A Series of Fortunate Events – The Birth of Fly Away Kits: SealingTech from then to now
– BY ED SEALING
When SealingTech began as a cybersecurity company in 2012, we solely offered ‘technical engineering services.’ As one of our first contracts, we were working with the JRSS (Joint Regional Security Stacks), which developed out of the 2001 events at the Pentagon. Prior to September 11th, the military branches lacked a unified system within the Pentagon – so we were one of the Department of Defense (DoD) service providers helping to develop, test and implement that.
We were tasked with running the JRSS program’s lab at Fort Meade, which was essential in making it possible for the different branches to share relevant information. The lab was a mini data center all on its own – 12 huge racks monopolizing massive amounts of power.
Overall, it did exactly what the DoD needed. But as they tried to replicate and scale this venture all over the world, we kept noticing all the problems they were running into. While it worked great in – say – San Antonio (with a huge number of bases around it), far-away locations like Guam, for example, lacked enough power to run such an intense power-hogging system.
Reimagining the DCO Platform
Some of our curious and driven team members, like our now-Technical Director Dan Lohin and Principal Network Security Engineer Tony Efantis, decided to dedicate some time to problem solving. Their solution involved using virtual machines, which replicate the hardware appliances in pure software. This allowed us to both horizontally and vertically scale the system up and down, effectively making the cyber defense system elastic and able to adapt to different environments without the need to physically touch the equipment. We termed this “vJRSS”, and the first prototype was just 2U (3.5”) in size, but indistinguishable from the original system from cyber defender’s standpoint.
Our next step with this virtual machine/infrastructure was to turn them into “containers” using Kubernetes, both new technologies in the early 2010’s. With this addition, the lab environment took just one button press and a few seconds to spin up: anywhere, anytime. It made it possible for the operators – who had been doing a lot of this setup manually – to get up and running faster than ever before.
“Could we,” we asked ourselves, “reimagine what a Defensive Cyber Operations (DCO) platform could be using even more modern technologies?” The platform would need to be very scalable, resilient to failure, and able to seamlessly upgrade the components without affecting operations. What we developed over the next two years became known as EDCOP, or the Expandable DCO Platform. Here is a video of Ed Sealing and Dan Lohin discussing the concepts at the AFCEA DCO Symposium in 2018: https://www.youtube.com/watch?v=9GJp5d62ymA
At the same time, we began an internship program with talented up and coming SealingTech staffers Markus Mabson, Mike Deleon and Andres Giraldo. As interns, they embraced the challenge of developing EDCOP and did an amazing job building a useful, elegant proof-of-concept for this new cyber platform. A proof-of-concept is shown here: https://www.youtube.com/watch?v=k6DARQP9CXo
New Technology Leads to New Opportunity
We wanted to bring this technology to a AFCEA conference in Georgia to show to the Army, but we had no way to actually transport it to the conference. In the brief month we had leading up to the event, we quickly slapped together a small “kit” so we could travel with the tech and show it off to the Army’s top brass.
At the conference in Augusta, we were ecstatic to be demoing the concepts to some Army Cyber Protection Brigade folks. They were enthusiastic about EDCOP and the SN 3000, but to our surprise, they were much more interested in our “kit.”
“Yes, yes, that’s all very interesting,” they said about EDCOP and our SN 3000 server node. “But how did you make this powerful kit so compact? Would you be able to design it to fit in the overhead compartment of a commercial airplane?”
Solving a Big Army Problem
With some of the Brigade’s recommended changes from that conversation, SealingTech was able to solve one of their most pressing issues. Traditionally, the kind of technology SealingTech showed that day required four people to carry it. Those servicemen and women had to check this heavy item under the belly of the plane, so it was out of their eyesight for many hours at a time (which is, of course, a large threat to its security). And even after it left the plane, sometimes it needed to go through customs in other countries, and could become “lost.”
In creating this mini-kit, SealingTech had given this Army customer and achievable way to never lose physical accountability of their data when having to fly.
Over the following two months, we improved this small, modular, but powerful kit, elevating it to be able to handle cyber defense team’s analysis needs as well as store the huge number of cyber tools that travel with them. We called it the Cyber Operations – Fly Away Kit (CFLAK). It used hardware produced by SealingTech and ran a version of EDCOP that had been ported to Red Hat OpenShift, and enterprise-focused container platform. Below are the original flyers for v1.0 of CFLAK.
And as luck would have it, just as we felt we’d landed on something unique, we saw a needs request drop outlining the same physical accountability problem that we were attempting to solve. We responded and secured a $47 million contract to develop thousands of the SN 3000s and 152 of the modular “Fly Away Kits.” It was the beginning of our big pivot from a cyber services company to a manufacturing company.
The Evolution of Our Edge Node Series
Now, our Fly Away Kits are modular, endlessly customizable, and are made up of our line of hyper-converged servers that provide clustering, high performance, high-availability, and resiliency. They are all capable of delivering an automated rapid virtualized/containerized platform that provides compute, as well as large capacity storage.
The SN 3000, the first model we sold, had a lot of storage – up to 30TB. But customers could still fit 4 of the nodes together to make a little cluster, and then send a few others out as small sensors to sniff the network, look for potential attackers and send data back to the central area for analysis. They were designed to be very modular and scalable, as well as doing double-duty acting as both a sensor and a cluster analytics platform.
The SN 1000 was introduced shortly after to save space by sacrificing storage. It has a smaller form factor – so is incredibly light and nimble – but just 18TB of max storage.
The next challenge was to create a sensor that could reach the all-important 10GBPS level of analysis. Before we debuted the SN 7000, all the servers that were big and powerful enough to handle 10GBPS were large and designed for datacenter racks. They would often need to be freighted on a palette to go anywhere. The SN 7000, though larger in size than both the SN 1000 and SN 3000, met the 10GBPS threshold to be able to tap the backbone of a network, but was still small enough (about the size of 2 stacked pizza boxes) for customers to be able to maintain positive control at all times.
The SN 5000 followed in 2021. The Air Force came to SealingTech with a dilemma: they loved the idea of a really powerful sensor node, but they didn’t need a lot of storage, because they only collect the “interesting” data to foster faster analysis (unlike other teams who may like to gather as much as they can get and need to store it all to comb through meticulously later.) This SN 5000 solution was like a marriage of the 3000 and the 7000; it has the processing power needed, and is small enough to fit multiple in carry-on compliant cases.
Building Better, More Agile and Beyond the Market
One constant at SealingTech has been leading with our customer’s needs. As we worked toward always making our products better, we sought to understand not just what the cyber leaders wanted, but what the end user needed.
We took every opportunity to connect our R&D team with the actual cyber warriors using our technology on the ground. This led to lots of beneficial revisions on our products. Our favorite was when a young cyber operator told us he needed a way to attach the SN 3000 to a rack even when there wasn’t an open slot. Our team took this feedback, and rapidly implemented a magnet on the SN 3000 so that they could stick to a rack whenever there wasn’t space. His team reported back that this one simple change made a substantial difference and it’s now standard across all the products for that customer.
Occasionally while we were assembling smaller, faster and more advanced kits for our customers, we would find that the technology we needed to complete our products wasn’t readily available on the commercial market. To overcome this issue, we pivoted again and started creating our own inner technologies in house. We felt we didn’t have a choice but to start doing our own mechanical and electrical engineering to build the best products.
But given the supply chain frustrations that we’ve all been feeling throughout this pandemic, it was absolutely one of the best things we could have invested in for our kits. For example, in late 2020, some of the circuit boards that went into our equipment suddenly had a year-long lead time. If we had purchased them then for a customer needing assistance for the cyber war they’re fighting NOW, we wouldn’t have been able to deliver on time (or even close!). Our in-house engineering teams overcame these supply-chain problems and helped to ensure that our Fly Away Kit customers have not felt the delays at all.
The Future of SealingTech’s Kits
Our most recent hardware solution came to light during the severe supply chain disruptions within this past year. The GN 7000, iterating from the SN 7000 and building upon artificial intelligence and machine learning, released in October 2022. https://www.sealingtech.com/hardware/gn-7000/
Also descending from the SN 7000 series right now is our work developing network-attached storage for customers like the Army (who like to pull all the data and parse through it later). We’ve been able to get a 70-80% increase in storage and look forward to sharing this new model openly next year. Right now, we’re improving it so that it 100% meets the needs of our partners.
We also continue to develop software to automate the deployment of these complex cyber defense systems to ensure the cyber teams can get setup and start analyzing data as quickly as possible. Below is a picture of our “SealingTech Automated Kit Deployer (STAKD)” web application.
We’ll never lose focus on solving the big issues facing our customers. It’s what lead us to that first big, serendipitous pivot from services to manufacturing in first place.
We may yet have many pivots to come. But based on our journey, we know we’re ready to take every opportunity to build, secure and solve.