Joint Regional Security Stacks (JRSS)

The Joint Regional Security Stacks (JRSS) program, managed by the Defense Information Systems Agency (DISA), is a Department of Defense (DoD) initiative designed to enhance network security across the DoD's global infrastructure. The primary objective of JRSS is to provide a standardized, enterprise-level security architecture that consolidates and streamlines defensive cyber operations. JRSS achieves this by deploying regionally located stacks of hardware and software components, which together deliver comprehensive security functions for over 1.7 million DoD users. The program's goals include removing redundant information assurance protections, leveraging enterprise defensive capabilities, and providing the necessary tools to monitor and control security mechanisms across DoD networks.

A key objective within the JRSS program is the ongoing technology refresh of deployed stacks to address critical End-of-Life (EOL) and End-of-Support (EOS) issues for both hardware and software. This ensures that the security architecture remains resilient against evolving cyber threats and continues to meet operational requirements. The program also aims to maintain the Authority to Operate (ATO) status for JRSS, which is essential for compliance with U.S. Cyber Command (USCYBERCOM) and Joint Force Headquarters DoD Information Network (JFHQ-DoDIN) policies and directives. As JRSS approaches its planned decommissioning, DISA is focusing on sustaining core functionality and security posture for the remaining operational stacks.

Switch Fabric Devices Tech Refresh is a major line item within the JRSS budget. The goal of this effort is to procure and install updated switch fabric hardware, which is critical for intra-stack connectivity and the cohesive operation of each JRSS unit. Funding supports the refresh of switch fabric devices in multiple stacks across fiscal years, involving the installation of new hardware, removal of legacy equipment, and deployment of associated software. These upgrades ensure that the stacks can continue to address network threats and maintain operational readiness.

Enhancement 2 Tech Refresh focuses on the procurement and deployment of various critical hardware and software assets necessary for maintaining cybersecurity and mission postures within the JRSS architecture. Funding is used to refresh critical components in several stacks each fiscal year. These enhancements are essential for sustaining the core security and operational capabilities of JRSS as the program transitions towards decommissioning.

The FY 2026 budget reflects a significant reduction in funding, with limited technology refresh activities planned for a smaller number of stacks. This decrease is directly tied to the planned decommissioning of JRSS, as DISA shifts focus from broad sustainment to targeted support for the remaining operational stacks. The reduction in scope and funding is associated with the ongoing transition of users off JRSS and the consolidation of the security architecture footprint, which is expected to decrease from 14 to nine stacks by the end of FY 2025.

Performance metrics for the JRSS program are centered on the successful procurement and installation of EOL/EOS tech refresh assets and switch fabric devices. For Enhancement 2, the program aimed to refresh critical components in several stacks each fiscal year. For switch fabric devices, the goal was to refresh multiple stacks annually. These metrics reflect the challenges of procurement timelines and the impact of decommissioning directives on operational requirements.