Cloud computing is transforming the way military organizations access, use and distribute both applications and data. However, migrating a legacy system to the cloud requires a great deal of thought and planning to ensure the development of an efficient, secure and reliable cloud infrastructure. A cloud computing industry veteran examines the key issues cloud computing adopters face, offering insights and pathways that can lead to pain-free deployments and an infrastructure that delivers maximum value. In this Defense Systems Pathfinder, we discuss the issues with William Rowan, Vice President of Sales, Department of Defense, VMware Public Sector.
Q1 Cloud computing is arguably today’s hottest IT technology. Does DOD’s Cloud Computing Strategy, released last year, provide an adequate roadmap for cloud migration? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

It does. DOD’s Cloud Computing Strategy provides a very good framework to get organizations across all service branches moving in the same direction.

However, over the next few years, as DOD organizations learn to use and manage the cloud environment, I anticipate the roadmap will evolve and move in different directions. We will see many more mission support activities versus solely supporting core services.

Q2 When transitioning from a traditional IT environment to the cloud, how can potential roadblocks be addressed or mitigated as the cloud infrastructure is developed? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

There should never be a shortage of planning as DOD organizations build their cloud infrastructure. Because organizations work collaboratively today, it enables fresh perspectives and best practices to be shared across the enterprise. The more time spent planning and collaborating as the migration progresses, the less likely they will run into problems.

Also, as organizations move toward the cloud, it gives them a chance to take a fresh look at the way they license applications. If they currently license applications by the desktop, they might want to move toward a concurrent model versus everybody having their very own license. After all, some people may be using a particular application less than others, while some may not be using the application at all. So, while cloud migration presents some challenges, it also creates opportunities along the way for cost savings.

Q3 The military has unique security requirements as well as a need to deliver high-quality services to end users located in distant and often hostile locations. How can security and performance demands be addressed when building a cloud infrastructure? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

The military has always had different security needs than the commercial world, as well as a need to deliver a high quality of service. When building a cloud infrastructure, we must ensure it is not only efficient, but also maintains the level of reliability and functionality needed to meet mission goals.

The cloud allows us, through abstraction on the server layer with virtualization, to provide a more secure environment. For example, in the event of a cyber threat, the attack may not be targeting an actual machine, but rather a virtual machine. The virtual machine is self-contained and abstracted from the hardware platforms, adding another layer of security to the environment that previously may not have been there.

Q4 The military, like most enterprises, finds itself facing a big data tsunami. How can defense organizations ensure their infrastructure will be able to support both present and future big data challenges? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

Big data presents an ongoing challenge, and one that will continue to grow with the arrival of more unstructured data. Whether we are addressing intelligence, surveillance and reconnaissance (ISR) information, video files, imagery, or other forms of data, we need to have a consistent and well thought out approach to how we tackle the big data challenge.

One area we are addressing is how to apply analytics as the data is moving across a virtual machine into the cloud. If you look at the recent announcement made by VMware and EMC to form a new joint venture, Pivotal Initiative, the effort is pointed squarely at this particular challenge. This will give us a much better handle on big data over the long term.

Q5 How can a cloud infrastructure be designed to help military organizations improve their efficiency and agility View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

One of the cloud’s advantages is its ability to improve efficiency. There’s redundancy built into the cloud model. For instance, when using a cloud infrastructure, you have additional systems and access points.

Physically, there might be one data center, but to the client it looks like multiple data centers. This makes it possible to share assets and resources across multiple systems, and enhances your ability to be more agile when responding to specific needs.

As the workload increases, the system can dynamically offload portions to other parts of the cloud with available resources. The system knows that whenever a preset load level is reached, it needs to engage other resources to continue supporting the client at an optimal level. In a traditional environment, human interaction would be required. Today, in a cloud environment, it can all be handled dynamically.

Q6 The military is always looking for ways of doing things faster, better and smarter. How can a cloud infrastructure be designed to help spur innovation in new military technologies, services and practices? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

One example is the Defense Information Systems Agency’s (DISA) Rapid Access Computing Environment (RACE) implementation, a test-anddevelopment cloud computing service that allows multiple parties of interest to share their innovative ideas. Groups can share their code in an environment spanning multiple domains, directorates and other organizations. All research is accomplished in real time in a collaborative, concurrent fashion. The RACE system is a great way of spurring innovation. For an organization like DISA, it makes perfect sense to host something that all the service branches can take advantage of.

Q7 In business, an infrastructure failure may result in lost revenue. For the military, a system collapse can bring essential operations to a halt, perhaps for an extended period of time. How can a cloud infrastructure be created for maximum reliability? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

A fire or a terrorist event could take out a data center, but unexpected outages are more likely associated with normal, everyday activities. For example, an equipment operator at a construction site across the street could inadvertently nick a network cable and shut down communications to the data center. These types of scenarios happen all the time.

A cloud infrastructure provides the increased reliability necessary to seamlessly maintain service in various types of situations. As soon as problems are detected, data is automatically migrated to another part of the cloud. The additional resources used may not even be in the same data center. If they are, the resources may be using a different power grid or connectivity path. In any event, all of the changes are made dynamically to provide a more resilient and smooth operation.

Q8 Cyber warfare is now a reality. Traditional IT environments have shown themselves to be vulnerable to cyber attacks. In what ways can a cloud infrastructure be designed to mitigate cyber risks? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

The DOD and U.S. Cyber Command are doing a great job in terms of looking at the policies and processes that we can use to mitigate vulnerabilities.

I look at the cloud as just one aspect of an overall mitigation plan. It's all about putting into place specific tactics, techniques and procedures, so when we see unusual events or anomalies happening across the cloud infrastructure, we know how to react in a proper fashion.

Abstraction separating the logical services from the physical hardware platforms gives us the capability to make the attacker believe they are attacking the system when, in reality, they may be attacking completely abstracted systems that are there simply to attract threats. In addition, when there is a problem, we can isolate a specific virtual machine, so any potential threat is incapable of passing through to the rest of the network.

The cloud infrastructure, whether we're looking at virtual desktops, virtual machines sitting in a server environment, or a software-defined network or data center, will help provide an additional layer of security against ongoing potential cyber attacks.

Q9 Compliance and conformance with policies and regulations is a particularly important concern for defense organizations. How should this issue be approached? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

Compliance and conformance issues have been around for quite some time. With the technology existing today, we have the ability to monitor the level of code installed on various servers and virtual machines. We can now look at those systems in a dynamic, real-time fashion to detect if someone has applied a different or unauthorized patch. If necessary, the system can be immediately reverted to the approved level of code or patch that should have been in place.

Because we have more visibility today as part of the overall cloud architecture, we don't have to worry about being vulnerable to attacks due to misapplied patches. With the proper toolsets and tool management in place, we have a much better chance of keeping our systems compliant and conforming to established policies.

Q10 The military is likely to face budget cutback threats for the foreseeable future. In what ways can a cloud infrastructure help control IT costs and preserve existing investments? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

Cost savings are central to a cloud environment. If I am part of an Air Force command, for example, and I have a requirement to grow in an effort to support a particular application, I may not have the budget and resources to meet these requirements. Yet I still need to grow; I still need to support my user base.

In a cloud environment, I have the ability to use infrastructure, such as storage and network resources, shared across multiple organizations. By using a chargeback model or something similar, I have the ability to access underutilized pooled assets, or resources that aren't being used at all. This approach frees me from having to find funding to acquire additional resources or perhaps even open a new data center.

The ability to conveniently access pooled resources is going to help me reduce costs over time. From a management standpoint, it will also allow me to save time, since assets can be added or removed on demand.

Q11 On-demand services are revolutionizing business IT. In what ways can a cloud-based self-service model help military adopters? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

On-demand is certainly here to stay. We'll see growing use of self-service portals, for example, providing the ability for someone to sign up for whatever applications they need. The system will automatically check the user's credentials, assign the applications and provide access to the cloud-based tools. From server, storage and network perspectives, on-demand is an efficient way of giving users the capabilities they need.

Software delivered as a service can also enhance security. It's much simpler, easier and faster to remove someone's permission to access one or more on-demand applications than to physically delete the software from the user's desktop or notebook computer or mobile device.

Q12 Today's military is expected to be both fast and nimble. How can a cloud infrastructure be designed to meet the increasing needs of a rapidly growing number of mobile users? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

Being able to leverage the infrastructure's resources to speed provisioning and support rapid technology changes is critical. The cloud allows users to share resources designed to run on one set of systems today, as well as adapt to support an entirely different set of devices tomorrow.

Since the cloud can be accessed from virtually anywhere, it provides the ability to quickly provision users operating different types of mobile devices. Beyond mobility, the cloud environment can also be used to support a wide range of fixed applications and systems. The cloud has the ability to rapidly flex resources up and down, giving users anywhere and on any platform the exact capabilities they need.

Q13 Extensibility, including the ability to customize environments and integrate third-party solutions, is a concept that's highly appealing to military cloud adopters looking to take advantage of new technologies. How can a cloud environment be designed to maximize extensibility? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

The beauty of the cloud is that it provides an open framework for the easy inclusion of additional applications and for opening APIs, enabling system components to be managed as integral parts of the overall infrastructure. An open framework not only allows the adoption of a wide range of solutions, it also enables organizations to monitor applications and how they are interacting with the rest of the infrastructure. This capability helps speed application deployments, improves system management and contributes to the overall health of the entire infrastructure.

Q14 Automated operations management enables military cloud adopters to reallocate scarce and costly resources to other critical activities. What design considerations are needed to enable automated operations management in a cloud environment? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

There are a growing number of automated management tools that enable organizations using the cloud to establish service levels for specific user groups and applications. Once all of the necessary parameters have been set and tested, the tool begins to function like an automatic pilot.

If an automated management tool detects a spike in storage demand, for instance, it immediately provisions additional resources. If it sees response times falling, perhaps due to an application failure, it can automatically create a new version of the application to have available on standby. If necessary, the automated management tool can immediately move the workload over to a fresh system.

Q15 Continuous access for all users is essential for military cloud adopters. How can a cloud infrastructure be created to ensure the highest possible level of availability? View Answer

William Rowan
Vice President of Sales, Department of Defense, VMware Public Sector

As we build cloud infrastructures, we need to be sure that we have created redundancies. There must be multiple connections put into place for network, power and other feeds going in and out of the data center supporting the cloud infrastructure. There must also be multiple access points available, so systems can be supported and monitored on a regular basis.

One of the many benefits of a cloud environment is that an organization can build its own continuity of operations. You can take applications and, synchronously or asynchronously, move data from one part of the cloud to another part of the cloud, perhaps even located in a separate geographic location. Therefore, if one data center within a cloud environment experiences a problem—say a power interruption—critical information will remain available. Such redundancy should be built into the system from the ground up, from the very beginning. These attributes and capabilities make the cloud a very powerful platform and truly a game-changing tool.