DoD to issue commercial cloud policy directive

August 24, 2011

The Department of Defense will soon issue a commercial cloud computing policy, according to agency chief information officer Teri Takai.

“We’re going to be moving in many cases toward a private cloud construct, but we’re thinking about the possibilities for commercial cloud,” Takai told an audience at the annual Defense Information Systems Agency conference, according to Information Week. “One of the things my office is working on is, as we move toward commercial cloud, what does that mean and what do we need from a DoD perspective.”

Takai didn’t give any more details on the actual release of the policy.

Takai also discussed the Army’s new enterprise email system and what it means for other branches of the military. The Army’s system is built in the Defense Information Systems Agency’s private cloud. She said she would like to see others use it if they see value in it.

“Remember that enterprise email doesn’t necessarily mean that everybody goes to DISA. We have to get to a common identity management structure, we have to get to a common directory structure, we have to be able to collaborate. That’s really the infrastructure that’s critical here. We’re working with the Navy right now to say, ‘What does that look like for Navy?’ My preference is to work through the technical details to get to our end objective, because when you do that, you don’t have to dictate. Otherwise, if I dictated something, I’m going to be the bad guy every time somebody’s BlackBerry doesn’t work. That doesn’t get you to the end objective.”


DoD’s cloud e-mail plot thickens

May 5, 2011

Just how many Defense Department employees will eventually be using a cloud-based e-mail service depends who you ask.

Maj. Gen. Ronnie Hawkins, the Defense Information Systems Agency’s vice director, told reporters Tuesday, selling the Navy and Air Force on its cloud-based email system is a matter of when, not if. However, Hawkins admits, “If you talk to the services, it’s if. We’re in those negotiations with all of them right now. The ‘ifs’ are contingent on the pricing and the delivery of the capability.”

Federal News Radio’s Jared Serbu reports all eyes are on the Army’s transition to the DISA cloud, and decisions by the other agencies will likely be made based on the success or failure of the Army’s move.

So far, the Army has transferred 20,000 of its 900,000 users to the cloud. Army chief information officer Mike Krieger says the Army is stepping up its transition timeline and, with the help of a new tool, will transition approximately 1,000 users a night into the new DISA system.

However, the Army’s migration to the DISA cloud was dealt a potential setback by Congress (also on Tuesday).

The House Armed Services Emerging Threats and Capabilities Subcommittee cut funding for the Army’s email project in its markup of the 2012 budget by 98 percent until a business case analysis of the program can be completed.

The bill must still pass the full House and Senate to become law.

RELATED STORIES:

Enterprise email could pave way for single DoD sign-on

DoD to set new path for IT acquisition


How DISA is using secure clouds

August 23, 2010

Security is always a concern, but nowhere is it more important than at a place like the Defense Information Systems Agency.

Henry Sienkiewicz, chief information officer at DISA and tells us all about how they’re using secure clouds at his agency.

FCB: DISA runs RACE. It runs forge.mil, which was just used by the Army for its Apps for the Army program. What does the future hold?

HS: We actually just see a continual growth and emphasis on this. We, as an organization, have completely embraced the idea of agile dynamic provisioning — secure, scalable, elastic — I don’t want to keep using all of those buzz words, because I think, at times, we have all been Power Pointed to death, but using partnerships like Apps for the Army, has been able to allow us to recraft this as a market offering.

We internally learned a lot of lessons. We learned lessons about private code branding so that we were able to give the Army their own portal. We learned lessons about allowing middleware applications. I think you’re going to still see those other partnerships, or you’re going to see partnerships with organizations that are also pushing this envelope, like Transcom — where [leaders] are creating things like the Knowledge Management Lab out at Scott Air Force Base that are really embracing the exact same principles.

So, you’re going to see us having that continued emphasis on innovative service delivery — RACE, forge.mil. Also, when you look across that entire stack of cloud computing — global content delivery system — we’re just seeing more and more adoption of that. The 56 nodes are up and running and we’re adding more products every day. We’re working on things like enterprise recursive services.

You’re still seeing DISA looking across the entire stack and using [NIST’s] definition of the cloud for platform and infrastructure applications and software. You’re seeing a concerted push across all of those environments from the DISA family.

FCB: From your perspective internally, now, obviously you used to look more externally, now you’re looking more internally. Are you guys within DISA using RACE and forge.mil to address internal needs?

HS: Most assuredly. We have to embrace internally and use ourselves as the initial test bed for some of these things. I think one of the better examples — we were the test bed [for the DoD Visitor].

We put it up, we installed it onto our internal production system immediately. It is that ability to use your CAC card to login and sign in to a computer anywhere in the department. I was the one who accredited it for the department, and in my role as the DISA CIO — I also was the first one to install it on a production network. So, you’re going to see more of that activity, as well. We’re going to test and try it internally before we launch it out to the rest of the marketplace.

FCB: Has this been tested and tried so far within DISA?

HS: We actually have it up on our production network already, and we’re also seeing adoption across the department.

Hear more from Henry Sienkiewicz on Ask the CIO.


Always have an exit strategy when looking at cloud

April 19, 2010

Last week, Fed Cloud Blog promised to bring you more of our chat with Gunnar Hellekson, chief technology strategist for Red Hat’s U.S. Public Sector Group.

Today he starts out by explaining how Red Hat has been supporting the federal government, and also has some tips for what agency CIOs should be looking for when it comes to looking at the cloud.

GH: Red Hat has been supporting the federal government in cloud computing in a number of ways.

First, on a basic technology level, much of the innovation that’s going on in cloud computing and virtualization has been happening in the open source world, specifically, in the open source Linux project.

Red Hat is best known as a vendor of Linux services and support and our engineers have been working for many years on virtualization technology, and doing what it is that we’ve always done with the open source community, which is creating an enabling layer that sits between your hardware and your applciations and actually gives your applications access to some of the really interesting innovations that are going on down in the hardware. So, in the role as a hypervisor — in the role as a software that hosts virtual guests in a cloud computing environment, we’ve been working in that space for some time.

Second, I think it’s really interesting that if you look at some of the clouds that are being stood up now, like the RACE project over at DISA and elsewhere, you’ll see that these cloud computing environments are really offering two platforms to their end users. One is Windows and one is Linux, most often specifically Red Hat Enterprise Linux.

So that’s kind of heartening to see, in conjunction with this move toward cloud computing, we’re seeing a consolidation on to those two operating system platforms. That really, though, is just about technology and delivering low-cost, high-quality, very secure operating systems, which is something we’ve been doing for the federal government for 10 years now

I think what’s more interesting is the way in which we’re able to provide some guidance and some best practices to federal agencies, specifically through our cloud provider certification program. These programs give providers a set of best practices so that they know they will be protected against what is a very quickly moving market. Red Hat is providing them a template for success.

FCB: Is there something specific, in terms of that template, of what a CIO at agency ‘X’ should be thinking about if he or she is looking at cloud computing?

GH: There are a number of concerns, obviously.

Cloud computing is extremely disruptive. So, the CIO has a whole lot to think about.

In most cases, you won’t be providing your own cloud services. In most cases, a CIO will be a consumer of cloud services. So, as a consumer, you’re interested in ensuring that you have a supportable, standard build of you operating system so that you have a stable and predictable platform on which you can put your applications. You want the ability to post for those virtual guests — you want those to be portable.

Cloud computing isn’t just about providing cheap computing cycles, it’s also about the ability to compete the hosting of your applications with much less friction than you have today. Today, if you outsource your data center or you’re hiring another organization to host your computing workload, you have to worry about — am I going to pickup backup, and then I’ve got to take backup and go restore it to a new provider — it’s an extremely costly process.

The premise of cloud computing is to provide enough interoperability and have enough standards so that you should be able to easily move your workload from one provider to another, which creates a . . . much more competitive market than you would have before.

As you’re evaluating cloud providers, you want to be thinking about — what is their interoperability? How well would they work with another cloud provider? How easily can I move my workload from one provider to another?

For the last 10 years, Red Hat has really made its name taking folks from proprietary operating systems that were often tied to hardware . . . [and] getting them off of these proprietary hardware systems and proprietary operating systems and moving them onto commodity hardware. . . . One of the big reasons why people wanted to make that move is so that they could compete their hardware. If you had IBM, you wanted to be able to collect bids from Dell and HP, as well. That competitive market drives down the cost of your hardware.

In cloud computing now we see all of that progress of the last 10 years starting to get undone as people move onto these cloud environments. There’s a danger that you’re going to get locked into a particular hosting provider, a particular virtualization technology. So, as you’re evaluating these hosting providers, you want to be paying a lot of attention to interoperability. You want to make sure that there’s a safe exit strategy


USAF looking at ROI on cloud computing

January 20, 2010

When it comes to cloud computing, where is the U.S. Air Force?

Fed Cloud Blog answers this question by talking with USAF chief information officer Lt. Gen. Bill Lord.

“We’re determining the return on investment right now and have already signed up to be partners with DISA. DISA is evaluating their rates to make sure their rates are as competitive as everybody else’s rates are in the commercial space. Then there’s a policy thing that we have to consider about where we’re permitted to allow DoD data to reside. So, we’re in the process of harmonizing those things so we can step out on it.”

Gen. Lord said the policy is generally around data and storage, and is not necessarily specific to the cloud, though cloud computing certainly applies.

“It’s generally around storage and data warehousing. Do we own the facility? Can we control the facility? Do we need to own the facility? In my personal opinion, there are plenty of very well-run commercial data storage locations that we could be well served by. So, we’re looking at those to make sure we’re getting the best return for the taxpayer dollars.”

He added that he doesn’t foresee a private cloud for the USAF at this point; rather, his branch would operate in conjunction with DISA.

“It would be in concert with the DISA cloud. So, there might be a public piece of that, but then then there might be our piece inside DoD cloud.”

As far as benefits, Gen. Lord says there are many.

“I think with with the virtualization that you get, quite frankly there are some wonderful green benefits, some COOP benefits that I think you can get by having your data all spread out — not all in the same location. So, I view it mostly on the positive side. Clearly we have to make sure that we’re comfortable with the security aspect of breaking all this stuff apart and then being able to put it back together and not having things change, but I think, for the most part, that technology is available.”

The USAF is looking at working more on cloud within the next six to nine months.

For more, check out Federal News Radio’s Ask the CIO.

And in other cloud news on Federal News Radio . . .

On In Depth, host Francis Rose spoke with former Deputy Assistant Secretary of Defense Steven Bucci about how to buy into the cloud while staying secure.

On the Federal Drive, hosts Tom Temin and Jane Norris talked with Phil Bond, president Tech America, about fallout from the China/Google dispute.


DISA building on what’s already been done in terms of cloud

January 12, 2010

Last week, AFCEA held its monthly luncheon in Arlington.

January’s topic was DISA 2010 and Beyond.

Anthony Montemarano is the Component Acquisition Executive at DISA and was one of the panelists.

After the lunch, Fed Cloud Blog caught up with him to chat a little bit about where DISA is going in terms of purchasing cloud services.

Fed Cloud Blog: From the acquisition perspective, is there anything that you guys are doing? Are you looking at cloud in any new ways, or is it more going down the same path?

Anthony Montemarano: You’re not going to see a cloud computing contract. Just like you see forge.mil — that’s cloud computing. Same thing with RACE. Even [the] Global Content Delivery Service. That facilitates cloud.

It’s going to be components that are forming the cloud. You’re not going to see a Web 2.0 solicitation from us. You might see social networking.

You’re not going to see anything from us [in terms of a contract], but those components may contribute to the cloud solution.

FCB: Obviously, there’s a lot of work going on. GSA with Apps.gov — the idea of IaaS, SaaS, PaaS — is that a path you guys are going down at all? Or is your focus really going to be about cloud being part of the bigger solution that meets the mission?

AM: The cloud is part of the bigger solution, but as far as those specifics, it’s going to be on a case-by-case basis. Remember what I say, and I’ll say it again — if GSA is doing it, why am I going to do it?

I will tell you as the acquisition executive at DISA, we are going to exploit what’s already been done. If they’ve done it already, let’s keep going with it.

I wish I could exploit what industry has for collaboration.

Why do I want to get something special? Well, it turns out what they have doesn’t quite make it; it has to be different.

I want to take what’s available.

I want to get out of the software writing mode. That’s no fun anymore.

Later this week — a conversation with Google Federal!


DoD developing apps store; DISA rolls out RACE

October 6, 2009

The Federal Cloud Blog just spoke with Henry Sienkiewicz, Technical Program Director for DISA’s Computing Services Directorate, who told us all about how DISA is moving into the cloud with its Rapid Access Computing Environment (RACE) . . . and about the fact that the Defense Department plans to launch an apps store of its own!


Listen to Henry Sienkiewicz talking with FCB


Federal Cloud Blog: This platform that you’re building. So, you’re in DoD and you want to try something. Walk us through the steps [and] how this works.

Henry Sienkiewicz: It’s actually very straightforward. We model the portal as if we were a commercial hosting site. So, under disa.mil, at the very top of the homepage right now, you’ll see the RACE logo. Or you can go through the computing services page on the side of the DISA portal to get to the RACE environment. You just literally log on there. You have to use your CAC card. . . . You log onto the portal and you just sign yourself up. You can pick and choose a variety of options. While we’ve tried to highly standardize the environment, we recognize that some users will need more computing, some will need more storage, so we’ve given them a mix-and-match portfolio to be able to pick a variety of options, although we’ve tried to keep it standardized with a LAMP stack as well as a Windows stack.

FCB: It seems like, in some ways, you may actually be able to improve the security levels of what most servers [have] because this is something you guys focus on all the time.

HS: That’s absolutely correct, although . . . one of the other neat pieces of the portal is that we actually are able to take a NIPR, which is the way we transfer money inside the department, or a government credit card online. We launched that, actually, in October of last year and it was one of those things that took a great deal of time and effort from the rest of the team — to figure out how to do — and our friends at Treasury helped us with the process. But it was a great success story on — how do we actually allow people to have that flexibility to order as they need it [while] making sure the money trail is completely and totally followed properly? We can spin up on virtual operating environments as fast as everyone else. 23 plus of those hours from our test and development environment — I’m able to provison right now in 24 hours — [and] 23 plus of those hours is actually moving the money. So, for us it’s been a great story.

FCB: You’ve been in development and you’ve been testing. What are some of the lessons that you learned from the test platform that actually ended up going into the live platform?

HS: We actually were able to use almost all of the code, all of the process, all of the procedures. When we thought it out at the very beginning, we established a very solid baseline at that point in time. Over the course of the last year, we’ve added additional options. We’ve done incremental releases, so we’re not believers in a big bang release of just one major code release a year.

FCB: And that is something particular with cloud computing. It gives you that ability to do that — and it makes those kind of iterative releases [easier]. It doesn’t become the ordeal that it could be.

HS: By keeping it standardized underneath the covers, we’re able to gradually and gracefully release and bring the customer base along with us, as opposed to forcing them to do massive migrations all at once, we’re able to go there and gradually allow them the ability to keep moving forward.

FCB: Is this something that would be available through the Apps store, even thought [it is] seen as largely commercial products?

HS: We are not going to put it as part of the GSA apps store. We’re going to be working with the DoD CIO as they’re developing an application store, as well. So we’re going to be folding our efforts in there; however, the team that has worked on the GSA apps store and my team have been actively engaged and participating in a lot of the same venues and a lot of the same conferences and we are more than willing to share what we have done with the rest of the federal community. My boss . . . and I are routinely talking, both in public forums, as well as in government forums, on these very topics. Our team is routinely interacting outside the agency and across the department with other people who are trying to establish the exact same thing.