Navy says all IT options open

Dan DelGrosso is director of Naval Networks and Enterprise Services at the Office of the Department of the Navy CIO. He was recently named a 2012 recipient of Federal Computer Week’s Federal 100 Award. FCW is a sister publication to Defense Systems, and the awards banquet will be held March 28 in Washington, D.C.

DelGrosso spoke to Defense Systems Editor-in-Chief Barry Rosenberg about IT efficiencies, cloud computing and enterprise services.

DS: What’s at the top of your to-do list?

DelGrosso: Our top priority right now is IT efficiencies and consolidation. The bottom line is the secretary of the Navy gave us direction to reduce our IT business expense by 25 percent. This forces us to look at different ways we can capture that. In my view, probably the best thing that happened to the IT world and [the Defense Department] as a whole was the budget crunch because it forced all of us, not just the Department of the Navy, but all of the other services to really look at what we have. If you think back to the mid-90s when the Internet was really starting to surge there was a lot of disparate homegrown networks throughout the government. I grew up on ships and was a communications LDO (Limited Duty Officer)…when we started doing the network thing, what we were finding was that if there was a command with someone who could run fiber, knew a little bit about ones and zeroes, and also had a little bit of money then they built their own network.

Those are the kind of things that we’re really looking at. Where can we consolidate? Where can we centralize where it makes sense to not just reduce the cost but to increase our interoperability and get to an integrated network, which is what we’re really trying to do. And we’re not just going to consolidate for the sake of consolidating; we’re going to do it sensibly and we’re going to make sure that our efforts are in line with the DOD, most importantly, and supported by a rigorous business case analysis, which will also include an operational impact assessment.

DS: Is the single-portal concept being discussed part of that IT efficiency effort?

DelGrosso: Absolutely. In fact, we do have that as an IT efficiency. It’s called the Navy and Marine Corps Portal Migration. Just like  networks; you have disparate portals that folks have used for one reason or another. Our goal is to capture all of that data, see where it makes sense to consolidate and centralize to where we’re down to just a minimum number of necessary portals that we use.

DS: I haven’t heard much about a Navy or Marine Corps cloud. Does one exist at this point?

DelGrosso: We [in the DON CIO office] talk about cloud a lot. You hear it through the media; you hear it through industry. The Department of the Navy does not have a specific cloud-computing model.

DS: Do others in DOD?

DelGrosso: Not within DOD unless it’s perhaps a research and development [project]. Some of our technical program managers at SPAWAR are investigating and actually initiating some prototype cloud scenarios so  we can at least make an informative decision on how we want to provide those capabilities to our unclassified network users. And as you probably are aware, U.S. Cyber Command also has an initiative, along with NSA.

But it [cloud] is just like when cyber became the buzzword, everyone wanted to talk cyber until it became a very loosely used term. I think that’s really where we’re at with cloud to be honest with you, but we are working with  industry to examine the capabilities  they have.

DS: Who in industry?

DelGrosso: I want to keep it general and do not  want to speak to vendor initiatives because that’s more in the research and development phase. We’re certainly looking at Microsoft capabilities; we’re looking at Google capabilities; we’re looking at other major vendors, but I don’t want to necessarily single out a specific vendor because I think that would be unfair.

DS: Please give me a snapshot of where the Next Generation Enterprise Network (NGEN) is at this moment.

DelGrosso: I can tell you that all eyes are on NGEN. We want to make sure we adopt the lessons learned from NMCI when we transition to the next generation enterprise network. Right now, NGEN is currently in the Request For Proposal (RFP) phase, where we’re going to industry. I’m hearing from the program manager the RFP should be out in the next few weeks.

DS: Any plans to extend the continuity of services contract in place now with the NMCI incumbent?

DelGrosso: No. And I can tell you  leadership has no desire to open that back up. Leave it as is and focus on NGEN. But the key here,  is that the future of NGEN  will be determined by several factors. We’re going to be looking at advanced technology --you know how fast technology is accelerating these days. Who knows a year from now whether there might be some new gadget or capability we’re going to want to look at.

The RFP was written to allow for that kind of flexibility. We’re also certainly going to look at the cost, and oh by the way, we need to look at the security and risk mitigation. So when we move forward with NGEN, all the pieces and parts are in the right place, again, based on lessons learned that came from the NMCI experience .

DS: We’re all watching the travails of the Army migrating its e-mail to the Defense Information Systems Agency, and the latest pause. What are your thoughts? Also, What are your thoughts on enterprise architecture development to connect the services? Should DISA be managing the DoD's main enterprise architecture projects?

DelGrosso: For enterprise e-mail you can read the congressional reports as well as anybody else. But as far as an enterprise architecture, I will tell you emphatically that I believe every service within DOD recognizes  there is a need to have a standard enterprise architecture. This goes back to the conversation at the beginning where I was talking about the disparate networks and our inability to see the network. It’s because we don’t have an enterprise architecture. When you have an enterprise architecture, you have standards, and you have common processes and procedures. That’s significant.

As far as DISA goes, DISA absolutely needs to play a major role in all this. DISA certainly offers a significant amount of services, but when we look at capabilities and where we need to go it’s fair to state, --and Congress even put this in their language-- that we also need to be looking at industry too. In other words, it’s not DISA by default. It’s DISA and/or industry based on what capabilities we need at the right cost.

DS: What are you referring to when you say "industry"?

DelGrosso: I’m talking about the commercial world. So I’ll just use Google — not to say that we would — as an example. If they have a capability that we can use that equals that of DISA but it’s cheaper to go with Google, we’re going with Google. I think that’s what Congress mandated us to do. Enterprise architecture…absolutely. Do I see DISA playing a major role, absolutely.

DS: What are the technical enablers that you need to accomplish your networking goals?

DelGrosso: I think there are three major focus areas that need improvement when it comes to our networking priorities. We don’t have enough bandwidth; the ships don’t have enough bandwidth. When we try to do streaming video, it affects the rest of the network.  So we need to have better bandwidth compression.

Second, [we] always have to have a defense-in-depth approach as far as security is concerned because without it we’re dead in the water.

And [third], I think more user awareness and education is needed throughout the enterprise.

DS: Awareness and education of what?

DelGrosso: I equate a user at the keyboard to that of a sentry at the gate when you’re approaching a base. That’s the first line of defense. And if the user is doing what he or she is supposed to do that goes a long way to a defense-in-depth approach. So I think  there needs to be more awareness so  folks understand that IT stewardship is everything, and understanding their piece of the pie counts a lot.