Defense Systems

DISA makes headway on key enterprise initiatives

The agency has laid groundwork for a private cloud and guided the Army e-mail migration in 2011.

Greg Slabodkin

|

The Defense Information Systems Agency (DISA) saw momentous changes and challenges in 2011. The agency began the year celebrating its 50th anniversary as an organization, completing its headquarters move from Arlington, Va., to Fort Meade, Md., and ended the year with Air Force Maj. Gen. Ronnie Hawkins succeeding Army Lt. Gen. Carroll Pollett as its director.

“This has been a year of major transition for DISA. The move to Fort Meade was a huge change and it looks like they pulled if off pretty nicely,” said Warren Suss, president of Suss Consulting. “They retained more of their staff than anticipated. They are a little bit further away from the Pentagon, which will create its own challenges. But, by and large, the move has been successful and their worries were not realized.”

Related coverage:

DISA certifies first Android device for Pentagon personnel

Air Force's Hawkins named to lead DISA

In the middle of that physical transition, DISA also took on a full plate of ambitious initiatives in 2011 that included continuing to put in place the building blocks for a Defense Department private cloud to migrating Army enterprise e-mail to host servers at DISA Defense Enterprise Computing Centers.

DISA’s 2011-2012 Campaign Plan, released in June, summed up the agency’s priority as providing “a core enterprise infrastructure of networks, computing centers, and enterprise services (Internet-like information services)” designed to support new service-oriented implementations, including cloud computing and server virtualization.

“There have been some DISA services in the cloud, such as forge.mil and RACE, but those have been relatively specialized, narrow instantiations of cloud services,” Suss said. “Now, with DISA moving into Army enterprise e-mail, they’re moving into a whole different level of cloud services, which are the day-to-day operational, end user-focused services.”

However, given the complexity and scale of this undertaking, the road to Army enterprise e-mail in 2011 saw some major speed bumps.

Operational pause

At the DISA Customer and Industry Forum in August, Army CIO Lt. Gen. Susan Lawrence described the service’s enterprise e-mail migration as “bold and audacious” in its plans to migrate 1.4 million unclassified Army users to the DISA-managed enterprise e-mail service. The Army’s large-scale migration began in April, but by the end of May had developed serious performance and reliability problems.

“We took off like gangbusters,” said Lawrence. “What we uncovered was an extremely, extremely dirty network. By putting everybody into this enterprise environment, we found we had 10 years of over 300 [Designated Approval Authorities] thinking they owned the network. We found firewalls where there shouldn’t be firewalls. We had software that couldn’t talk to other software. So, we had to bring a team together and literally just clean up the network.”

As a result, Army Maj. Gen. Jennifer Napper, commander of NETCOM/9th Signal Command, started an “operational pause” for the service’s e-mail migration on May 30.

According to Alfred Rivera, director of DISA’s computing services directorate, the problems that had to be resolved included configuration challenges at the base level that resulted in some large latency problems. Rivera said an Army/DISA triage team went to posts, camps and stations to figure out why there were inconsistencies at different sites. Among the configuration challenges also identified, he said, were at the operating system level for Blackberry users.

“There were inconsistent network configurations that were contributing to the latencies and I think the Army has really gotten a handle on that now,” Rivera said.

A report from Napper found that at the start of the operational pause, most installations had about 80 percent compliance with pre-migration guidelines, which eventually improved to 90 percent to 95 percent compliance. In addition, before the operational pause, she reported that “all Army installations had lots of issues with connections dropping and Outlook freezing” but these were “greatly reduced” after DISA made firewall architecture changes.

“In some cases, we were overly conservative in terms of the information flow through firewalls, both internally as well as externally, and got some efficiency gains and streamlining there,” said Alan Lewis, vice director of computing services at DISA. “Efficiencies and improvements were also made with the business and operational processes in a trouble-ticketing sense for incident reporting and problem management.”  

On Sept. 6, the Army lifted its three-month operational pause for its migration to DISA-hosted enterprise e-mail. According to Rivera, DISA and the Army continue to leverage the lessons learned and improve procedures developed during the operational pause. As evidence, he pointed to the fact that October was the biggest month for Army enterprise e-mail, with 76,000 migrations.

Originally, the Army and DISA planned to complete the migration by the end of this year. However, March 2012 is the new goal.

“Things are progressing very well. We have over 220,000 users who have migrated now [as of November],” said Rivera. “We’re moving on average about 5,000 users a night into the system. The goal being that we will have all 1.4 million users provisioned on enterprise e-mail for the U.S. Army by the late March time frame.”

Rivera said the Africa, European, Strategic and Transportation commands all have plans for a DISA-hosted enterprise e-mail migration. Discussions are continuing with the Northern and Pacific commands and the Defense Logistics Agency, he said. 

Although DISA has not signed up services other than the Army to migrate to DISA-managed enterprise e-mail, Rivera said the Air Force is very interested – an opinion shared by Air Force CIO Lt. Gen. William Lord.

“I would like General Pollett to be the cloud provider for us,” said Lord in August at the DISA Customer and Industry Forum. “It could be private cloud, could be public cloud, could be hybrid cloud. I think we can use a combination of all of those. Right now, I would tell you that the Air Force is leaning towards DISA to stand up those things.”

“This is more than a proof of principle. It's more than a pilot,” Pollett said at the conference, referring to Army enterprise e-mail and the DISA cloud. “This is a game changer in terms of how we provide services within the department. This is the wave of the future.”

Leadership change

Although Pollett won’t be at the helm of DISA when the Army enterprise e-mail migration is completed in 2012, that's his legacy as DISA director. At press time, DISA officials declined to provide an exact date at which Hawkins would take over as DISA's top leader. Hawkins will return to DISA after briefly serving at the Pentagon as the Joint Staff's deputy director of command, control, communications and computer systems.

“Ronnie Hawkins will bring a lot of continuity to the job because he was the DISA vice director until recently, so he knows the organization well and all the players involved,” Suss said.

Although DISA might be gaining a seasoned veteran in Hawkins, the agency is losing a number of senior executives who have been the foundation of its organizational leadership. Paige Atkins, DISA’s director of strategic planning and information, recently left to become vice president for cyber and IT research at Virginia Tech’s Applied Research Corp. Filling Atkins' role is Tony Montemarano, who previously served as DISA’s component acquisition executive.

“Tony is a very well established leader at DISA and knows the organization inside and out, and has been involved in every key strategic decision as one of the DISA seniors for the past decade or more,” Suss observed.

Montemarano’s old job remains open, with Rebecca Harris, DISA vice component acquisition executive, serving as acting component acquisition executive until a replacement is found.       

Meanwhile, Richard Hale, DISA’s chief information assurance executive, left the organization to work as deputy to DOD CIO Teri Takai. With Hale’s departure, Mark Orndorff is continuing in his role as program executive officer for mission assurance and network operations as well as chief information assurance executive.

Going forward, DISA’s leadership in 2012 will continue to embrace the economies of the cloud environment, a fiscal reality in these budget constrained times. Consolidation and optimization are the models of efficiency and cost effectiveness as tough IT choices lie ahead at the enterprise level. As Pollett has said, cloud is a “game changer” and DISA intends to be the cloud provider for DOD.

“The big change this year is that the budget pressures and the change in technology have pushed DOD as well as DISA to make a real commitment to cloud services,” said Suss.

Technical guidance

In late October, DISA’s Enterprise Wide Systems Engineering issued a request for information from industry to help the agency come up with a “recommended interoperable DOD architecture to design, develop, and deploy cloud services from the DOD cloud service provider perspective." According to the RFI, there is an urgent need to develop a “coherent enterprise level DOD cloud computing technical framework, architecture, and implementation guidance supporting all cloud services for DOD to ensure the interoperability of DOD clouds.”

The technical guidance for cloud computing services that DISA is seeking from industry will cover how to build interoperable private cloud services. However, as Takai has contended, there will be situations where DOD will be able to use commercial cloud providers, as long as those providers meet the department's security standards.

In addition, Takai has made the case that there might be opportunities for DOD to leverage a public cloud for those applications that don't require that kind of security on its networks.

“Certain mission-critical applications will not leave a private cloud infrastructure,” said Ned Miller, chief cloud strategist for Symantec’s Public Sector market. “But, for other apps like virtual disaster recovery and Web services, DOD is going to look to migrate those to whatever service makes the most economical sense.”

“There’s definitely an opportunity for a hybrid cloud especially for those environments where we want to partner,” said DISA’s Rivera. “We have already started looking at opportunities where we can use hybrid clouds. [These are environments] where we still have some level of identity management and access but it’s in an environment that’s not necessarily in our dot-mil domain.”

According to the DISA campaign plan, technological enhancements are necessary to implement a full cloud computing strategy, including enhanced information assurance capabilities, improved application monitoring, automated provisioning, and automated infrastructure orchestration.

However, Gunnar Hellekson, chief technology strategist for Red Hat's U.S. Public Sector, cautions against viewing technology as a panacea when it comes to cloud computing.

“All the technology in the world won’t overcome inefficiencies in the enterprise, and the move to cloud infrastructures draw those inefficiencies into the open,” Hellekson said. “So if you’re DISA, and you’re building a cloud, you want to pay attention to the entire ecosystem of policies and procedures around your infrastructure. If you focus on the narrow technical questions, you'll be unpleasantly surprised.”

As an example, he points to DISA’s Rapid Access Computing Environment (RACE), the agency’s private Infrastructure-as-a-Service solution that was one of its first cloud implementations. RACE, which went operational in late 2008, is a self-service portal which allows DOD users to provision servers in its secure computing environment.

“[DISA] did a lot of work to make it simple for their users to pay for computing power with a credit card,” said Hellekson. “Technically, the solution works just fine. In practice, their internal business rules make it impossible to transfer money between departments any quicker than three days. That means that no matter how flexible their internal IT systems are, they’re only moving as quickly as their weakest business process.”

NEXT STORY: What does sequestration really mean for DOD?

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.