GovWin
B2G is moving!
Blogs posted after May 22, 2015 will be located on Deltek's central blog page at www.deltek.com/blog.
Just select the "B2G Essentials" blog to continue to receive this valuable content.
Takeaways from the New Army Cloud Computing Strategy

The Army Office of the Chief Information Officer/G-6 recently released its enterprise cloud computing strategy outlining the service’s concept for using cloud computing in the years ahead. The Army Cloud Computing Strategy (ACCS) reveals that the service remains committed to several basic steps that will enable it to deliver cloud-based capabilities across the enterprise.  These steps include:

  • Continuing to enhance the throughput capacity of its networks by implementing multi-protocol label switching routers.
  • Selecting applications that will either be killed or selected for migration to a cloud-based environment.
  • Utilizing data center services provided by the Defense Information Systems Agency to the furthest extent possible.
  • Expanding the development and deployment of cloud-based technologies for disconnected and tactical environments.
  • Ruthlessly standardizing IT hardware on common standards that comply with the Army’s various Common Operating Environments.
  • Implementing the governance processes and procedures necessary for selecting cloud services appropriate to the mission requirement being fulfilled.

In addition to formalizing the foundational aspects for Army’s adoption of cloud, the ACCS makes several things clear about the Army’s intended use of cloud that have implications for the acquisition of those services in the future.

First, cloud computing adoption in the Army will be overseen by the Army Application Migration Business Office – Product Director Enterprise Computing at the Program Executive Office Enterprise Information Systems. PD EC has been authorized to assist commands with the system and procurement planning necessary for moving applications to the cloud, meaning that vendors should keep close tabs on what’s happening there. It is worth thinking about how Army customers will acquire cloud services with PD EC designated as the coordinating organization. The acquisition of enterprise technology services is PEO EIS’ primary function, strongly suggesting that PD EC will either put a multiple award contract in place to provide vendor migration and other cloud services, or it will use vehicles that are pending and/or are already in place across government.

In this context the follow-on to IT Enterprise Solutions – 2 Services looms large. Not only are PEO EIS vehicles mandated for Army customers, the PEO is also looking for ways to streamline its contract operations. Adding cloud to the services provided by ITES vendors would effectively kill two birds with one stone by using a vehicle already in the process of being competed for the work. This said, the award of ITES-3S is a long way off and protests are guaranteed to hold it up even longer. PD EC is therefore likely to use other procurement tools, like GSA’s IT 70, the Alliant contracts, and/or a blanket purchase agreement to fulfill cloud requirements.

The second revelation from the ACCS is the first detailed listing I’ve seen of the types of systems that the DoD classifies as having a “low” data impact level. These systems, including testing and development efforts, library systems, and public websites are classified at data impact level 2 and are the most likely to be moved to the cloud first. After these systems, the bar rises fairly quickly to data impact level 4 for many training systems, morale systems, and lodging systems.

In short, being certified at the data impact “low” level isn’t likely to generate vendors much cloud business at the DoD. It is much more preferable to be certified at the moderate and high levels of 4 and above.  That is where the real money will be.

 

The Other JIE: Engineering the Mission Partner Environment

All eyes are currently focused on the Department of Defense’s efforts to engineer a Joint Information Environment that will enable the secure sharing of information across the DoD enterprise, as well as the delivery of enterprise services by both the Defense Information Systems Agency and, eventually, commercial cloud partners.  There is another network integration effort going at DISA, however, which receives significantly less attention, yet its importance to the future of U.S. national security is every bit as critical.  That effort is the transformation of the Multinational Information Sharing portfolio of programs into a new Mission Partner Environment.

The current MNIS portfolio consists of four capabilities:

  • The Combined Enterprise Regional Information Exchange System (CENTRIXS), which includes the Common Mission Network Transport (CMNT) backbone that enables the management of federated networks and provides common transport for encrypted traffic between mission partners.
  • The Pegasus System, which interconnects the National Command and Control systems of Australia, Canada, New Zealand, the United Kingdom, and the United States using cross domain solutions.
  • The Combined Federated Battle Laboratory Network (CFBLNet), which provides a controlled Research, Development, Trials, and Assessment coalition information sharing sandbox for evaluating new technologies and developing new tactics, techniques, and procedures (TTPs).
  • The Unclassified Information Sharing Service (UISS) All Partners Access (APAN) Network, which provides information sharing capabilities to mission partners, U.S. Combatant Commands, U.S. Government agencies, host nations, inter-governmental organizations, non-governmental organizations, and coalition partners.

Support services for these pieces of the MNIS are currently provided under a variety of contracts held by Harris (Cross Domain Solutions), CACI (Cross Domain Solutions), Raytheon (Engineering Support), Ingenium (Program Support), SAIC (Program Support), ViaSat (Cryptographic HW), Information Analysis (Connection Approval Process), and MCP Computer Products (DNS Management).

When engineering work is complete, the component parts of the MNIS will be merged into a single Mission Partner Environment that provides interoperable email, chat, video conferencing, VoIP, and other collaboration capabilities.  The MPE will also connect to the Joint Information Environment, providing access to data located throughout the Defense enterprise.


The projected Research, Development, Testing, and Enhancement (RDT&E) budget for work related to the MNIS totals $31.1 million over five years (FY 2015-2020), averaging approximately $6.2 million per year.

One piece of the puzzle not mentioned so far is the U.S. Battlefield Information Collection and Exploitation System – Extended (US BICES-X), which will also be part of the new MPE.  Budget data for US BICES-X was classified for FY 2015, so no numbers can be provided for it here.  Investigating BICES-X for potential future business opportunity should be on industry’s radar, however, as there may be requirements at Hill Air Force Base for cryptographic HW, engineering a VTC network, and integrating Intelligence, Surveillance, and Reconnaissance components from the Distributed Common Ground System and Defense Intelligence Information Enterprise.  Requirements for program office support and technical integration support may also be available, if these haven’t been awarded already.

Lastly, commercial cloud providers take note.  DISA intends to host the UISS-APAN system in a commercial cloud environment in FY 2016.  UISS-APAN is currently hosted in DISA’s Enterprise Service Center, part of its Defense Enterprise Computing Center, in Montgomery, Alabama.  Supporting vendors include Carahsoft, Exalt Integrated Technologies, Alvarez & Associates, and DLT Solutions, which provide Software and Documentation Localization licenses, DocAve software, Google Maps, and Google Translation software and support, respectively.  DISA intends to migrate UISS-APAN to a vendor-hosted Infrastructure-as-a-Service environment, meaning that if the procurement appears soon, there are but a few competitors certified by the DoD to provide hosting services.

 

DISA FY 2016 IT Budget Snapshot

Last week’s post took a look at Defense Working Capital Fund dollars that the Defense Information Systems Agency (DISA) anticipates Defense customers will spend with it in Fiscal Year 2016. This week’s post examines the formal portions of the information technology budget that DISA anticipates it will have in FY 2016, including funding it has requested for operations and maintenance, procurement, and research, development, modernization, and enhancement. The programs on which DISA forecasts spending the most under each category in FY 2016 will also be examined.

For its total IT budget in FY 2016, DISA has requested $3 billion.  This funding breaks out as follows:

Not surprisingly, the highest number of forecast dollars can be found in DISA’s Revolving and Management Funds account.  This account is where Defense Working Capital Fund spending is located, which is why it was the focus of last week’s post.  This week’s focus is on spending in the other three categories, beginning with operations and maintenance.

Breaking down O&M, we can see that not all of the programs receiving O&M funding are “programs,” per se. The White House Communications Agency (WHCA), for example, is part of the DISA organization.  The Defense Information Systems Network (DISN) is where much work related to Joint Information Environment is taking place, primarily, but not exclusively, under the GIG Services Management –Operations (GSM-O) and GIG Services Management – Engineering, Transition, and Implementation (GSM-ETI) contracts.  Spending on DoD mobility programs comes in at the far right of the spectrum, with $23 million in spending anticipated.

Moving to procurement, we see that new dollars for tech refreshment and other acquisitions are going into the DISN, SATCOM, and other transport-network related programs.  DISN investments focus primarily on the procurement of network switching (MPLS) and optical network equipment related to engineering the JIE.

DISA anticipates spending $0 on DoD mobility procurement in FY 2016.

This brings us to RDT&E funding, of which DISA has requested very little. There are no surprises here. The Joint Interoperability Test Command (JITC) receives most of the funding in this category. Some funding here goes to the DoD Mobility program for “tech insertion and the deployment of two Device Mobile Classified Capability (DMCC) gateways OCONUS which will include Top Secret (TS) and Secret capabilities in the Pacific and Southwest Asia.” Funding for the DISN will focus on the purchasing and testing of “optical and IP routers, switches, and Communications Security equipment” related to the upgrading of DISA’s optical network.

In conclusion, this snapshot of the FY 2016 DISA budget shows that engineering the DISN to provide the backbone for the Joint Information Environment will remain DISA’s highest priority in FY 2016, with funding spread out in all categories of IT spending – O&M, Procurement, and RDT&E.  DISA’s FY 2016 spending will remain heavy on communications and network equipment, with DISA personnel and service contractors already in place providing the support required to install and configure the equipment for the agency.

 

A Look at DISA’s FY 2016 Information Technology Budget

The Defense Information Systems Agency (DISA) is playing an increasingly important role in Defense IT, a role that is expected to grow with maturation of the Joint Information Environment (JIE).  Funding for DISA’s programs garners a lot of attention, therefore, as vendors seek to understand where contract dollars in the agency’s IT budget may be going and which Defense organizations are buying DISA’s services.  Today’s post takes a look at the broad outlines of DISA’s proposed budget for the upcoming fiscal year and breaks down some salient points vendors need to know.

DISA’s IT Budget in Context

Where does DISA’s IT budget fit into the broader Department of Defense IT budget request for FY 2016?  The chart below shows the Defense-Wide IT budget for fiscal years 2014 through 2016 alongside DISA’s IT budget for those same years.


As a reminder, the big drop in DISA’s FY 2015 IT budget was caused by a change in the way the DoD CIO calculates the Defense Working Capital Fund.  For FY 2015, funding is now identified in the ‘senders’ accounts (i.e., Defense customers) rather than the investment owner's (i.e., DISA’s) account. 

The FY 2015 calculation change aside, DISA’s proposed IT budget for FY 2016 shows a continuing decline despite the fact that most of the DoD is relying more on the agency for its services.  Overall, DISA’s IT budget is expected to decline from an estimated $3.19B in FY 2015 to $3B in FY 2016, a drop of $190M, or just under 6%.

New Orders from Defense Customers – Computing Services

Moving to the specific services that DISA provides, the chart below shows the orders for DISA’s computing services that Defense customers have placed (or are expected to place, as the case may be) from FY 2014 to FY 2016.


The computing services DISA supplies include Core Data Center services, DoD Enterprise Email, DoD Enterprise Portal Service, GIG Content Delivery Service, and the agency’s milCloud infrastructure service.  The data for these services reveals a few interesting trends.

First, both the Army and Air Force continue to use DISA-provided computing services more than the Navy.  DISA, however, expects orders from Air Force customers to drop in FY 2016, while those from Army customers will grow.  The implications of this are clear for Defense contractors – in FY 2016 the Army will spend less money on contracted efforts for computing services outside of DISA.  Conversely, the Air Force may be a better place to search for specific opportunities in this area.

Second, Defense-Wide appropriations are expected to nearly double, suggesting that the Defense Agencies are continuing to embrace the enterprise services provided by DISA under the JIE concept.

Third, Navy new orders are expected to decline slightly, from $44M in FY 2015 to $42M in 2016.  The Navy’s ongoing flat/declining use of DISA services continues to suggest the service will spend its computing services contract dollars with its big CANES and NGEN prime contractors.  The Marine Corps’ new orders are expected to grow slightly, up from $28M in FY 2015 to $33M in FY 2016.

New Orders from Defense Customers – Telecom/Enterprise Acquisition Services

Turning now to transport and enterprise acquisition services, which DISA reports in combination, the new order trends are similar to those in computing services.


Nearly all parts of DoD are expected to spend more with DISA in FY 2016 than they did in FY 2015.  Only the Navy ($571M in FY 2015 dropping to $569M in FY 2016) and Marines ($111M in FY 2015 dropping to $110M in FY 2016) show declines.  Dropping Navy/USMC spending is consistent with statements by officials from both services that they will continue to rely more heavily on their own networks rather than DISA’s for transport and communications services.

In conclusion, in FY 2016 DISA will continue to play the central role in the DoD’s new Joint Information Environment, with spending on its services by the MILDEPS dependent on the level of each department’s involvement in standing up the JIE.  Spending by the Army, Air Force, and Defense Agencies will continue to be the strongest, while spending by the Navy and Marine Corps continues to lag.

 

Software-Defined Networking: The Army Prepares to Reap the Rewards of Joint Modernization

For many years the U.S. Army has been the butt of jokes about the antiquated state of its information technology infrastructure.  Army personnel returning from deployments had better connectivity and IT services available to them in the field than they have in garrison and bandwidth into and out of Army camps, posts, and stations has been measured in megabytes, not gigabytes.  Dedicated Army IT professionals from the CIO/G-6 down to the Program Executive Offices have worked hard to change this situation by implementing initiatives like Defense Enterprise Email and by leading the move to a Joint Information Environment.  In doing so, they have changed the game for the U.S. Army and put the service in an excellent position to advance rapidly down the timeline of technology evolution.

Lest readers think I overstate the case for the Army’s advancements in modernizing its IT infrastructure, I refer them to a procurement that recently appeared.  The Global Enterprise Fabric acquisition (Solicitation #W91RUS15GEF1) demonstrates that the Army’s Network Enterprise Technology Command also sees the advancements that have been made.  NETCOM is seeking to take advantage of those advancements by implementing a software-defined infrastructure that enables centralized management of the JIE, Joint Regional Security Stacks, and Multi-Protocol Label Switching architecture.

That NETCOM is researching the possibility of implementing an enterprise SDN solution speaks volumes about how far the Army’s network modernization has come and where it is going.  The CONUS deployment of MPLS routers across the enterprise is targeted for completion sometime later this calendar year.  Similarly, the standing up of Joint Regional Security Stacks in the CONUS is also slated for later this year.  Add the Army’s recent transition to Defense Enterprise Email and you have a much more secure network with much higher bandwidth.  These network upgrades will also allow the Army to take advantage of cloud computing services offered by the Defense Information Systems Agency and commercial partners.

The Global Enterprise Fabric envisioned by NETCOM will help deliver computing enterprise services in three broad areas - Infrastructure-as-a-Service, Network Services, and Computer Network Defense – all of which are managed and monitored within a software-defined framework.  NETCOM’s turn to SDN is a harbinger of things to come across the DoD.  Deltek’s recent Emerging Federal Technology Markets, 2015 report documented that throughout the federal government two steps are leading agencies to SDN: modernizing IT infrastructure and planning for/adopting cloud computing. Cloud computing is not necessary for an agency to implement SDN, but in evolutionary terms the adoption (or desired adoption) of cloud may be decisive because it spurs on other foundational investments.

As agencies grow more comfortable with cloud computing, their adoption of SDN will increase or, as NETCOM’s Global Enterprise Fabric concept illustrates, their adoption of SDN and cloud computing will go hand-in-hand.  Herein lays the opportunity for those seeking new business.  Agencies already walking the path toward the cloud, particularly the use of Infrastructure-as-a-Service, will already have some idea of the viability of SDN.  Seek out those agencies making IaaS investments and you’ll find those most interested in discussing SDN as the next step.

 

The 2015 NDAA Mandates Open Architecture for Defense IT Systems

Provisions in the annual National Defense Authorization Act legislation affect the Defense sector of the federal information technology market over many years.  Consider, for example, the mandate in the FY 2012 NDAA calling for the Department of Defense to utilize cloud services provided by commercial partners.  The DoD has been working ever since to find a viable way of implementing this mandate.  The far-reaching impact of NDAA provisions thus make it imperative that federal contractors understand how the legislation will affect their business at the DoD in the future.
 
The FY 2015 NDAA promises to have a significant impact as it features an important provision calling for the DoD to adopt open architecture for all of its IT systems. Specifically, Section 801 calls for the Under Secretary of Defense for Acquisition, Technology, and Logistics to create a plan that “develops standards and defines architectures necessary to enable open systems approaches in the key mission areas.”  The discussion about using modular approaches to acquisitions has been evolving at the DoD for several years, resulting in a shift in the length and complexity of contracted efforts.  Rather than procuring a single end-to-end solution, Defense customers tend increasingly to initiate program procurements in increments.  These increments have shorter time spans and defined objectives that set parameters for the acquisition of the next increment. In Section 801, Congress gives this “modular” approach the weight of law, meaning vendors should expect to see even more short-duration, lower dollar value, limited objective procurements.
 
Equally important is the call for DoD to develop a strategy for using open architecture.  The department is currently in the process of creating a unified transport network based on internet protocol.  This may work well for newer systems, but thousands of legacy systems across the DoD remain locked in proprietary configurations.  A clause in Section 801 mandates that the USD AT&L submit a report which “outlines a process for the potential conversion [of legacy systems] to an open systems approach.” Engineering those systems to operate on an open architecture will unlock data, make the systems interoperable, and enable Defense customers to transition more easily from one IT support vendor to another.
 
If this sounds like the next, deeper level of the Joint Information Environment, you are right on target.  IT vendors should take heed and get ahead of the curve because in all probability open architecture is going to be a requirement for every unclassified (classified too?) solution that the DoD procures in the future.  If your solution isn’t open, it won’t be purchased.  End of story.
 
The open architecture requirement will also compel Defense customers to take a hard look at commercial cloud as an alternative.  Why spend money engineering an antiquated legacy system to operate on an open architecture when you can hire a vendor to host the data and implement a comparable, new interoperable system? 
 
In short, the 2015 NDAA should stimulate business opportunity at the DoD as funding locked in Operations and Maintenance funding for legacy systems moves into new efforts to re-engineer and/or cloud-enable those systems for use in an open architecture.

 

New JIE Requirements May Help the “Internet of Things” at the DoD

The “Internet of Things” (IoT) is a pretty common phrase these days, with the rapid-expanding interconnectivity of devices and sensors sending information across communications networks, all to achieve greater capabilities, effectiveness, efficiency, and flexibility.  The Department of Defense (DoD) clearly links the growth of emerging, interconnected technologies to the sustained superiority of U.S. defense capabilities, on and off the battlefield, so you could say that the IoT impacts defense IT at all levels.

The key to leveraging the IoT is in harnessing and integrating three key areas:

  • Information – Data from devices and sensors, (e.g. phone, camera, appliance, vehicle, GPS, etc.) and information from applications and systems, (e.g. social media, eCommerce, industrial systems, etc.) provide the content input.
  • Connectivity – Network connections via various wireless capabilities and communications backbones provide the transport links for aggregation and distribution. This facilitates the environment where data meets the power to use that data.
  • Processing – The computational capacity and capabilities to make the data content useful.  This may reside at the device and/or back end and ranges in complexity, (e.g. data analytics, etc.)

 


DoD Implications

The use of integrated networks to connect data with processing capacity to affect outcomes is far from a new idea at the DoD – it gave us much of the warfighting capabilities we have today. But technological evolution has resulted in a growing IoT mentality that goes beyond combat operations. One example is the establishment of the Air Force Installation Service Management Command (AFISMC) to coordinate management and maintenance of resources across Air Force bases and facilities. According to Air Force CTO Frank Konieczny, potential uses of IoT include facilities and vehicle management, logistics and transportation, integrated security, and robotics.

But pervasive connectivity is also creating security ramifications.  In the wake of a network security incident last year, the Navy launched Task Force Cyber Awakening (TFCA) in an effort to protect hardware and software Navy-wide as IoT engulfs everything from weapons systems to shipboard PA systems.

Importance of the JIE

The drive to leverage sensor technologies and data analytics that these technologies enable is a driving force behind the DoD’s Joint Information Environment (JIE) network modernization efforts, so the pace of sensor-based innovation is tied to the success of JIE efforts. Adding potentially tens of thousands of diverse Internet-connected objects to a network that then need to be managed and secured will require proactive IT governance policies to ensure effectiveness, and some provisions in recent law apply.

The FY 2015 National Defense Authorization Act (NDAA), passed just last month, requires the DoD CIO to develop processes and metrics within the next six months for measuring the operational effectiveness and efficiency of the JIE. Further, Congress is having the CIO identify a baseline architecture for the JIE and any information technology programs or other investments that support that architecture.

These requirements may stem, in part, from a desire to help formalize and oversee JIE as an investment program, but the resulting baseline architecture will help pave the way to further implement greater IoT capabilities. The data from sensor-based devices will only continue to grow, but to maximize its utility the DoD will need a successful JIE to connect and carry the information.

---
Originally published for Federal Industry Analysis: Analysts Perspectives Blog. Stay ahead of the competition by discovering more about 
GovWin FIA. Follow me on Twitter @GovWinSlye.

 

Emerging Federal Technology Markets – Areas to Watch

Can technological innovation drive federal IT investments, even in the midst of budget pressures? Absolutely. This is what we explore in our latest report on Emerging Federal Technology Markets.

Under long-term pressure to “do more with less,” federal agencies are leveraging current trends in federal IT – cloud, wireless networks, IPv6, and virtualization – to gradually adopt new technologies that enable cost savings and the more efficient use of IT resources. Some of my colleagues and I took a look at how these and other technologies are shaping federal IT investments today and in the future.

Federal Investments in Foundation Technologies will Drive Emerging Markets

Technological change and proliferation span the gamut when it comes to impacting federal agencies. Sensor technologies are being introduced to track facility energy consumption and enhance physical security, while software-defined infrastructure is being explored to eliminate bottlenecks that result from stovepiped systems and the growing volume of data. Machine learning technology is being tested to create “smart” networks that rely less on person-based administration. Tying it all together are predictive analytics, which agencies are using for a growing number of purposes, from forecasting network performance and enhancing cyber security to ferreting out waste, fraud, and abuse. The result is that today’s investments set the stage for tomorrow’s capabilities. (See graphic below.)


Key market factors shaping the federal IT landscape

Some of the major drivers and key findings from our research include:

  • The drive to leverage sensor technologies and the data analytics that these enable is a driving force behind agency network modernization efforts like the DoD’s Joint Information Environment. The pace of sensor-based innovation is tied to the success of these efforts.
  • Software-Defined Infrastructure (SDI) is more pervasive than generally believed, particularly at agencies with highly-evolved Infrastructure-as-a-Service offerings.
  • Federal interest in SDI is not hype; it is a genuine trend with a growing number of current and planned use examples across federal agencies.
  • The use of predictive analytics programs has expanded significantly across the federal government since FY 2010, making it a maturing, though niche, technology that is expected to have continued strong growth.
  • The inclusion of predictive analytics as an offering on GSA’s Alliant 2 and, potentially, NS2020 government-wide contracts should help it become regarded less as an exotic technology and more as a standardized commercial-off-the-shelf solution.

The modernization of agency IT environments is opening the doors to future investment in emerging technologies.  The convergence of agencies’ work on expanding wireless networks, deploying standardized, commodity hardware, and engineering Internet Protocol-based transport networks is enabling the introduction of new sensor technologies and software-based capabilities. The impact of emerging technology adoption will be to introduce greater efficiency and security to agency IT environments. 

To get our full perspective on Emerging Federal Technology Markets read the full report. 

---
Originally published for Federal Industry Analysis: Analysts Perspectives Blog. Stay ahead of the competition by discovering more about 
GovWin FIA. Follow me on Twitter @GovWinSlye.

FY 2015 National Defense Authorization Act (NDAA) Set to Pass

The National Defense Authorization Act (NDAA) for Fiscal Year 2015 has crossed a major hurdle to passage before the end of the calendar year as a House-Senate compromise bill has emerged. The final bill has implications for information technology acquisition and management at the Pentagon and beyond.

The legislation is a combination of two bills that each passed last May: HR 4435, which passed the full House, and S 2410, which passed in the Senate Armed Services Committee. As is typical, this year’s NDAA goes well beyond funding of national defense operations to include organizational and acquisition reform efforts and information technology priorities. Below is an overview of the high points of the bill.

Overview

  • Authorizes $521.3 billion in base discretionary defense spending and an additional $63.7 billion for Overseas Contingency Operations (OCO), reflecting the President’s initial request of $58.6 billion and the additional request of $5.1 billion to primarily cover counter-ISIL operations. The FY ‘15 NDAA is $48.0 billion less than the enacted FY ‘14 NDAA.
  • Does not reflect a proposed BRAC round as requested by the Administration, citing concerns that previous rounds did not yield the promised savings but rather imposed large up-front costs only to shift property between federal agencies. The current flux of military size and structure is also cited as a reason to postpone a BRAC round.
  • Selectively supports some White House proposals – like limited compensation increases for military personnel, including a for a pay freeze for General and Flag Officers – while adjusting others – like replacing a 5% reduction in basic allowance for housing (BAH) with a 1% decrease. This NDAA also blocks retirement of the A-10 aircraft, but provides for some reprogramming of those funds to higher priorities if needed.

Reform Efforts

  • Restores the Office of Net Assessment (ONA) to an independent status, reporting directly to the Secretary of Defense, and increases the ONA budget for FY ‘15 by $10 million to $18.9 million
  • Directs the SECDEF to report on the feasibility of reducing or consolidating combatant command functions by FY20 and a plan to implement a periodic review and analysis of management headquarters. This NDAA would also task GAO with assessing the DoD’s headquarter reduction efforts as part of GAO’s previous work assessing HQ growth.
  • Directs the Under Secretary for Acquisition, Technology, and Logistics, (USD (AT&L)) and senior acquisition executives for the Navy and the Air Force to issue DoD-wide policies implementing a standard checklist to be completed before issuing a solicitation for any new contract for services or exercising an option under an existing services contract. The FY ‘08 NDAA established an annual services contracts inventory requirement that DoD has yet to fully implement.
  • As a cost-control mechanism, the bill requires the Comptroller General to conduct a review of cases in which an acquisition program office believes that the Director of Operational Test and Evaluation has required testing above the required test plan.
  • Directs the SECDEF to provide the congressional defense committees with frequent reports on DoD’s damage assessment resulting from unauthorized disclosures of classified information and steps the Department is taking to mitigate the damage.
  • Provides for an overhaul of the Quadrennial Defense Review (QDR) process to produce a new Defense Strategy Review that is more long-term and strategic in nature and a more useful oversight tool.

Information Technology and Cyber Operations

  • Directs the President to maintain a list of nation-states or individuals that engage in economic or industrial espionage using cyber tools, and allows for the President to impose sanctions on such individuals or nation-states
  • Directs the SECDEF to designate an executive agency for cyber test ranges and another for cyber training ranges to better coordinate and resource each
  • Requires the development of a Major Force Program for cyber to better account for the budgeting and resourcing of cyber operations capabilities
  • Requires mandatory reporting on penetrations of operationally critical contractor networks
  • Requires the development and implementation of operational metrics for the performance of the Joint Information Environment (JIE)
  • Implements the Federal Information Technology Reform Act (FITARA) that has stalled and been removed from last year’s NDAA, according to Nextgov. FITARA will give additional budgetary and management authorities to agency CIOs, although no so much in the DoD. Nextgov also notes that the NDAA also supports federal data center consolidation efforts, the DoD’s move to cloud computing, and a plan to expand the use special IT acquisition experts.

While the final bill still needs to pass both the full House and Senate and be signed by the president, the FITARA provisions should not be a major reason for a presidential veto, according to a Federal News Radio interview with some members of Congress.  

---
Originally published for Federal Industry Analysis: Analysts Perspectives Blog. Stay ahead of the competition by discovering more about 
GovWin FIA. Follow me on Twitter @GovWinSlye.

 

Capacity on Demand: The Next Phase of Defense Cloud Adoption?

If one thing has become clear over the last few months concerning the Department of Defense’s plan to use commercial cloud services, it is that Infrastructure-as-a-Service (IaaS) providers will have more near-term business opportunities available to them than any other type of provider.  The DoD may seek out specific kinds of applications offered by commercial partners on a Software-as-a-Service (SaaS) basis (think analytics, cyber security, unified communications, network management, etc.), but the evidence points to infrastructure providers deriving the highest demand and earning the highest profits.

The evidence I refer to is pretty straightforward.

First, the DoD is awash in duplicative applications.  The Army alone, according to Doug Wiltsie, the Army’s Program Executive Officer Enterprise Information Systems, has as many as 25,000 applications that must be de-duplicated, decommissioned, and migrated to the DoD Core Data Centers provided by the Defense Information Systems Agency (DISA).  The situation is similar in the Air Force, with as many as 8,000 apps in need of rationalization, and Navy, which seeks to cut its 7,000 applications in half.  That’s 40,000 applications the DoD has, not counting other defense agencies.  You can see why buying new apps is not a priority for the department.

Second, so far DISA’s Enterprise Cloud Broker Program Management Office has approved Amazon Web Services, CGI Federal, and Autonomic Resources to run cloud services for DoD customers.  Unless I am mistaken, all of these are cloud hosting vendors that provide massive computing and storage infrastructure.

Third, and finally, one of the major thrusts behind the establishment of the Joint Information Environment is to remove throughput limits as a roadblock.  Eliminating bandwidth constraints goes hand-in-hand with using commercial services for capacity on demand, since greater bandwidth enables expanded use of enterprise services, including analytics, and greater ability to “surge” data across the network as it is required.  To again cite comments recently made by PEO EIS Wiltsie, the Army requires commercial capacity enhancement for a number of purposes, including end of year auditing activities related to Enterprise Resource Planning programs and to reduce costs that the Army is currently passing on to DISA.

Given the evidence above it seems likely a veritable tidal wave of DoD requirements for commercial IaaS services is on the way.  As always, it is useful to watch what Army’s PEO EIS does, as well as what its leadership says.  In first quarter of this fiscal year, EIS released market research requesting industry feedback on, you guessed it, Information Technology Capacity on Demand (ICOD).  The ICOD RFI sought to “identify potential sources capable of providing a capacity processing infrastructure / solution required to deliver on-demand IT capacity for a variety of application and processing environments.”  Information gathered from the ICOD RFI will probably be used to establish a baseline understanding of the commercial landscape; call it creating a “stable” of potential commercial partners, if you’d like.

As the number of cloud services providers receiving FedRAMP and DISA Cloud PMO ATOs increases, the likelihood that Requests for Proposals related to application migration and hosting services for DoD will also grow.  DoD use of DISA’s milCloud solution will have to grow first, however, and reach a mass critical enough for DoD customers to confidently use commercial partners.  By critical mass I mean enabling Defense applications for the cloud using DISA’s Orchestrator tool.  Once DISA has proven that apps migrated to the cloud are on a cloud footing, expect them to flood back out into the waiting arms of approved commercial providers.

In effect, DISA is acting as the DoD’s cloud gatekeeper and way-station for putting Defense applications on a cloud footing.  Engineering applications to function in a cloud environment is essential for protecting the data they handle.  DISA will do this via its automated solution, determine the data impact level the data falls under, and then use one acquisition vehicle or another to farm out management of the approved, engineered capability to industry.  It’s not a cheap way of doing things, but it does address the DoD’s concerns about data security while also ensuring that the department complies with legislative mandates for it to utilize commercial cloud providers. 

 

More Entries