePO) management engine.
McAfee considers a point product to be the individual software applications controlled by the ePO server.
During the initial deployment stages of HBSS, the assets module was juvenile and lacked much of the products intended capabilities.
However, the application has fully evolved into a robust and feature packed version capable of handling the original software's design goals.
The rogue system detector (RSD) component of HBSS is used to provide real-time detection of new hosts attaching to the network.
One of these conditions requires the use of HBSS with the DCM module installed and configured to manage the USB devices attached to the system.