The Defense Department and the contractors who serve it love to talk about the tactical edge. Everyone from generals down to the newest business development employees for any vendor will tell you how important it is for soldiers, sailors and airmen to receive the information they need in real time without worrying about the underlying infrastructure.
This is especially true for commands outside the United States. The Pentagon recognized this as it laid out this vision last June with its cloud strategy for commands outside the continental United States (OCONUS).
“Delivering cloud innovation to the tactical edge requires modernization within all layers of the infrastructure. This modernization must meet the needs of a range of user-profiles in theater, from the warfighter operating outside the wire to the mission planner or IT administrator operating within an established base perimeter or U.S.-led humanitarian efforts,” the authors wrote.
Eight months after the release of that strategy, the Army will be among the first services to test out the concepts of an OCONUS cloud.
Raj Iyer, the Army’s chief information officer, said in January that the service is working with Indo-Pacific Command to establish edge computing in the cloud.
“This is an area where we are pioneering this kind of effort across the DoD,” Iyer said at the Army IT day sponsored by AFCEA DC in January. “What this will do is allow us to start to integrate cloud into all aspects of experimentation in the Pacific. We’re going to be focused at the core and the multi-domain task force (MDTF) level. As you know, the multi domain task force that we’ve established at Joint Base Lewis-McChord, we used them for the experimentation in the Defender Pacific last year. And as we start to do more exercises this year, we’re going to start to integrate more of the cloud capability and the capacity, along with some of the other technologies such as low Earth orbiting satellites (LEO), and medium Earth orbiting satellites (MEO) into this architecture to look at how we can achieve the resiliency that we need through cloud to be able to exchange large volumes of data from the strategic corners, back to the tactical edge.”
Iyer said the Army tests of OCONUS cloud will begin in Hawaii and Guam.
The Army created the multi-domain task force in response to the near peer adversaries, including placing two of them in the Indo-Pacific region, namely to address potential threats posed by Russia and China. The service expects to stand up the MDTF in the Indo-Pacific region later this year.
Brig. Gen. Jim Isenhower, of the MDTF at Joint Base Lewis-McChord, said in February 2021 these task orders will be “new, networked, maneuver theater assets, focused on adversary anti-access/area denial, (A2/AD) networks.”
Supporting the multi-domain task force
Lt. Gen. John Morrison, the Army’s deputy chief of staff G6, put a finer point on that new networked approach in December when he offered an update about expanding the Army’s data and cloud efforts.
“We have recently published an execution order that aligns our resources and our energies to … the capabilities that we will start providing to our theaters. It will be anchored to the multi domain task forces,” he told reporters late last year. “We can increase the numbers of reps and sets and quite frankly, increase our learning opportunities as we really work through how do we enable data at the edge so that we can significantly increase our ability to see, sense, understand, decide and act, and achieve decision dominance that we’re going to need to for a multi-domain capable force.”
Morrison said the Army’s digital transformation strategy and its updated data plan are aligned to provide specific exercises and operations for the necessary integration to improve mission requirements.
“As we put out our initial cloud and hybrid cloud and data capabilities to support the multi domain task force, that’s going to put pressure on what we need to do from a unified network perspective so we can provide that secure highway with the right guardrails, so that synchronization is going to be absolutely critical,” he said. “I think the Army is putting the appropriate governance in place to make sure that we keep those all nested, integrated and aligned so that we are moving forward in a common direction. I think that’s the power of what the Army digital transformation strategy does for us.”
Morrison added that the Army knows it will remain in this hybrid cloud setup for the medium-to-long term because any adversary will try to downgrade communications at the start of a conflict. He said cutting off access to the cloud means missions likely would become ineffective requiring DoD to keep enough on-premise capabilities in place.
“We’ve got to find that right balance that allows us to really take the power of the cloud and the capabilities that will be resonant there and apply them at the point of need,” he said. “It’s not just the ability to bring it to the point of need. It’s the point of needs to be able to reach back to capabilities that it needs and bring it forward at speed against a thinking adversary so that we not only gain, but we maintain decisive decision dominance and we’re able to see, understand, decide and act way faster than our adversaries.”
More data, networks going to the cloud
The OCONUS cloud pilot is part of a broader effort going in the Indo-Pacific Command. Brig. Gen. Jacqueline “Denise” Brown, the command’s J-6, director of command, control, communications and cyber, told AFCEA’s SIGNAL magazine in November that DoD wants to create a secure mission environment that includes classified and unclassified data and networks. To that end, Brown told SIGNAL that it plans to take advantage of the Thunderdome zero trust effort from the Defense Information Systems Agency.
DISA awarded a $6.8 million other transaction authority deal to Booz Allen Hamilton at the end of January to develop prototype.
Iyer said the OCONUS effort is part of a larger initiative to move more of the Army’s networks and data to cloud services.
The Army launched the cArmy platform in early 2021 to make using commercial cloud services easier and more secure from Amazon, Microsoft and soon Google.
“We have an aggressive path forward this year to start to look at shutting down our data centers. But we know we’re going to need certain capacity on-premise to be able to handle certain workloads. But we do want to be able to integrate this into a hybrid cloud architecture,” Iyer said. “That’s the journey we’re on in terms of integrating that in between the commercial cloud and the on-premise infrastructure that we have. But more importantly, what we did last year and what we’re going to do even more this year is to operationalize the capacity that we have.”
Iyer said more than 40 mission critical applications, including three enterprise resource management systems, are already in the cloud provided by cArmy.
He said the Army will continue to migrate more data and applications to the cloud as it gets out of the data center business.
“We’re putting a lot of effort into operationalizing that. It’s also making sure that we are able to do cost optimization in the cloud. If you don’t do this right, you could very well be in a situation where cloud is costing us more than what it used to be in an on-premise environment,” Iyer said. “We’ve got to make sure that we’re looking at cost optimization, like how many virtual machines do we need? What can we turn off? Where do we need reserve instances? And where do we need the flexibility to be able to do this depending upon the mission scenarios?”
Iyer added the Army is not only going to move applications to the cloud, but also shut down data centers. The Army has been trying to extradite itself from the on-premise world since 2010. So whether Iyer has finally found the secret sauce with cArmy is yet to be seen.
The move to the cloud will also help the Army’s collection and use of data as a strategic asset.
“We’ve got to make sure that we’re able to harvest the data in those applications and then those systems. As we modernize our architecture approaches, it’s all about application programming interfaces (APIs) and micro services,” he said. “We’re assisting system owners across the Army in terms of helping them architect what their systems need to look like. We have established a good API management platform in cArmy that is available to the enterprise. We’re going to start directing and mandating the use of these tools in our platform.”
Another key piece to the cloud effort is a desktop-as-a-service offering so users can access the network through the cloud and not have to go through a virtual private network (VPN).
Iyer said the goal is for Army users to use any network anywhere they are and through any device.
“We were not ready to take on certain cybersecurity risks. So for example, we did not enable you to download files from there to your personal desktop, even though we did allow you to access Army O365 from your personal devices. We didn’t allow you to download documents, and that put a huge pain on our users because there was no way for them to sign a lot of PDF forms, whether it was COVID-related, showing exposures or infections or vaccinations and exemptions and so on,” he said. “So I have just authorized the Army to do that. NETCOM is in the process of implementing that. [By late January] you will see that functionality rolled out in Army O365 to all users.”