The U.S. Army is accelerating its digital transformation efforts, and as part of this strategy, the 2025 Army Unified Network Plan (AUNP) 2.0 sets out an ambitious blueprint for securing and modernizing the force’s network infrastructure. At its core, the strategy recognises the critical importance of resilient, interoperable, and secure data environments for success in tomorrow’s multi-domain battlespace.

Yet building and maintaining such a vast and interconnected network isn’t without its challenges, particularly when it comes to cybersecurity, data readiness, and delivering cloud-enabled services at the tactical edge. Against this backdrop, adopting advanced cybersecurity solutions like Content Disarm and Reconstruction (CDR) directly aligns with and strengthens the Army’s zero-trust and data-centric priorities outlined in AUNP 2.0. To explain how, Kelly Davis, Glasswall’s Senior Solutions Architect, takes a closer look at AUNP 2.0 and examines the role CDR can play in fulfilling these critical goals.

1. What is the Army Unified Network Plan (AUNP) 2.0?

The Army Unified Network Plan (AUNP) 2.0 is the U.S. Army’s strategic approach to modernizing its network infrastructure for future military operations. It acts as a secure digital backbone, linking tactical units, command centers, and every level in between with reliable, protected data exchange. The plan emphasizes modernization for multi-domain operations across land, sea, air, space, and cyberspace while adopting a data-centric model and embedding zero-trust principles.  

2. What are the key priorities of AUNP 2.0?

AUNP 2.0 sets out a number of key priorities, including:

• Resilience: The plan drives a network that can survive and recover from attacks and outages. Army leaders emphasize enhancing network resilience and security as a top priority.

• Interoperability: AUNP 2.0 mandates common standards so that tactical, strategic and allied networks can interoperate. It calls for developments such as a unified mission-partner environment to seamlessly plug in allies and coalition partners.

• Cloud Enablement: The Army will extend cloud and hybrid compute to the edge. For example, the plan includes modernizing “hybrid compute capability” and integrating with Army cloud services even in denied or disrupted environments.

• Zero Trust: Cybersecurity is baked in through a strict Zero Trust model. AUNP 2.0 explicitly adopts the “never trust, always verify” approach across all data flows.

• Data Readiness: Data Readiness: The network will be data-centric, with common data standards and architecture, specifically through the Unified Data Reference Architecture (UDRA). The UDRA provides standardized guidelines and governance to ensure consistency, interoperability, and secure data exchange across all Army domains. The plan emphasizes these common data standards and systems, enabling rapid and secure data sharing at machine speed, including interoperability with allies and coalition partners.

3. What cybersecurity challenges does AUNP 2.0 face?

Building a massive multi-domain network brings significant security challenges. By collapsing tactical, enterprise, and partner networks, the Army significantly expands its attack surface, including remote sensors, operational technology (OT) devices, and datacenters—all of which must be comprehensively defended.

The tactical edge poses particular difficulty since units must operate in denied, disrupted, intermittent, and limited bandwidth (DDIL) environments, complicating secure and reliable communications. CDR uniquely mitigates these tactical-edge cybersecurity challenges because it doesn’t rely on continuous connectivity or frequent signature updates, enabling secure operations even in contested, offline, or bandwidth-constrained conditions. Additionally, hybrid environments that integrate on-premises, cloud, and coalition networks add further complexity, as does extending Zero Trust to every corner of the force.
‍
AUNP 2.0 explicitly recognizes the network’s constant exposure to threats and underscores stringent accessibility, resiliency, and defense requirements worldwide. Implementing a unified Zero Trust architecture within such a dynamic, contested landscape remains a critical challenge the plan aims to address.

4. What Is CDR and why is it critical for securing the Army’s data flow?

Content Disarm and Reconstruction (CDR) is a proactive cybersecurity technology that treats all files as untrusted, sanitizing them by stripping out any active or potentially malicious content. In practice, CDR fully deconstructs an incoming file (e.g. a document, PDF or image) and rebuilds it according to its known-good specification. Any executable code or hidden payload is simply removed. Unlike antivirus or sandboxing, which rely on detecting known malware patterns or running the file to see what happens, CDR does not wait for a threat signature or behavior. CDR removes executable content within a document, whether it is detected as malicious, thus effectively providing true zero-day attack prevention.

This capability is critical for the Army’s data flow. In a busy operational network, any file (an emailed report, an intelligence image, a mapping chart) could carry a hidden exploit. CDR ensures that soldiers only see a clean, fully usable version of the file. Importantly, it also preserves the file’s functionality and format, so troops aren’t left with blank documents or missing images. The result is uninterrupted, trustworthy data exchange: threats are disarmed automatically, and benign content is delivered immediately, without the delays of quarantines, rescans or manual reviews.

5. How can CDR support the Army's Zero trust goals?

CDR is essentially Zero Trust for files. While CDR strongly supports the Army’s Zero Trust strategy, it complements rather than replaces other essential components such as identity verification, network segmentation, and continuous monitoring. It specifically enforces the idea that nothing is trusted until verified, ensuring every file is thoroughly cleaned and validated before use. By inserting CDR at network gateways or endpoints, it applies the never trust, always verify principle directly to file content. In fact, CDR directly addresses the data pillar of Zero Trust by ensuring only sanitized data moves through the network. As highlighted by security frameworks, CDR provides critical data security controls by filtering threats from files both at rest and in transit. Practically, this means commanders and systems can trust the integrity of received files, fulfilling the Army’s Zero Trust objective of end-to-end verification.

6. How does CDR integrate with existing Army network infrastructure?

CDR is highly flexible and can fit into the Army’s network at multiple points. It can be deployed on-premises or in the cloud, on servers or standalone appliances, and even on lightweight devices at the tactical edge. For example, Glasswall’s CDR can run in conjunction with email and web gateways, file servers, data diodes or Mission Partner Environments (MPE). In a coalition context, CDR is often used in cross-domain solutions to sanitize content moving between trust zones.  In practice, this means any file sent from a coalition network, or between the cloud and a unit, can be automatically cleaned before transfer.

The Army’s vision of a hybrid cloud/tactical network strongly supports the integration of solutions like CDR. AUNP 2.0 explicitly emphasizes modernizing hybrid compute capabilities, including seamless integration with Army cloud services even down to tactical formations. CDR directly aligns with this goal, operating flexibly as a cloud-delivered service, an on-premises appliance in data centers, or embedded within ruggedized tactical hardware. This seamless integration into the hybrid cloud and tactical edge environments explicitly supports AUNP 2.0’s strategic objectives, ensuring secure file flows at all operational layers—from enterprise-level data centers to field-deployed units and multinational partners. Consequently, every file traversing the Army’s existing network infrastructure can be proactively sanitized through CDR, significantly enhancing end-to-end cybersecurity.

7. What future threats could CDR mitigate for AUNP 2.0?

CDR is especially strong against advanced, unknown file-based threats. For example, sophisticated attackers often hide ransomware or exploits in Office documents, PDFs, images or archives that traditional tools can miss. In fact, our own analysis shows that about 1 in 100,000 files is malicious, and around 98% of those evade antivirus for weeks before detection. CDR would catch those files immediately by removing their active payloads.

Operationally, CDR’s speed is a major advantage. It cleans files almost instantaneously, avoiding the delays of sandbox analysis or manual review. Users get usable files in real time without waiting for cloud-based scanning or quarantining suspicious items. And because CDR does not require continuous connectivity or threat updates, it works well even in offline or contested environments (e.g. a forward operating base).

8. How can agencies or partners get started with CDR for AUNP 2.0?

There are various options available that can enable organizations to evaluate and implement CDR. These include:

• Identify critical file paths. Look at workflows where file exchange is high-risk (e.g. email attachments, file upload portals, intelligence data links, cross-domain transfers). These are ideal points to trial CDR.

• Run a pilot. Deploy Glasswall CDR in a controlled environment. For example, start with cleaning data at rest in one unit or sanitize files in a test network segment. Measure how CDR handles your actual mission files.  

• Validate and tune. Check the output files for fidelity and security. CDR keeps native formats intact, so users should notice no loss of data just extra safety.  

• Scale up. After a successful pilot, gradually integrate CDR into more parts of the network. It can be added to gateways, proxies, or endpoints alongside existing security tools. Our team recommends aligning CDR deployment with AUNP rollouts, for example, as you field new cloud services or tactical gateways, embed CDR there.

• Use available resources. We offer detailed guides and whitepapers on deploying CDR in defense environments, as well as engineering support. Agencies can contact us to arrange proof-of-concept trials, demos or consultations.

9. Why is CDR a mission-critical enabler for the Army Unified Network?

In AUNP 2.0, the Army makes clear that the unified network is essential to the future force’s success. For that network to truly be trusted, every bit of data crossing it must be safe. By neutralizing hidden threats in files and guaranteeing data integrity, CDR gives commanders confidence that information is clean and reliable. It aligns perfectly with the plan’s vision of a secure, resilient, data-centric network: CDR enforces zero trust at the file level and makes seamless data sharing possible.

In our view, a modernized unified network cannot achieve its full potential without robust CDR-based content hygiene. For tomorrow’s multi-domain missions, CDR ensures that when soldiers share data, they can trust every byte making it a foundational piece of the AUNP 2.0 strategy.