Military makes steady progress on cloud conversion
Smaller virtualization and cloud efforts experience considerable success
- By Sean Gallagher
- Aug 11, 2010
Although the Defense Department as a whole hasn’t rushed headlong into adopting cloud technology and virtualization, there are some notable exceptions where the military services are gaining ground. At the same time, other projects’ reach has exceeded the services’ grasp.
DOD organizations and agencies are having the most success with virtualization and on-demand services when they’re applied to specific applications. Although some applications reside, by necessity, on DOD’s networks, others have taken advantage of commercial data centers. The Defense Information Systems Agency’s Rapid Access Computing Environment has provided DOD organizations with an example of how virtualized servers can become infrastructure as a service, which provides a way to move more individual applications into the cloud.
“I think the way cloud adoption has been going recently is that when an agency sees an opportunity for a particular application or piece of its infrastructure, the leadership weighs whether to go set up a cloud, leverage one that exists, or, in some cases, go out to one that's available in the private sector,” said Michael Isman, a principal at Booz Allen Hamilton.
Agencies are making decisions on whether to move to the cloud based on individual needs and, in some cases, waiting to see how the first experiments fare before attempting their own. “I'm not sure that's a bad thing because I think that individual agencies should be treating cloud decisions based on their business needs and based on opportunities to better their mission,” Isman said.
Large vs. Small
Some of DOD's larger projects that have sought to apply virtualization and the cloud have given the department's information technology leadership reasons to be cautious. In May, the Army stepped away from issuing a draft request for proposals for its Enterprise Messaging and Collaboration Services program. “After careful consideration of the current market for enterprise e-mail and a thorough review of the industry responses to the draft RFP, it has been determined that additional review is necessary to redetermine the Army's requirement for e-mail services,” according to a notice posted by the Army’s Contracting Command about the decision.
EMCS sought to deliver e-mail as a managed service to the entire Army. It wasn’t explicitly labeled as a cloud project, but it certainly looked to use the sort of software-as-a-service (SaaS) functionality based on commercial cloud computing platforms, such as those that Google and Microsoft offer. The problem was the initial scope of the effort, some observers at DOD say.
DISA discussed offering an enterprise e-mail solution last year, but the effort was dropped as the agency sought to change its approach. In an interview shortly before his retirement, John Garing, the agency's former director of strategic planning, said he regretted that DISA did not set up an enterprise e-mail offering during his tenure.
“We should have done that,” Garing said. “But we got in our own way. Had we approached it as a service that [DISA’s Computing Service Directorate] offers, to whoever wanted to pay for it, we'd be well on our way by now. But we approached it as a program, internally to DISA, and it got so horrendously big that it represented an opportunity cost. We didn't have the bandwidth to do it. The Army showed how difficult it can be. But I think if we approach this as a service that people want to buy, it will be something that people choose to use, and we won't have to worry about a mandate.”
Although oversized scopes have bogged down projects such as enterprise mail, smaller virtualization and cloud efforts have had some success. And some of those smaller successes might provide the basis for a much larger cloud architecture.
One example is the Air Force’s recently certified Enterprise Data Collection Layer program, a system that provides a mobile front end to the Air Force’s Global Combat Support System. The role of virtualization in EDCL is to provide a consolidated, on-demand infrastructure for connecting mobile logistics applications to the various back-end systems of GCSS-Air Force without needing to create a direct connection to each back-end system.
EDCL isn’t SaaS in the way that Web mail and other browser-based SaaS offerings are. It uses a Web-based mobile client, but the client is connected to software running on a mobile device rather than a remote server. A Sybase SQLAnywhere database on the client caches data so that Air Force personnel can locally capture and validate data before the information is synchronized with the GCSS-AF back-end applications. It also allows personnel to continue to work on things such as determining where to safely store ammunition, taking stock of air cargo, and tracking parts used in aircraft maintenance when there’s no network connectivity. All the transaction data gets seamlessly synchronized to the cloud when connectivity resumes.
Connecting a virtualized infrastructure service with a client application also helps take some of the bumps out of using the virtual servers that provide the service, said David Wiseman, Sybase’s director of government business development. Although the virtualized servers that make up EDCL's infrastructure lower the overall cost of the system, there’s not much benefit if the structure of the application depends too much on server processing.
“The goal is overall cost savings by scaling down redundancy and not having to overbuild your infrastructure,” Wiseman said. “That also means that you want to design the application in such a way that you're going to minimize the network transmission and the processing requirements on that shared cloud infrastructure. “
Perhaps the biggest savings is in the cost of managing application life cycles and adding new applications, Wiseman said, because all of the custom connections to back-end systems can be put on virtual servers or clouds instead of having direct connections from the client. “You can then mobilize all the Air Force’s different business applications through a centralized mobile architecture, and that does the connectivity back to the thousands of back-end Air Force processing systems. You can use the cloud environment as a hub to kind of route that connectivity through.”
A virtualized back end also provides an operational security benefit. “It gives you a single access point where you can monitor traffic, and you're not allowing direct connectivity to your operational business systems," Wiseman said. "You have some way to monitor connection flows so someone's not trying to swamp your systems with thousands of mobile connections.”
EDCL’s back end is hosted on virtual servers that are specific to the GCSS-AF program’s infrastructure. But Wiseman said the Air Force is looking to put it into a more general-purpose cloud infrastructure. “This would be a private cloud within their network. That’s an emerging thing for the Air Force. Right now, it's kind of a program-specific infrastructure. But I think the model that the Air Force is looking to in the future is how we pull more and more of this into a private cloud hosted by the Air Force or hosted at DISA" on RACE.
Garing said he sees success for DISA’s enterprise service efforts in the near future. He said DISA should be able to deliver enterprise services such as e-mail and collaboration effectively on a low-cost seat-per-month basis. Alfred Rivera, director of DISA’s Computing Service Directorate, "is going to knock their socks off when he tells them what it’s going to cost,” Garing said.
Sean Gallagher is senior contributing editor for Defense Systems.