For DISA, it's a whole new -- virtualized -- world
As the agency approaches 100 percent virtualization, CIO Henry Sienkiewicz sees a new world of dynamic resources and high-value data
The Defense Information Systems Agency is undergoing sweeping changes in how it delivers information services to the warfighting community. DISA CIO Henry Sienkiewicz talked recently with Editor-at-Large Wyatt Kash about managing those changes, DISA’s progress developing more elastic systems and the role cloud computing will play.
GCN: Last fall, DISA Director Gen. Carroll Pollett talked about DISA’s top challenges. They included the complexity of operations, the rapid changes in technology, the persistent threats to the network and how to position the agency for its engagements. As CIO, how do you translate those into initiatives, and how is cloud computing going to help?
Sienkiewicz: We are fortunate to have a whole series of brilliant engineers and technologists and senior executives who really know what they want to be able to deliver to the warfighter. We’re trying to figure out how we consume and allow our users to consume data in a way that’s relevant to them — at the same time making sure that it’s authoritative. I don’t want individuals to go and use a mashed-up application and pull data from a source that we don’t believe gives the most accurate current information.
The new DISA: leaner, standardized and a bit more secretive
When we talk about the rapidly changing pace of technology, we’re moving away from fixed infrastructure and looking very clearly at how we support mobility and the whole complexity of operations. Then we are looking at the cybersecurity side and putting in initiatives inside the department that have reduced the attack plane— the amount of surface vulnerability — by about 95 percent. Now the problem with some of that is figuring out this private, public hybrid cloud model as we keep trying to go forward.
As for engagements, we look at other things like the engagement we had [last year] in Haiti with our all partners across the network, which allowed [nongovernmental organizations] to collaborate within a DOD environment in a nonthreatening, nonintrusive way.
GCN: How is elastic and scalable computing changing your technical, business and acquisition models with your customers?
Sienkiewicz: First, we’ve got to figure out how we allow people to consume by the sip across this entire enterprise infrastructure. At the same time, we need to figure out what the right service offerings are to our constituency.
One of the first pieces is our cloud environment: the Rapid Access Computing Environment. Right now, we have about 80 users. Do we envision everything in that RACE platform? No, but do we envision most of it inside a RACE-like platform? RACE for us is very much a testing development community, and we’re working harder and harder to link it up.
We also have a software-as-a-service offering, [Forge.mil], which provides very competitive pricing and where individual users and program managers are able to develop software in a secure environment. And we’re launching SharePoint as a service and enterprise e-mail. The key word I keep using here is we’re developing these things as enterprise services, enterprise offerings.
Another big project is enterprise thin-client [computing]. We are shifting from the DISA internal enterprise thin client to Joint Staff developed pilots, so we are moving to an enterprise thin-client architecture and all of the permutations that go along with that.
We’re also working on another pilot — again in conjunction with the Joint Staff — on something called V-Office. Earlier this year, DISA released DOD Visitor, which lets users onto the NIPRnet using their [Common Access Card]. You slip in your card and gain access to resources, primarily through a browser. But the question is what else can we deliver.
GCN: How is this new environment changing how you deal with developers or what they can do for DISA?
Sienkiewicz: In some ways, we’re still trying to figure it out. We have 6,000-plus users right now [in Forge.mil], so it’s a good robust development community. The question becomes how do I take those applications that are developed and put them into something like a DOD storefront, an app store, so that we’re able to say, “Here is an accredited certified application.”
Then the question is: How do I make sure that those applications are supported on these mobile devices as well as in the desktop and server environments and in the sustaining base as well as for the deployed force structure? Do we have all the answers yet? No.
GCN: The Global Information Grid Content Delivery Service is a key part of DISA’s efforts to set up more enterprise services. What do you expect in the coming fiscal year on that?
Sienkiewicz: GCDS is the Defense Department’s content delivery system. It’s the system of record for us to forward position content across the entire global environment. There are 56 nodes right now, both classified and a secret high environment. We definitely have strong footprints in theater. We’ve worked heavily with a variety of constituencies to make sure that we are delivering everything from geospatial information to PKI to patches.
One of the problems we had was forcing down patches from the [continental U.S.] base, and this solved that problem very elegantly and very quickly for us. We just see great things coming from it. You can look at this and you can say, “How else can I take advantage of all of this virtualization technology, all of the services and try to forward position other elements?”
GCN: We’ve been hearing about enterprise services for a long time. Are we at a different point now that makes enterprise e-mail easier to execute?
Sienkiewicz: Well, what I’ve seen is that we have used some of that development over the last five, 10 years to put in the foundational elements to deliver much more rapidly. Look at how DISA provisions servers inside the data centers. We buy them as capacity services. They are no longer hard assets on our books. I think we all struggled with the idea of how long it has taken to birth some of these things. But when we look at the complexity of what we’re trying to solve — from the technologies, constituencies and security — you realize that there is no real silver bullet.
GCN: Do you think the ability to have cloud computing, even in its early stages, is opening new opportunities to deliver enterprise services that you might not have been able to do even a year or two ago?
Sienkiewicz: Yes, I think the best example to give is Apps for the Army, in helping them find a better way to do software development. We did it with very strong guidance and leadership from both Gen. Jeffrey Sorenson, [who retired as Army CIO in November], Gen. Pollett and Mike Krieger, [deputy Army CIO].
I think we have found that as a good first step on showing how we deliver applications that really matter to organizations. We spent months trying to figure out how we take government credit cards. Intuitively, you say, "Well, everyone would want to use a credit card" and we find out, no, they don’t. They want to use the number because that’s just how the accounting system is set up.
I think when we start releasing enterprise SharePoint, you’ll be able to have that ability to [start considering questions such as] how do you have document management. How do you have records management? How do you tag data in all of this, and how do you have it in the e-mail system so that you’re able to grab information and data mine.
GCN: DISA has been actively moving toward a virtualized computing environment. Last year, you said DISA was at about 15 percent to 20 percent of virtualization. Where are you now, and at what point do you think you will start to need cloud computing to be able to handle incremental needs that you envision?
Sienkiewicz: The last number I saw was a little over 40 percent of our production environment is virtualized. It’s a good news story. I think there is definitely a lot more optimization that we can gain. I don’t know what the final upper limit is. I know also that there are certain categories of applications — command and control systems and PKI for instance — that you really can’t virtualize. So we’re actually going application by application to figure out which applications are completely appropriate to be virtualized and which ones are not. Except for a few outliers, we will be very much a completely virtualized organization by the end of the year.