Insight by Fortinet

CBP’s network modernization plan centers on secure, fast access to data, systems

The U.S. Customs and Border Protection is used to working in austere conditions. With more than 350 facilities across the country and some in the most desolate regions of the northern and southern borders of the U.S., it’s not unusual for officers to experience technology dead zones.

While border patrol agents may have to continue to keep watch over these isolated areas, they may not have to live in technology deserts much longer.

Sonny Bhagowalia, the deputy assistant commissioner and deputy chief information officer in the Office of Information and Technology at the U.S. Customs and Border Protection directorate in the Homeland Security Department, said the agency is addressing network and bandwidth challenges, first and foremost, and then securely connecting devices and data to agents through the cloud.

“The video application, the data application are more bandwidth hogs and then there is the latency. Because of some of the places we serve, like the 360 ports of entry, we don’t have enough carrier diversity or availability there so we then have to provide other capabilities like wireless and fiber so we are increasing that,” Bhagowalia said on Ask the CIO. “It’s a dual strategy to keep resiliency and increase bandwidth. That has allowed us to do our missions faster because there is a big demand for analytics on the frontlines.”

As the demand continues to grow and as cyber threats continue to increase, CBP is addressing its agents and officers’ need for data and tools in multiple ways.

In the short term, CBP is implementing a software-defined local area network (SD-LAN) to manage network traffic and improve cybersecurity.

“We can restrict traffic flows in certain areas immediately and work with trade partners in the supply chain,” he said. “We have some switches that can reduce cabling across the data center. We have logical separated tenets so we can be multi-tenets. Everything is available so you can configurable immediately through a graphic user interface, and the throughput is getting to 40-to-100 gigabits in terms of the overall capacity.”

Over the long term, CBP is starting to evaluate software-defined wide-area network. Bhagowalia said the SD-WAN will address several of the agency’s biggest network challenges, including bring bandwidth to the field sites and make it easier to upgrade and reconfigure.

“Currently, our first and primary priority is keep the mission going now. We are definitely seeing huge increase in the need for bandwidth,” he said. “Network is an enabler to making sure computing, data and applications work. I’ve not seen that level of synergy that the network must support the mission because if it goes down, we have to bring it back up as soon as possible.”

Cloud migration plans in the works

The move to the cloud underpins much of this network improvement plan.

CBP has reached out to industry several times over the last year for cloud migration and data center consolidation help with a request for information in March 2018 and another one in February with other DHS headquarters and other components.

CBP, U.S. Citizenship and Immigration Service, the Immigration and Customs Enforcement and the General Services Administration held an industry day in February as well around cloud migration and data analytics.

“We are working with the cloud executive officer Kshemendra Paul in the department to see what they are doing, and we are looking to the components for their ideas. I think that is what you saw that [industry] day,” Bhagowalia said. “What is coalescing realistically is not only do we want more diversity in vendors and small businesses to bring that innovation and hunger to us, we also have to let our acquisitions out so you will see some of that with some cloud components in there. We also are looking at some data center migration and cloud program that allows us to coalesce the rest of our efforts when we get to the big programs. They will have their own acquisitions with a cloud component and an integration area. For the rest of them, we are still working toward the full acquisition strategy.”

He said CBP is focused less on the cloud but how the platforms help it meet mission, manage and provide data, and bring innovation to solve problems.

Bhagowalia said CBP likely will not issue one big cloud procurement, but many small ones to help the agency modernize applications and systems in a secure and resilient manner.

“We have to operate at a Federal Information Security Management Act (FISMA) moderate to a FISMA high level,” he said. “Cloud allows us to deploy things faster and that’s the key to our mission. We deploy things in agile, concurrent fashion in days, not weeks. In some instances, it’s quite stunning in terms of how many concurrent teams we have doing that and that’s all available through the cloud.”

Bhagowalia said the speed to mission that the cloud provides is hugely important to the agency as threats constantly change. He said that’s why it’s important that the CIO’s office has taken extra steps to connect to the mission customers.

Bhagowalia said senior level staff work directly with the CBP offices on application development using a dev/ops approach that includes 1-to-2 week sprints.

You have to make sure you have the faster authorities to operate. You have to make sure there is adequate security is built in. You have to make sure the data classification is proper and privacy is thought through,” he said. “But at the end of the day, applications features are done and deployed in two-week increments and done concurrently at many levels. That is what CBP a little bit more unique.”

The CBP Path to IT Modernization

Cloud allows us to deploy things faster and that’s the key to our mission. We deploy things in agile, concurrent fashion in days, not weeks. In some instances, it’s quite stunning in terms of how many concurrent teams we have doing that and that’s all available through the cloud.

The Authority to Operate Process

We are really making sure that we are not only inserting technology in a pragmatic fashion, but we are making sure first that the bandwidth is there. We are increasing bandwidth at each location. Guess what is happening? The video application, the data application are more bandwidth hogs and then there is the latency. Because of some of the places we serve, like the 360 ports of entry, we don’t have enough carrier diversity or availability there so we then have to provide other capabilities like wireless and fiber so we are increasing that.

The Balance of Security and Flexibility

You have to make sure you have the faster authorities to operate. You have to make sure there is adequate security is built in. You have to make sure the data classification is proper and privacy is thought through. But at the end of the day, applications features are done and deployed in two-week increments and done concurrently at many levels. That is what CBP a little bit more unique.

Data and Analytics

One of our top priorities is deploying data analytics capabilities so agents and officers can have informed decision making quicker where they are on the front lines. We are using modern technologies and systems like graph databases, complex analytics and providing dashboards and visualizations so you can see how the information links together. We take data with context to make information and with our experience it becomes knowledge.

Listen to the full show: 

Copyright © 2019 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.