How milCloud 2.0 makes DOD cloud migrations easier

The recent addition of VMware and AWS services to milCloud 2.0 improves the service’s ease of use, security and cost for both fit-for-purpose and general-purpose cloud needs.

The Defense Department’s milCloud 2.0 celebrated its third anniversary last month by adding VMware and Amazon Web Services, meeting both fit-for-purpose and general-purpose cloud needs.

The new offerings should help accelerate cloud adoption among defense organizations -- an undertaking that has been slow. A 2018 memo required defense agencies and DOD field activities to migrate all appropriate workloads to milCloud 2.0 by the end of fiscal 2020, but research by MeriTalk found that only one in five were doing so.

There are three reasons why this will help speed adoption, said Jim Matney, vice president and general manager of the Defense Information Systems Agency and Enterprise Services sector within the defense division at General Dynamics Information Technology (GDIT), which owns and operates the technology stack for milCloud 2.0. They are ease of use, security and cost.

“We have seen a significant amount of interest in mission partners leveraging AWS and the milCloud offering, the on-premise offering, via the milCloud 2.0 contract,” Matney said. “This has really put milCloud 2.0 on the map.”

Some of the delays in cloud adoption have been associated with the acquisition process, but because the milCloud 2.0 contract has already been awarded, no additional acquisition is required. Instead, customers can go to a portal, create an account, deposit funds and have cloud services running within 48 hours, Matney said. He likens it to buying an E-ZPass and spending down the account as services are consumed.

What’s more, before defense organizations migrate their applications to milCloud 2.0, they must ensure they are cloud-ready, which requires refactoring or other prep work. Because milCloud 2.0 now uses the VMware virtualization platform that many customers already have in their data centers, they can move applications without the heavy lifting.

Migrating applications into milCloud 2.0, “takes less of an upskill environment,” Matney said. “It’s going from a like to like environment, so it should expedite and enhance their abilities in being able to migrate to the cloud even faster.”

DOD’s many cybersecurity requirements can also stall cloud migrations. MilCloud 2.0 provides a commercial cloud service built on-premises inside the DOD Information Network (DODIN), which provides an additional layer of security for applications that need it, Matney said.

Moving to the cloud can help defense organizations reduce their attack surfaces. By closing data centers and centralizing applications in an enterprise cloud, agencies give hackers fewer potential points of entry.

“By migrating their applications to the cloud that’s already in the DODIN, that would reduce that landscape,” he said. “You minimize the number of threat vectors” a hacker can target.

The third factor is cost. Because milCloud 2.0 is built on DODIN, it doesn’t come with the additional transaction and bandwidth fees that many cloud providers charge.

The cloud that GDIT has historically provided is an on-premise, infrastructure-as-a-service, fit-for-purpose cloud. That aligns with the DOD Cloud Strategy that calls for both types. Released in 2018, the strategy states that where a general-purpose cloud solution, such as AWS, cannot support mission needs, DOD may use a fit-for-purpose commercial or on-premises cloud solution. With milCloud 2.0’s new setup, customers can get both in one place.

Previously, a defense agency that wanted to use on-premise service would use milCloud 2.0, but it would have to use another contract vehicle for a general purpose cloud. “Now, under the single umbrella of milCloud 2.0, we offer the customers the ability to have a choice about where to put [fit-for-purpose or general-purpose] under one contract,” Matney said.

MilCloud 2.0 is the only enterprise cloud that provides IaaS across DOD, and with AWS, it’s the only one that provides on- and off-premise and fit-for-purpose and general-purpose clouds.

The number of workloads that have migrated to milCloud 2.0 doubled in 2020, compared to 2019, indicating that progress is already happening.

For the contract’s fourth anniversary, Matney expects to discuss IL-6 authorization, which will support Secret Internet Protocol Router Network, or classified, workloads. He said that should be operational and available this summer.

Two other major DOD cloud efforts are the Defense Enterprise Office Solution and the Joint Enterprise Defense Infrastructure programs. GDIT won the $4.4 billion contract to handle DEOS in October 2020. The contract’s goal is to streamline the department use of cloud email and collaboration tools by migrating existing Microsoft Office 365 tenants to DEOS.

The much-beleaguered JEDI, however, continues to be in a holding pattern. Although DOD affirmed its contract award of the program to Microsoft last September, AWS filed a lawsuit against the decision in December 2020.

An information paper from the DOD CIO to Congress on the litigation suggests that DOD wants to move on: “Regardless of the JEDI Cloud litigation outcome, the Department continues to have an urgent, unmet requirement. Specifically, the Department’s need for … enterprise-wide, commercial cloud services for all three classification levels, extending from the homefront to the tactical edge, at scale. We remain fully committed to meeting this requirement -- we hope through JEDI -- but this requirement transcends any one procurement, and we will be prepared to ensure it is met one way or another.”

Matney said he could not speculate on what will come of JEDI or what its dissolution would mean for milCloud 2.0.

This article first appeared on GCN, a Defense Systems partner site.