Joint Regional Security Stacks (JRSS)

The Joint Information Environment (JIE) program, managed by the Defense Information Systems Agency (DISA), aims to enhance the cybersecurity architecture of the Department of Defense (DoD) through the deployment of Joint Regional Security Stacks (JRSS). The initiative focuses on streamlining cybersecurity protections by leveraging enterprise defensive capabilities. This is achieved through standardized security suites designed to protect against network disruptions and potential damage. The JRSS architecture includes fourteen Non-Secure Internet Protocol Router (NIPR) stacks, strategically deployed worldwide to operate as cohesive units.

A significant goal of the JIE program is to achieve cost reductions through a planned decommissioning process, as approved by the JRSS Senior Advisory Group. By the end of FY 2025, the number of JRSS stacks will be reduced to nine, with a complete phase-out expected by FY 2027. Each stack is equipped with complementary defensive security solutions that protect internal networks and provide essential tools for monitoring all security mechanisms across the network. This approach ensures that DoD components maintain necessary management and visibility over IT security while offering high-level oversight to U.S. Cyber Command (CYBERCOM).

The JRSS Management System (JMS) plays a crucial role in centralizing and enhancing the management of JRSS components, thereby achieving economies of scale. It provides centralized management capabilities, visibility, and control over network transport and associated security systems. This system enables proactive cyber operations by standardizing policies, procedures, and configurations across the network. Additionally, it facilitates data monitoring and analysis to assess impacts on current operations, ensuring uninterrupted availability and protection of information.

Looking ahead, the JIE program plans to continue cybersecurity testing to maintain accreditation and Authority-To-Operate approvals through FY 2025. This includes integration testing for technology refreshes involving End-of-Life/End-of-Support hardware and software updates. The decrease in resources from FY 2024 to FY 2025 reflects a reduced requirement for technical refreshes as part of the planned reduction in JRSS footprint. These efforts aim to sustain operational readiness until the complete sunset of JRSS stacks by FY 2027.