DISA outlines major network and enterprise initiatives
The Defense Information Systems Agency is using cloud computing to build an enterprise infrastructure across the Defense Department.
Through its 50-year history, the Defense Information Systems Agency has dramatically evolved to maximize the use of new technologies while responding and adapting to emerging requirements in the Defense Department's operational environment. Cloud computing is the technological catalyst for DISA’s latest transformation in the early 21st century.
DISA's mission as a combat support agency is to provide a global DOD enterprise infrastructure that is the foundation for IT services, command and control, and information-sharing capabilities that the agency delivers to warfighters. Cloud computing services are a critical piece of the departmentwide enterprise infrastructure that DISA is building.
“We are uniquely positioned to provide private cloud services to the joint warfighter" and DOD, said Dave Mihelcic, DISA’s chief technology officer. “We are doing things that allow the department to cut across the Army, Navy, Air Force and Marines to support joint information sharing, which is the future of IT" at DOD.
Cloud for all
Cloud computing is the technology du jour in Washington. In December 2010, the Office of Management and Budget issued a 25-point plan to reform federal IT management. In announcing the plan, Federal CIO Vivek Kundra said agencies must adopt a cloud-first policy that requires them to move three applications to the cloud during the next 12 to 18 months.
However, DISA has been in front of the federal government’s recent cloud computing movement with programs that predate Kundra’s mandate by a few years.
“The 25 tenets that Mr. Kundra put out are in total synch with where the department is going,” said Alfred Rivera, DISA’s director of computing services. “The department has already been doing a lot of it in some form or fashion."
Cloud computing is the default approach to IT for federal agencies in an attempt to close the IT gap between the public and private sectors and reduce an estimated $20 billion of the government’s $80 billion in IT spending by moving to the cloud. With $2 billion budgeted for cloud programs, DOD ranks third behind the Homeland Security and Treasury departments in cloud computing spending, according to OMB.
“DISA is well positioned because we are agnostic by service and agency,” Rivera said. “We are focused at the enterprise infrastructure level, looking at the best interests of the whole department for both cloud and enterprise capabilities.”
Cloud computing could provide DOD with a more interoperable and portable environment for data and systems, Rivera said. With the right standards in place, the military services and defense agencies will be able to move to common services and platforms, he said. DOD must undergo brutal standardization if the department wants to become more efficient and robust in its infrastructure while also delivering significant cost savings, Rivera said.
RACE to the cloud
Infrastructure as a service was one of DISA’s first implementations in the cloud, and it is considered one of the federal government's first forays into cloud computing. The Rapid Access Computing Environment (RACE), the agency’s private IaaS solution, went operational in late 2008 as a self-service provisioning Web portal, allowing DOD users to provision servers within a secure computing environment.
Before DISA implemented RACE, providing a dedicated server that used a traditional infrastructure took three to six weeks. With RACE, the time required to provision functional service space for users is 24 hours.
“We’ve been on the NIPRNet using RACE, providing that service, for several years now,” Rivera said. “This last year, we went live and got authority to operate on the SIPRNet. We are also in dialogue with other DOD customers on what opportunities we have to bring it on to the top-secret network.”
The RACE environment is used predominantly for development and testing. Hundreds of military applications, including command and control systems, convoy control systems, and satellite programs, have been developed and tested on RACE. However, DISA wants to see its DOD customers conduct the whole life cycle process on RACE, from development and testing to production.
RACE was prominently mentioned in the Federal Cloud Computing Strategy issued in February by Kundra’s office. According to the document, RACE has “redefined defense infrastructure from an asset management function to a service provisioning function” resulting in “improvements in efficiency, agility and innovation while maintaining strict security controls.”
“We are building a private cloud, and everything is within the department’s security boundary,” Rivera said. “Nothing is out on the Internet. It’s all on the DOD intranet, both the unclassified and classified.”
Another important part of DISA’s cloud computing portfolio is Forge.mil, a family of services that supports DOD’s developer community by enabling the collaborative development and use of open source and DOD community source software. Launched two years ago and based on industry’s open-source approach, the development community has created about 3,000 software releases on the SoftwareForge.mil and ProjectForge.mil sites that are accessible through DOD networks.
“Open source as well as DOD community source are vast improvements over closed communities and proprietary software licenses,” DISA’s Mihelcic said. “It gives us the ability to better share software and intellectual capital across DOD projects and programs. We’re providing a capability that gets software to the warfighter more quickly and that potentially better meets their needs.”
SoftwareForge.mil, the foundational capability of Forge.mil that is available to all DOD users, has more than 8,400 registered users who can access the same code development environment. ProjectForge.mil is a closed fee-for-service development environment for more than 400 DOD projects and programs, from command and control to office automation applications.
Taking a page from Facebook and Google, DISA is slated to introduce in April a new cornerstone capability that integrates social networking into the Forge.mil collaborative software development platform.
“We supported collaboration within projects, but we noticed a shortcoming in that we didn’t support collaboration across projects,” Mihelcic said. “Community enhancements to Forge.mil are going to address that problem by using social networking techniques.”
Mihelcic said one of the new features of UnityForge.mil, as the capability is called, is the ability to make connections with developers working on similar Forge.mil projects of interest to enhance cross-community collaboration. As with Facebook, DOD developers can friend other Forge.mil community members and then track the progress of their respective software development activities in a way that is collaborative and mutually beneficial, he said.
Army enterprise e-mail
An initiative that takes advantage of the DISA cloud is the Army’s move to enterprise e-mail, a migration of 1.4 million unclassified users and 200,000 secret users who will receive the DISA-managed Microsoft Exchange 2010 service.
The Army is just starting the migration process to enterprise e-mail. The service’s Chief Information Office and Network Enterprise Technology Command/9th Signal Command recently became the first test beds for the system. The Army’s large-scale migration begins in April with the expectation that the move will be completed by the end of the year.
Most Army users are coming from Microsoft Exchange 2003 and 2007 environments, and as a result, many are skipping a generation ahead in e-mail capabilities or upgrading to the next software version. With the Army enterprise e-mail migration, updates and changes to Microsoft Exchange and Active Directory will allow Army users to share calendars and find contact information for e-mail system users at other locations.
For the enterprise e-mail system, the Army is applying its Microsoft Exchange licenses, which will transfer to DISA. Although there will be savings from reduced hardware and storage costs, the decrease in the required human resources for administering an enterprise e-mail system is driving the bottom line.
“Probably the largest cost driver when you look at the business case is labor,” Rivera said. “At each post, camp and station, there are a whole host of folks that have to manage the e-mail system, including system and database administrators. That goes away and becomes a DISA responsibility at the cloud level to manage it for the whole enterprise."
An Army business case found that beginning in 2012, the service will start saving $100 million annually by consolidating to a single e-mail system from the disparate e-mail systems they operate now. Rivera said the Army still needs to establish the techniques, tactics and procedures at each of the posts, camps and stations.
“There was a way of doing business before and that needs to change when the Army migrates to enterprise e-mail,” he said. “All of those things are being fleshed out by the Army, and we’re taking lessons learned and translating them to the rest of the DOD community that will follow the Army’s lead.”
The Army’s enterprise e-mail system is the first of the common user services that DISA is implementing, said John Howard, deputy chief technology officer of computing services at DISA. Ultimately, the expectation is that other DOD components will also migrate to a departmentwide e-mail system.
By merging e-mail systems and multiple versions of Microsoft Exchange and Active Directory into one integrated, enterprise e-mail system that DISA hosts, DOD will save 20 percent to 30 percent initially and then closer to 60 percent of the current costs, Howard said. With all DOD users in a single global address list, it will make it easy to find personnel regardless of their service, component or organization.
DOD’s Common Access Card system is a critical piece of DISA’s enterprise user concept, designed so that anyone with CAC credentials can go to any DOD location and log in to the e-mail system and be productive, Howard said. That common identity also eliminates the need to remember multiple user names and passwords, he said.
The cloud-based Army enterprise e-mail solution is hosted at nine of DISA’s Defense Enterprise Computing Centers (DECCs). DISA operates 14 DECCs: 11 in the continental United States, one in the Pacific, one in Europe and one in Bahrain.
A strong link exists between cloud computing and data center consolidation. Both focus on improving operational efficiencies while taking advantage of economies of scale within IT organizations. Cloud computing accelerates data center consolidation efforts by reducing the number of applications hosted in data centers.
As a result, in February 2010, the Federal Data Center Consolidation Initiative (FDCCI) was started to consolidate the government’s fragmented data center environment with the goal of eliminating 800 of the 2,100 federal data centers by 2015. FDCCI’s goal is to assist agencies in identifying their existing data center assets and formulating consolidation plans.
OMB will release data center reduction targets by agency as part of the fiscal 2012 budget. The potential savings from data center consolidation are enormous. About 30 cents of every dollar invested in federal IT is spent on data center infrastructure. The Federal Cloud Computing Strategy issued in February argued that by “using cloud computing services, a federal agency does not need to own data center infrastructure to launch a capability that serves millions of users.”
Despite the efforts of FDCCI, Rivera said DISA has no plans to consolidate its 14 DECCs. Continuous data center consolidations and transformations since the 1990s have yielded significant reductions in unit cost, as DISA has moved from mainframe processing to distributed processing and now cloud computing. DISA consolidated more than 100 information processing centers operated by the military services and DOD agencies into 16 megacenters that were later further consolidated into what became known as the DECCs.
It’s this kind of consolidation that needs to occur across DOD, DISA officials say. DOD operates 772 data centers, the most of any federal agency. And within DOD, the Army is the biggest operator, with 250 data centers worldwide, which also makes the service one of the largest data center operators in the federal government.
To remedy that situation, the Army plans to reduce during the next five years the number of data centers it operates by 75 percent, from 250 to 65. One of the ways that the service hopes to achieve that dramatic reduction is by tapping DISA's DECCs.
Rivera said DISA has had discussions with the Army about supporting the service’s data center consolidation in Europe in particular, where DISA’s DECC in Stuttgart, Germany, recently underwent a 2,600-foot expansion. He emphasized that the agency is still in the initial discussion and discovery phase with the Army, as they look at moving some of the service’s enterprise applications to DISA DECCs, thereby making it possible for the service to close data centers.
“The services do maintain data centers to meet their own requirements,” DISA’s Mihelcic said. “What we really want to do is use the DISA data centers to serve the joint, cross-service requirements. We want to eliminate some of the redundancy with service-unique applications and consolidate them in a way that is used across the department.”
NEXT STORY: Military scouts best ways to protect stored data