From garrison to tactical edge
Information Superiority in a Global Net-Centric DOD Enterprise
Now more than ever, today's warfighter requires greater access to information, enhancing combat effectiveness and providing an operational advantage on the battlefield. With U.S. forces increasingly needing to be mobile, they need faster, better informed collaboration and decision-making enabled by secure, seamless access to information regardless of computing device or location.
As a combat support agency, the Defense Information Systems Agency (DISA) is dedicated to enabling warfighters to more effectively access the information resources of the enterprise from any authorized device anywhere in the world. DISA’s ultimate objective is to create an enterprise information environment that optimizes the use of IT assets by converging communications, computing and enterprise services into a single joint platform that can be leveraged by warfighters, regardless of military branch or mission. In September, DISA released its 2013-2018 strategic plan defining the agency’s mission, vision, strategic goals and key objectives for the next five years. The plan states that DISA will lead the development and operation of a “layered, fault-tolerant enterprise information environment consisting of rapidly deployable components that allow for contingency operations in a full range of conflict.”
DISA’s new five-year plan supports the Defense Department’s global efforts and accommodates the communications and information sharing network needs for the Joint Force of the future. According to the plan, the goal is to evolve a consolidated, collaborative and secure Joint Information Environment (JIE), enabling end-to-end information sharing and interdependent enterprise services across the Department that are seamless, interoperable, efficient and responsive to joint and coalition warfighter requirements. Towards that end, DISA sees itself as the premier provider of enterprise services for DOD. Under a so-called "DISA First" strategy, the agency will serve as DOD’s early adopter for new enterprise capabilities, allowing it to validate that these capabilities to meet stated requirements, while identifying and resolving any issues and demonstrating the operational viability of the capabilities.
"As we look at enterprise services that we're trying to field for the department, one of the things our boss has said is that we have to eat our own dog food first and prove that capability and make sure that it is a capability that we would feel comfortable expanding to the enterprise knowing that it meets the department's requirements," said Alfred Rivera, DISA's principal director of Enterprise Services.
By creating a converged enterprise infrastructure, the agency is striving for a more efficient and affordable architecture through optimization and consolidation of data centers, cloud-based infrastructure and standardized application solutions. Looking to save time, money and other resources, while also improving operational effectiveness, DISA is pursuing a number of "disruptive" technologies, such as server virtualization and cloud computing.
"From an enterprise consolidation perspective, there are various communities out there that want to use DISA first in terms of migrating enterprise applications into our core data centers," said Rivera.
Cloud service broker
In July, DOD CIO Teresa Takai released a cloud computing strategy designed to move the department’s current network applications from a duplicative, cumbersome and costly set of application silos to an end state designed to create a more agile, secure and cost-effective service environment that can rapidly respond to changing mission needs. Under that cloud computing strategy, DISA was named as DOD's enterprise cloud service broker.
"Ms. Takai turned to DISA because she felt we have the acquisition, engineering and operational capabilities to look at cloud brokering as a complete service," said Rivera.
As the cloud service broker, DISA will enable DOD organizations to tailor the delivery of cloud services based on their technical and mission requirements. In addition, the agency will be the central point for integrating this information from each of the providers and making it available to the department's various stakeholders.
"The two biggest challenges are security and network operations," said Rivera.
DOD has cloud computing challenges especially in the areas of cybersecurity and information assurance (IA). DOD's Cloud Computing Strategy acknowledged the cloud environment's cyber security and information assurance challenges. They are being addressed by updating the department's IA policies and instructions, and aligning IA controls and processes with those used across the federal government.
In addition, DOD will leverage commercially available cloud services that will meet or exceed the protection needed for military mission and information assets. The department will also leverage the Federal Risk and Authorization Management Program, or FedRamp, which establishes a standard approach for assessing and authorizing cloud computing services and for defining requirements for the continuous auditing and monitoring of cloud computing providers.
DISA as a service
When it comes to cloud computing, DISA offers all three models: infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS) and software-as-a-service (SaaS).
The Rapid Access Computing Environment (RACE), which provisions servers and storage, is DISA's IaaS offering. The Secure Technology Application eXecution (STAX), a development and middleware solution that runs on RACE, will become DISA’s PaaS. STAX provides cloud-based development, test and production environments that include computing, storage, network infrastructure and middleware. An initial authority was recently given to field STAX. DOD Enterprise Email is DISA's SaaS offering. Hosted in DISA data centers, this enterprise e-mail service is designed to enable DOD users to access e-mail from any location and to collaborate with any DOD user worldwide via a global address list and enterprise calendar sharing.
“Enterprise e-mail lays the foundation for implementation of other enterprise services, and it brings us a step closer to a true defense enterprise information infrastructure that enables warfighters to connect, identify themselves, discover and share information, and collaborate throughout the full spectrum of military operations,” said DISA Director Lt. Gen. Ronnie Hawkins.
The Army is at the tail-end of migrating its Microsoft Exchange 2003 and 2007 e-mail users to an Exchange 2010 service managed by DISA.
"Enterprise Email is a great example of moving a capability to the cloud and achieving efficiencies and economies of scale," said Rivera. "The Army has proven that with their implementation showing that they're saving about $75 million a year by not having individual instances at every post, camp and station, and moving it to a DISA-hosted service.”
According to a report submitted to Congress by the Army in February, the Army expects to save nearly $380 million through fiscal year 2017 on this enterprise email effort. DISA is on track to complete the migration of the Army’s 1.4 million unclassified and 200,000 secret users by the end of March.
"We've got 600,000 people provisioned on DOD Enterprise E-mail right now. That includes Army, DISA, the Joint Staff, and [the U.S. European Command]," said Rivera. The agency also has had discussions with a number of defense organizations about migrating to the system, including the Air Force, the Central Command, the Defense Finance and Accounting Services, the U.S. Northern Command the U.S. Strategic Command.
Serving a mobile force
Cloud computing isn’t the only “disruptive” technology that DISA is leveraging to better serve the warfighter. DISA’s 2013-2018 strategic plan identifies mobility as a key initiative. The agency will “promote rapid delivery, scaling and utilization of secure mobile capability leveraging commercial mobile technology to enable an agile deployment environment for new and innovative applications to support evolving warfighter requirements,” according to the plan.
DISA will create common infrastructure and services for both unclassified and classified mobile solutions to enable the efficient application of mobile technologies to meet a wide range of DOD requirements. The agency also will establish security standards and create a certification process that is sufficiently agile to keep pace with the rate of evolving mobile technologies. While there are legitimate security concerns with mobile technologies, the potential operational impacts are huge, according to DISA.
"DISA's top priority is producing enterprise capabilities that the Department of Defense and other federal partners can leverage," said John Hickey, DISA's program manager for mobility. "The pieces that we bring to mobility as an enterprise offering, for both unclassified and classified, is the work we do with security and how we bring in the traffic that's coming from the mobile environment all the way from the device through the carriers we work with to support our global missions and all the way back into the Global Information Grid [GIG] through our gateway, leveraging the IA controls we have in place that protect us on the wired side."
In June, DOD released its Mobile Device Strategy to maximize the potential uses of mobile devices, focusing on three key areas: wireless infrastructure, mobile devices and mobile applications. The strategy is intended to align the department’s mobile efforts with the JIE and to ensure that the warfighter benefits from these activities.
"We are an integral part of what the DOD CIO is doing," said Hickey. "We have supported their strategic plan and we are working on an implementation plan. The DOD CIO has the lead for that, but DISA has provided the technical pieces to support that effort." DISA has initiated a pilot to build an enterprise wireless entry point into the GIG. The services are partners on the unclassified portion of the pilot, while the National Security Agency is a partner on the classified side. Currently, the Joint Staff has been issued 22 mobile devices for this effort and the Army more than 200. DISA planned to roll out the pilot to the Air Force, Marine Corps, and Navy by the end October. Three commercial carriers -- AT&T, Sprint, and Verizon -- are participating in the mobility pilot, with the agency looking to expand the number of carriers in the future.
"The concept is the ability to purchase commercial devices and leverage them through multiple carriers," said Hickey. "And, then, we have an implementation plan on how to go from a pilot and scale it to support larger operations." In October, DISA released a combined solicitation for an enterprise-wide mobile device management (MDM) system and a mobile application store (MAS). Both pieces are critical, Hickey said, because "you have to control the devices as well as the applications to ensure the security piece."
According to the RFP, the MDM system will function as a "traffic cop," enforcing policies, security and permissions that define how mobile devices can be used. The MAS will provide an online software distribution system, making it possible to deliver, update and delete mobile applications remotely, all based on user permission rights obtained from the MDM.
A single award is anticipated with a one-year period of performance and four six-month option periods. Contract award is expected by April 2013. A program office for the DISA mobility pilot, which Hickey manages, was established in May. With more than 250,000 commercial mobile devices and several thousand Apple and Android operating systems, the DOD mobile device user-base is significant in size.
"We see strong demand for Android and iOS devices within the Department of Defense," said Hickey. "There is future demand for Windows and the new RIM capabilities. We're also testing some of those pieces. We're looking at all different types of devices and operating systems to try and support what our customers are demanding."
Warfighter need for bandwidth
Heavy demand for satellite communications (SATCOM) bandwidth continues unabated within DOD, and DISA is putting the technology and acquisition vehicles in place to ensure those needs are being met.
"We're doing more full-motion imagery than we've ever done before, which takes a lot of bandwidth," said Bruce Bennett, DISA's program executive officer for communications. "The products that are desired are getting bigger and more complex and the only way we can get broadband to the places that we typically deploy to is by satellite.
Bennett said that about 25 percent of the satellite bandwidth DOD used in the past fiscal year is from organic sources, with 75 percent is derived from commercial satellite communications.
To better meet SATCOM requirements, DISA has teamed with the General Services Administration (GSA) on the $5 billion Future Comsatcom Services Acquisition (FCSA) to increase competition and keep pricing down. In February, DISA and GSA announced the award of the FCSA Custom Satellite Communications Solutions–Small Business contract to four small businesses. The companion FCSA CS2 full-and-open contracts for large scale end-to-end solutions were awarded in August to eight businesses.
These contracts expand the marketplace for commercial satellite communications services under the FCSA program, adding end-to-end solutions to the existing offerings in transponded capacity. Most of DOD's leased commercial satellite bandwidth is in the Ku-band. However, satellite communications are moving toward Ka-band because more spectrum is available. X-band is another option, although it has limited bandwidth commodity. That is why DISA has built all the new antennas to take advantage of both X- and Ka-band.
"The trend for pricing we're seeing is heading down," said Bennett. "Not significantly just yet, but throughout the rest of this decade we expect some rather sizable downward trends. That's basically because most of the new commercial satellites are being built with Ka packages on them that range anywhere from 4 to 25 GHz, whereas a typical Ku has 1 GHz on it. That means the fixed cost of operating that satellite is going to be spread over a lot more bits and the cost per bit has got to come down."
DISA's Teleport Program is halfway through Generation 3, which is providing all the additional antennas needed to connect to the new AEHF constellation. The second phase of the program will replace all the existing X-band antennas with a new hybrid X-band/Ka-band antenna. That will be the primary feed in the foreseeable future for wideband global satellite communications and any commercial Ka-band that DISA may exercise.
"The biggest priority is moving away from telephony-based SATCOM to network-based SATCOM," said Bennett. "That means moving off of TDM and FDMA and on to network-based protocols like MFTDMA, so that we can get a lot more efficient and a lot better utilization of the bandwidth and the capabilities we have for the same price."
The Joint IP Modem (JIPM) is a high-priority initiative for DISA. One advantage of JIPM is that it has built-in transmission security, which is a requirement for providing DOD network information across satellites. Also, it was designed from the start as an IP device and uses all the latest DVBS2 modulation schemes, resulting in almost a 4-to-1 improvement in information flow across the same bandwidth. JIPM is also small and inexpensive, Bennett said.
"By the end of this calendar year , we will have all the hubs installed in the various teleport and STEP gateways and we'll be beginning our transition to the Joint IP Modem," he said.
JIPM is currently in operation at five teleports and two STEPs. One teleport and three STEPs remain to be installed. Once JIPM is up and running at those sites this capability will support up to 25,000 modems worldwide.
"It will support anyone in DOD--Army, Navy, Air Force, Marines, combatant commands, agencies--who has a need for a small, portable, broadband service that can utilize commercial or WGS," said Bennett.