wfedstaff | June 4, 2015 8:30 pm
The Department of the Navy isn’t making as much progress on data center consolidation and moving to the cloud as it wants to. So the Navy is moving the initiatives under a new owner and coming down hard on those who are standing in the way.
“Later this year, we will make an organizational change to our approach to data center consolidation. The Data Center and Application Optimization (DCAO) program office will move from under Space and Naval Warfare Systems Command (SPAWAR) headquarters to under Program Executive Office-Enterprise Information Systems (PEO-EIS) as a separate entity or program office,” said John Zangardi, the Navy’s deputy assistant secretary for command, control, computers, intelligence, information operations and space and acting chief information officer. “This will better align consolidation efforts with network efforts and more fully leverage the Next Generation Enterprise Network (NGEN) contract.
So we will build on their application experience. The DCAO will be responsible for establishing a working model for Navy cloud hosting service brokerage. This will be for the delivery of application hosting via commercial and federal agencies. Culturally, we have to make this shift from a mistaken belief that all our data has to be near us and somewhere where I can do and hug the server, instead of someplace where I don’t know in the cloud. This is a big shift for many within the department. It’s not going to be an easy transition.”
Since 2012, the Navy has made some progress. Zangardi, who spoke at the 14th annual Naval IT Day sponsored by AFCEA’s Northern Virginia chapter, said over the last three years, the Navy has consolidated 290 systems and apps across 45 sites. But overall, he said getting bases and commands to move faster just isn’t happening.
Insight by GitLab: During this webinar executives from the State Department, U.S. Securities and Exchange Commission, U.S. Patent and Trademark Office and GitLab will discuss how institutionalizing a DevSecOps approach to software development is a journey that must bring together the technology and business sides to change an organization’s culture.
The Navy plans to officially move the data center consolidation office into the PEO-EIS office in July.
Testing the cloud access point
Knowing the difficulties and challenges over the past few years, Zangardi said he’s taking several steps to help ease the pain.
First, he said his office picked three data centers that are lagging behind and required them to develop a plan to consolidate and move their data to a centralized data center.
Second, the Navy is rationalizing large scale apps. Zangardi said too often people hold their applications and servers close.
“I spend a lot of time thinking about the cloud access point (CAP) and our data centers. My objective is to move stuff as quickly as possible. The applications we are looking at right now to move to our cloud access point, the ones I’m most interested in moving right now, would come out of the N4 world, so we are talking about things like maintenance or aviation type of stuff so think logistics,” he said. “We’re also looking at enterprise resource planning (ERP). Can we move our ERP to a cloud type of solution to drive in more efficiencies? I think most of the things we are looking at, at least upfront, would be business sort of applications.”
The third way to ease the pain is by using pilot programs to get commands and bases comfortable with the idea of letting go of their servers and data.
“PEO-EIS and SPAWAR Systems Center Atlantic are piloting a cloud access point in conjunction with the commercial cloud service provider. It’s currently operating under an interim authority to test,” Zangardi said. “These organizations have the right expertise to develop the approach for the department to leverage the cloud. However, the CAP pilot is in its early stages. Essentially right now we are doing table top testing.
Our objective over the next year is to move from a pilot effort to what I would term a productionized commercial cloud. What do I mean by productionized? Simply to me it means an industry leveraged approach that can scale to demand from users. This capability should be secure, provide lower costs for storage and data and facilitate mobility.”
One big question about this consolidation effort is how to break out the 17 or 19 data centers that fall under the NGEN Intranet, and put them under the PEO- EIS team with the other data centers.
Zangardi said the Navy is considering an approach to this, but it’s still in the early stages.
Private cloud works just fine
While the Navy is open to using commercial or public clouds, the Marine Corps is going its own way.
Several Marine Corps IT executives seemed signal that the organization will follow closely to what the Navy is doing, but put their own twist on the initiative.
One often talked about example of this is the Marines decision to not move to the Joint Regional Security Stacks (JRSS) that is part of the Joint Information Environment (JIE) until at least version 2 comes online in 2017. Marine Corps CIO Gen. Kevin Nally said the decision not use the initial versions of JRSS is because Marine Corps’ current security set up is better and cheaper than version 1 or 1.5.
But when it comes to the cloud, Nally is even more direct. He said the Marines will never go to a private or commercial cloud.
“It’s a data issues. It’s a security issue and it’s a money issue. We’ve done numerous business case analyses and we can do it cheaper than a commercial cloud can do it,” Nally said. “We have Marines doing it. We have some contractors, but we have Marines doing the work and government employees. The other aspect of it too is several commercial companies, I’ll ask, ‘let me see your network operations security center because I want to see where my data is stored, I want to see what your tactics, techniques and procedures are and how you protect it. And by the way, if I decide to pull my data out of your data center, how do I know I got it all?’ Most of them are like, ‘whoa, you don’t need to see your data. It’s virtualized. It’s all over the place.’ Well if they will not let me in their network operations security center, some of them say ‘no’ so I’m not interested, but you are welcome to come into mine.”
Instead, Nally said the Marine Corps has launched its own private cloud in Kansas City, Missouri, as part of its Marine Corps Unification plan. The plan calls for the Marines to collapse five networks into one. He said the Marines have 54 apps or programs in that cloud today, and are planning to add another 148 to the private cloud in the coming months.
Nally said commanders must move apps to the private cloud or justify to his office why not.
But this approach to the private cloud could change in the coming year. Nally announced at the Naval IT Day that he’s retiring in July, meaning a new CIO could have a different opinion on the use of public or commercial clouds.
Nally is leaving after 34 years of service as a Marine, including the last five as CIO.
Level-4 certification needed
While the Navy is more open than the Marines to see where the public or commercial cloud fits, Zangardi said there are several things industry must do, starting most importantly with cybersecurity.
“We need you to get to Level 4 FedRAMP and DoD provisional authority. Level 1 and Level 2 data is a very, very small percentage. Level 4 is where the bulk of the data is. Without a Level 4 and DoD provisional authorization, you are not going to play. It’s really just that simple. Industry needs to get there,” he said. “Those of us in the DoN, as well as our industry partners, have to prepare for a new culture, one in which innovators get to the table faster.”
Zangardi added the Navy doesn’t plan on helping vendors get certified at level 4 because his organization doesn’t have the staff or resources to do that.
Another thing industry can help with is around mobility and helping the Navy get more devices in the hands of sailors, marines and civilians faster.
Thomas Hicks, the deputy undersecretary of the Navy and deputy chief management officer, said only 3 percent of all uniformed and civilian employees have mobile devices.
He said the Navy has to find a way to “democratize the use of mobile devices,” which may mean implementing a bring-your-own-device (BYOD) concept.
Vice Adm. Ted Branch, the deputy chief of Naval operations for information domination and director of Naval intelligence, added the DoN is looking to buy mobility-as-a-service to increase the number of devices under BYOD to between 60,000 and 80,000 users up from the 11,000 who have mobile devices today, and for half the cost.
He said the Navy has solved or is closing to finalizing a lot of the policy and management concerns about BYOD. The DoN is running a series of pilots for everything from tablets to Android phones to Blackberrys.
Those pilots should help the Navy expand its use of mobile devices in the coming year, Branch said.