B2G is moving!
Blogs posted after May 22, 2015 will be located on Deltek's central blog page at
Just select the "B2G Essentials" blog to continue to receive this valuable content.
Enabling the JIE: A Look at the Mission Partner Environment

The last month and a half has seen the announcement of important changes to the Defense Information Systems Agency’s approach to rolling out the new Joint Information Environment.  Formerly an initiative divided into three increments, the JIE has been transformed into a global engineering effort divided into regions of work.  Like a runner gathering speed, DISA has found its footing and transferred incremental momentum in multiple efforts taking place simultaneously.  Speed is the name of the game here as DISA  moves toward its desired end-state for the JIE.

Within this context it’s practically impossible to keep track of what is happening where and when.  Adding to the confusion is the use of contracts for the work that are already in place.  Vendors already working at DISA are benefitting from their close proximity, while those seeking work with the agency are struggling to understand where competitive opportunities can be found.  Today’s post attempts to make sense of the new Mission Partner Environment, a part of what was formerly called “JIE Increment 2,” in an effort to clarify where funding is going and where opportunity related to it might be found.

What Is the Mission Partner Environment?

DISA defines the MPE as an “operating environment that leverages U.S. and mission partner information technology infrastructures with integrating capabilities to realize the DoD JIE framework.”  There are several pieces to this environment that are already in place and which are being engineered to enable the interoperability and security benefits of the JIE.  These pieces are:

  • The Combined Enterprise Regional Information Exchange System (CENTRIXS)
  • The Combined Federated Battle Lab Network (CFBLNet)
  • Pegasus (formerly Griffin)
  • The Unclassified Information Sharing Service-All Partner Access Network (UISS-APAN)
  • The Common Mission Network Transport (CMNT)
  • The United States Battlefield Information Collection and Exploitation Systems (US BICES) Program

Work related to every element listed above, except US BICES, falls under the overall rubric of the Multi-National Information Sharing (MNIS) Service. 

In FY 2015, DISA plans to reprioritize “MNIS investments to address PACOM near-term requirements for expanded Coalition connectivity in their AOR.”  As DISA notes in its Strategic Plan for FY 2014-2019, MNIS will provide the material solution required for the foundation of the MPE.  In short, additional resources will flow to MNIS to enable the JIE in the Pacific (i.e., what was once known as JIE Increment 2).

To put numbers around all of this, DISA has requested $53.5 million in FY 2015 for work related to MNIS.  This compares to $48.3 million in the FY 2014 budget, a rise of 11%.

Contractors Doing the Work

Multiple contractors have provided support for the MNIS Program over the years.  Table 1 below shows those that DISA lists as currently active.  This list should not be considered exhaustive.  However, it does provide insight into where the $53.5 million slated for MNIS in FY 2015 will be going.

Related Opportunities?

Turning to the possibility of new business developing from the effort to transform various MNIS Program elements into a unified Mission Partner Environment consistent with the JIE, the currently available opportunities are few and far between.

  • DISA recently released a solicitation for MNIS Service Strategy and Support to assist the MNIS PMO with planning and technical services.  The awarded contract will be a small business follow-on to an ENCORE II Task Order held by HP Enterprise Services.
  • IT Support Services for the US BICES Program offers considerably more promise for vendors who can compete in the Classified arena.  A draft RFP has been released for this effort, but one will need access to the ARC Procurement System to see it.
  • Lastly, there may be work related to the migration of the UISS-APAN capability to a cloud environment.  Whether this will be DISA’s milCloud or a commercial environment is known only to insiders.  My thought is that migration to a commercial host is a long-shot given the small number of Cloud Service Providers certified by DISA at current data impact levels 1-2.  This said, some DISA officials have speculated in the recent past that APAN is a viable candidate for hosting in a commercial setting, so there is a slight chance here.

In conclusion, welcome to the brave new world of the JIE, where the majority of the work goes to entrenched incumbents via obligations in the DoD’s Operations and Maintenance budget.  It is the use of this procurement/engineering strategy that has both accelerated the implementation of the JIE and obscured how it is being funded.


DISA’s FY 2014-2019 Strategic Plan: Observations & Implications

Basing business decisions on an agency strategic plan can be tricky.  All too often the goals and objectives stated by an agency in the plans are either never met or they take years to manifest as business opportunities.  Those observations are probably valid in regard to the Defense Information Systems Agency’s latest Strategic Plan for the next five fiscal years.  However, given the increasingly central role that DISA is playing in Defense IT, I feel compelled to point out some of the plan’s implications for IT vendors in case they translate into acquisitio

It’s All About the JIE

Not surprisingly, DISA’s strategic plan focuses heavily on development of the Joint Information Environment.  For the uninitiated (believe it or not there are still a few of them kicking around!), the JIE is a multi-year effort directed at creating a common operating environment across the Department of Defense.  The effort centers on engineering a secure transport environment that leverages Internet Protocol technology for the delivery of capabilities and services.  This environment also unifies identity management and network monitoring capabilities into Joint Regional Security Stacks, providing a Single Security Architecture that the DoD argues is more defensible than the multiple, stovepiped network environment that currently exists.  The final piece of the puzzle is enterprise services, which DISA will deliver on a cloud-basis via both government and industry hosted clouds.  The industry part of that latter JIE element has been slow to develop, but DISA promises this will change in coming years.

In summary, there are three major areas of investment related to the JIE – transport infrastructure, cyber security, and cloud services.  Today’s post focuses on the first of these - modernization of the DoD’s transport infrastructure.

Transport Infrastructure

The Plan – “Normalize Networks with common standards … to eliminate excess redundancy and legacy non-IP services; Standardize and consolidate computing infrastructure to maximize utilization of fiscal resources.”

My Take – “Common standards” and “maximize utilization of fiscal resources” is best interpreted as commoditization of IT hardware purchased through contract vehicles already in place at the lowest possible cost.  By necessity this strategy limits competitively available opportunities to vendors already doing the work.  At DISA this would include those holding contracts for O&M of the Defense Information System Network (DISN), as well as Global Information Grid Services Management Engineering, Transition, and Implementation (GSM-ETI) and GSM-Operations contracts.  In the Army, the main beneficiaries are those providing network engineering support in the areas of European Command/Africa Command and at Camp Humphreys in South Korea.  Included among these would also be those holding Infrastructure Modernization (IMOD) contracts.

DISA, along with other federal agencies, has realized that IT transport hardware has become so inexpensive that by utilizing a targeted strategy which installs the new hardware at critical points in the network, it is able to boost bandwidth and “normalize” networks at relatively low cost.  This is a trend I would expect to see spread to more federal agencies.

The Plan – “Establish an Airborne – Intelligence, Surveillance, and Reconnaissance (A-ISR) Transport Service.”

The Plan – “Ensure DoD’s access to [electromagnetic] spectrum [that will] lead the development of … an architecture to transform Spectrum Management (SM) to support future cloud based operations and warfare. Implement, integrate, and improve cloud-based SM services/capabilities and influence/facilitate the implementation of emerging spectrum technologies.”

My Take – Demands for more spectrum bandwidth to deliver enterprise services have increased exponentially in recent years despite the withdrawal of U.S. military forces from Iraq and Afghanistan.  In line with the Anti-Access/Area Denial (A2/AD) tenets of the Air Sea Battle operational concept, a rising percentage of this demand has centered on satellite communications and, recently, on aerial platforms.  These objectives in DISA’s strategic plan suggest the agency will be investing in aerial ISR platforms and in cloud-based capabilities to better manage electromagnetic spectrum.  If DISA also requires architecture to enable these cloud-based capabilities, it also suggests commercial engineering support will also be procured.

In short, these few lines from DISA’s strategic plan indicate that opportunity at the agency will be available for vendors across the range of IT goods and services.  Transport hardware investments will move to Air Force and Navy providers as the next regional phase of the JIE shifts into gear in the Pacific.  Transport hardware will also be required for the A-ISR investment and, presumably, for cloud-based spectrum management as well.  Software vendors providing cloud-based spectrum management capabilities (this is a rapidly evolving technology area!) will also find interest at DISA and those experienced in engineering services for the cloud will also find opportunities to compete.

DISA’s FY 2015 IT Budget: Implications for Industry

The Defense Information Systems Agency (DISA) is playing an increasingly important role in Defense IT, a role that is expected to grow with maturation of the Joint Information Environment (JIE).  Funding for DISA’s programs garners a lot of attention, therefore, as vendors seek to understand where contract dollars in the agency’s IT budget may be going and which Defense organizations are buying DISA’s services.  Today’s post takes a look at the broad outlines of DISA’s budget for upcoming fiscal year 2015 and breaks down some salient points vendors need to know.

DISA’s IT Budget in Context

Before diving into the numbers it’s worth taking some time to understand where DISA’s IT budget fits into the broader IT budget for the Department of Defense.  Figure 1 below shows the Defense-Wide IT budgets for FY 2014 and 2015 alongside DISA’s IT budget for those same years.

Why the big drop in DISA’s FY 2015 IT budget if the agency is assuming a bigger role providing enterprise IT services?  Simple, it’s because the DoD CIO changed the way it calculates the Defense Working Capital Fund in the FY 2015 budget.  For FY 2015, funding is now identified in the ‘senders’ accounts (i.e., Defense customers) rather than the investment owner's (i.e., DISA’s) account.  Therefore, the FY 2015 IT budget number for DISA shown in Figure 1 includes $1.85B for the Defense Working Capital Fund.  In FY 2014 this number was $3.9B because it included operations costs for investments not under DISA’s operational control.

Assuming, however, that the proportion of operational costs reflected in DISA’s FY 2015 number were roughly the same in FY 2014, we can conclude that DISA’s IT budget typically makes up 29% of the total Defense-Wide IT budget annually.

Defense Customer Appropriations – Computing Services

Moving now to the specific services that DISA provides, Figure 2 shows what Defense customers have “appropriated” (i.e., spent) or intend to spend on DISA’s computing services from FY 2013 to FY 2015.  The computing services DISA supplies include Core Data Center services, DoD Enterprise Email, DoD Enterprise Portal Service, GIG Content Delivery Service, and the agency’s new milCloud infrastructure service.  The data for these services reveals a few interesting trends.

First, Army and Air Force appropriations have jumped significantly in the last two years.  This should come as no surprise both Services have fallen solidly behind implementing the JIE.  Army’s appropriations will rise by 52% from $112M to a projected $170M.  Air Force’s appropriations show a slightly larger increase percentage-wise, rising 52.5% from $101M to a projected $154M over the same period.

Second, Defense-Wide appropriations show massive jump on a percentage basis of 132%, from $25M to a projected $58M, indicating that the Defense Agencies are also enthusiastically embracing the enterprise services provided by DISA under the JIE concept.

Third, Navy and Marine Corps appropriations register as relatively flat or declining.  In the Marine Corps’ case, there is a small jump of 3.6% from $28M in FY 2014 to a projected $29M in FY 2015.  Conversely, Navy appropriations show a modest increase of 3% over the same period from $32M in FY 2014 to a projected $33M in FY 2015.  It is worth noting, however, that from FY 2013 to FY 2015, Navy appropriations show a decrease of 5.7%, from $35M to a projected $33M.

In short, while Navy officials may publicly toe the line with respect to the JIE and enterprise services provided by DISA, the data does not reflect growing support financially.  If anything, the data reflects the Navy’s intent to continue down its own path with NGEN.

Defense Customer Appropriations – Telecom/Enterprise Acquisition Services

Turning now to DISA’s transport and enterprise acquisition services, Defense customer appropriations show trends similar to those in computing services.  As Figure 3 shows, use of DISA for telecom and acquisition support has risen significantly over the last three years.

Army’s appropriations show the greatest growth, rising 38.5%, from $1.55B in FY 2013 to a projected $2.1B in FY 2015.  Air Force’s appropriations over the same period show similar growth, rising roughly 30% from $1B in FY 2013 to a projected $1.3B in FY 2015.  Even Navy’s use of DISA transport and acquisition services has increased, rising 10.3% from $560M in FY 2013 to a projected $618M in FY 2015.  Finally, growth of Defense-Wide appropriations has also accelerated, rising 8.5% from $423M in FY 2013 to a projected $459M in FY 2015.


The data discussed above has several implications that are critical for vendors:

First, the DoD’s shift to enterprise IT services and rollout of the JIE is real.  This trend has momentum and is expected to accelerate.  Even contracting is being affected.  For example, anyone following Army procurements in particular (i.e., Unified Capabilities) has noticed the shift toward using DISA’s contracting services more frequently.

Second, a greater, in some cases much greater, percentage of Defense IT dollars are being spent at DISA and not on contracts with vendors.  Army, for example, is projected to spend $2.3B with DISA in FY 2015 while Air Force is projected to spend $1.46B and Navy is projected to spend $651M.  This is real money being taken out of the Defense IT market.  Those who benefit are vendors already working at DISA.  Given the amount of funding flowing into DISA, the agency is rapidly becoming the number one recommended focus for business development related activity.  Any company seeking to sustain itself in the IT business at DoD must devote more time, funding, and staff to developing relationships and shaping requirements at DISA.

Third, for the time being the Navy is an exception to this trend, as it continues to chart its own course.  Navy is already proving this with its use of Amazon Web Services to host large collections of unclassified data.  This situation may change in the near future, if comments by Navy officials are any indication.  Until then the potential business opportunity is greater with Navy than with the other Military Departments.



The Latest on DoD Unified Capabilities Implementation from the JIE Mission Partners Symposium

Last week in this space I provided an update on cloud computing and enterprise services at the DoD that were discussed at the recent JIE Mission Partners Symposium in Baltimore.  This week the focus turns to Unified Capabilities (UC).  When it comes to the procurement of UC not much has happened since my last post on the subject back in December 2012.  The Army’s Program Executive Office Enterprise Information Systems (PEO EIS) conducted a series of Requests for Information for the capability and it has now turned over responsibility for the acquisition to the Defense Information Systems Agency (DISA).  The Army and DISA have made progress, on the other hand, implementing the Internet Protocol (IP) based infrastructure required for enterprise UC.  This infrastructure consists largely of installing Multi-Protocol Label Switching routers in global JIE “regions” (at this point primarily Europe and the CONUS, with the Pacific pending).

Most interested commercial parties are keeping a keen eye on the UC procurement because it is the acquisition immediately in front of them.  The symposium made clear, however, that infrastructure matters.  Basically, the infrastructure effort is helping to dictate the procurement schedule and eventual rollout date for UC. 

For example, DISA Director, Lieutenant General Ronnie Hawkins, kicked off the conference by stating that continuing the planning stages for UC will be one of DISA’s primary focus areas for the next six months.  Lieutenant General Robert Ferrell, the Army’s CIO/G6, repeated this timeline the following day, noting that the Army anticipates rolling out the first stages of UC in fiscal 2015.  FY 2015 is only 5 months away, suggesting to me that industry won’t see a Request for Proposal for UC until the first third of FY 2015 at the earliest.

This timeframe was further reinforced by PEO EIS Doug Wiltsie, who noted that EIS had just finished reviewing the 53 industry responses they’d received for the UC RFIs.  Responsibility for the UC procurement is being transferred to DISA, which is still in the process of assigning acquisition personnel.  All of this suggests that industry is months away from seeing an RFP, a timeframe that would be consistent with what General Hawkins stated.

As for how UC will be rolled out, this too will take place in phases.  DISA CIO Dave Bennett reported DISA’s intent to push out the new UC capability across DISA headquarters as a pilot in the first stage of implementation.  The reason for doing this is to work out bugs and determine next steps forward.

Doug Wiltsie added that UC is one of the largest efforts that the DoD/Army community is trying to get its arms around.  The scale of the challenge is daunting, with the potential for an estimated 3 to 4 million users of UC across the DoD.

Finally, there was some news in regard to UC and cloud computing.  Wiltsie noted that the Army is working with the National Security Agency to finalize security requirements that will allow a commercial data center to be used for some elements of DoD UC.  These elements are expected to be those that are ordinary use and which generally have a lower security threshold.  So, it is possible that the UC application eventually selected will include capability by the vendor to also host pieces of the solution.


Update on Defense Cloud Computing from the JIE Mission Partners Symposium

Recently the professional association AFCEA hosted a major conference at the Baltimore Convention Center on the future of the Defense Department’s Joint Information Environment.  The JIE, as it’s known in acronym land, is a major DoD effort to engineer a common operating environment for the Defense community.  This effort currently focuses on two areas: installing new network hardware equipment to boost bandwidth globally and implementing a Single Security Architecture that’s easier for the DoD to defend.  Improving security is a critical reason for implementing the JIE, but from a fiscal perspective enabling the Defense community to use a host of shared enterprise services via a unified infrastructure is perhaps the most important rationale.  Put simply, the DoD cannot afford business as usual given the expense of maintaining countless redundant applications in stovepiped environments.

In this context cloud computing plays an important role in the DoD’s plans.  Contrary to what one typically reads in the trade press, the DoD has not stood still when it comes to finding ways for Defense customers to employ cloud solutions.  Lieutenant General Ronnie Hawkins, Director of the Defense Information Systems Agency (DISA), set the tone early in the Symposium by blowing up the myth that his agency’s development of its own cloud environment, dubbed the milCloud, is an end-run around industry.  “[The] reality is,” Hawkins noted, “that more than 60% of milCloud is run by industry partners and more than 80% of the Defense Information Systems Network (DISN) is run by industry partners.”  In making this point, General Hawkins gave voice to something I’ve argued in this blog for more than a year; namely, that the DoD is making progress using cloud computing largely behind the scenes.

On the second day of the conference, John Hale, Chief of Strategic Planning for Enterprise Services at DISA, provided details on where opportunities in the milCloud might present themselves to cloud service providers.  Hale described enterprise services in the milCloud that DISA currently provides, including Defense Enterprise Email, the Defense Enterprise Portal Service, Defense Connect Online, and Enterprise Directory Services.  He noted, however, that hosting of these services in the future will not necessarily reside in the DISA’s Defense Enterprise Computing Centers (DECCs).

There is the potential of “more outsourcing to commercial partners coming,” Hale said; with the goal of making “blended use of enterprise services across the DoD,” including both commercial and DoD providers. 

The best example of this approach that Hale could provide is DEE, the hosting of which DISA intends to outsource to a commercial provider in the future.  Hale said industry should expect a “huge shift” to commercial providers over the next 2-3 years.  This shift will take place once current network consolidation efforts are completed to a satisfactory degree and once additional commercial providers receive the Authority to Operate (ATO) from DISA.  Lastly, concerning how commercial cloud services will be procured, Hale expects DISA will “use a multi-pronged approach” that leverages a revamped version of the Commercial Cloud Services Provider contract vehicle in tandem with various Blanket Purchase Agreements it awards.

In conclusion, although a little patience might be required, the opportunity looks good in the next few years for cloud service providers to compete for significant business at DISA.


DoD Cloud Innovation, Part 2: Cloud-Enabled Modular Services

Last week’s post examined research related to mobile cloudlets as part of cloud computing innovation at the Department of Defense.  This week’s post continues the focus on cloud innovation by diving into work the DoD has contracted for cloud-enabled modular services related to expanding use of virtual training solutions.
Multiple trends have driven a shift over the last decade toward greater use of virtual training by the Military Departments.  First, evolving technology has provided warfighters with the ability to train in virtual environments using mobile devices, sensors, greater throughout capability, and back-end tremendous computing power for modeling and simulation applications.  Second, fiscal necessity has made the use of enterprise technological solutions imperative.  Both of these trends should gather strength in fiscal 2015 and beyond.
The Evolution of Joint Training
Way back in 2002, as a result of the exercise Millennium Challenge, a concept for Joint, Live, Virtual, Constructive (JLVC) training emerged at the DoD.  This concept evolved over the next decade into the JLVC 2020, a next-generation approach to training that emphasized the use of modular modeling and simulation services hosted in a cloud environment.  The idea behind the modular approach was to provide a standardized, flexible, and reusable training solution that promised significant cost reductions across the department.  The hosting of modules in a cloud environment further maximized the possibility of reuse beyond the confines of training-specific simulation centers, to include even coalition and NATO partners.  In short, all of the Services could be on the same page when it came to the training they experienced, thus enhancing the “joint” nature of contemporary military operations.
Current State and Work Ahead
The road to cloud-enabling JLVC 2020 is a long one that will require a budgetary commitment of approximately $75+ million over the period FY 2014 to FY 2018, according to one estimate from 2012.
Efforts currently underway include:
  • Continuing development and refinement of the JLVC 2020 strategy, roadmap, and conceptual design coordinated with the Services, Combatant Commands, coalition partners, agencies, and DOD modeling and simulation community to deliver a future joint training environment reliant on cloud-enabled modular services.  Initial capability is expected in FY 2016 and full operational capability in FY 2019.
  • Continuing construction of the Joint Training Enterprise Architecture decomposing modeling and simulation, networking, and IT applications into a cloud-enabled modular service supporting Combatant Command and Service joint training requirements.
  • Conducting JLVC 2020 Integration Events #2 and #3 to prepare for initial limited operational capability.
This work will be carried out in parallel with the standing up of the DoD’s Joint Information Environment.  In fact, the creation of the JIE is a driving force behind the joint training concept as it provides the infrastructure across which cloud-based “Simulation-as-a-Service” will be delivered.  DoD budget documents note that the Cloud-Enabled Modular Services for JLVC 2020, or CEMS, for short, will be hosted in the “JIE cloud.”  This likely means DISA’s new milCloud capability.  However, as DISA continues to certify commercial infrastructure providers, vendors there is always the possibility that the DoD will move JLVC 2020 to a commercially-hosted environment.
Lastly, who’s doing the work providing the CEMS for JLVC 2020?  The available evidence points to a single contractor – Roland & Associates – the builder of the Joint Theater Level Simulation (JTLS) capabilities that are to be transitioned into CEMS through reuse of as much JTLS algorithms and parametric data as possible.


Where DME Dollars are Going in FY 2015 Defense-Wide IT Funding

In last week’s post, I provided an analysis of “net new” IT funding in the Army’s budget request for fiscal year 2015.  This week’s post shifts the perspective a bit to take a look at IT development, modernization, and enhancement (DME) funding in the Defense Agencies for FY 2015.  Net new funding, defined as DME dollars slated in FY 2015 for programs that received zero total dollars in FY 2014, will not be part of the equation this week for the simple reason that there is none.  Yes, you read that correctly.  The Defense Agencies will have $0 in net new IT funding in FY 2015, making it critical that vendors focus business development efforts on existing Defense-Wide programs receiving DME and/or operations and maintenance dollars.

Top Ten Defense-Wide Programs Receiving DME Funding

DME funding for the top ten Defense-Wide programs in FY 2015 totals $673 million, up $144 million from total DME funding in FY 2014 of $529 million for these same programs.  Looking at the list, it is clear that DoD intends to fund the following priorities:

  • Health IT/Defense Health Modernization
  • Joint Information Environment (JIE)
  • Command and Control
  • Financial Management/ERP

Health IT/Defense Health Modernization

The presence of three major health IT initiatives sticks out prominently.  Funding for the DoD Healthcare Management System Modernization probably reflects the fact that the government anticipates it will make an award for the DHMSM effort at least partway through FY 2015.  Curiously, the Integrated Electronic Health Record Increment 1 effort, now called the Defense Medical Information Exchange (DMIX), anticipates receiving $82 million in DME funding despite the fact that the DoD expects the program will enter sustainment by FY 2015.  The $53 million requested for the second increment of the Theater Medical Information Program (TMIP) will fund a host of installation, integration, and testing efforts.

Joint Information Environment (JIE)

Another program in the top ten list is the Defense Information System Network (DISN), with $104 million in requested FY 2015 DME funding.  As the DoD’s primary transport network, the DISN is central to standing up the Joint Information Environment.  Activities to be funded in FY 2015 include the ongoing refresh of network hardware to enable Internet Protocol-based communications, additional network testing, and a focus on expanding the classified optical transport network and classified unified capabilities in the area of responsibility of U.S. Pacific Command.  Similarly, the activities of the Joint Interoperability Test Command (JITC) are increasingly important for the future success of the JIE.  The JITC is the DoD’s command organization responsible for certifying interoperability across components, making its efforts central to the effective operation of the JIE.  Funding for the JITC will be down in FY 2015, in part because of delays in the evolution of testing and evaluation methodology for the JIE.  Lastly, the DoD CIO Programs line is also focused heavily on developing the policy framework for supporting the JIE, including expanding the use of advanced analytics and cloud computing.

Command and Control

Three areas of investment make up funding for command and control.  The first is C4IAS, for which $40 million has been requested.  Funding for C4IAS reflects an ongoing shift at the DoD toward a greater reliance on Special Operations Forces globally.  The investment provides command and control and information sharing capabilities from the garrison to tactical environments by incorporating local and wide area networks into a unified enterprise network.  Requested funding for the Global Command and Control System – Joint comes in slightly under that for C4IAS at $39 million.  GCCS-J is an older system currently in sustainment.  However, it is also being modernized to enable greater use by the joint force.  Investment in GCCS-J illustrates the increasing importance the DoD is placing on joint operations.  Similarly, funding for the Teleport Generation 3 investment is joint-focused, “replacing obsolete and end of life equipment with new, more capable equipment that supports [greater] throughput requirements” for a network-enabled force.

Financial Management/ERP

The final investment rounding out the top ten is the second increment of the Defense Agencies Initiative.  Funding for the DAI indicates DoD’s ongoing drive to achieve a clean audit by FY 2017.  This is a program driven by Congressional mandate, signifying to vendors the importance of knowing how legislative requirements can translate into Defense spending.  In the current environment knowing these requirements is about as close to a sure thing as anyone can ask for.




Security Concerns Hold Up DISA’s Commercial Cloud Procurement

On a recent snowy Tuesday while many of us were stuck in the house due to the weather and even the federal government was closed, AFCEA DC held its January Monthly Luncheon with several officials from the Defense Information Systems Agency (DISA).  The big topic at the luncheon was the status of DISA’s commercial cloud computing procurement.  Toward the end of the last fiscal year DISA delayed the release of the cloud solicitation to reassess the demand for cloud services within the Department of Defense.  Public details on what was being reassessed were not available until this AFCEA luncheon and as the panel made clear the list of subjects under consideration is extensive.

Dave Mihelcic, the agency’s Chief Technology Officer, informed industry that properly addressing security requirements is a big hurdle for DISA.  Basically, the agency doubts a one-size-fits-all approach to the cloud acquisition will work.  DISA will instead tailor the prospective contracts to suit all six levels of security requirements outlined in its recently announced cloud security model.  Tony Montemarano, DISA’s Director of Strategic Planning and Information, added that the small number of available Federal Risk and Authorization Management Program (FedRAMP) compliant commercial solutions was further complicating the acquisition.  The problem is too few companies currently meet DISA’s security needs, creating a choke point that hampers the agency’s ability to procure the solutions it requires.

Then there is the requirement imposed by U.S. Cyber Command that the agency be able to understand exactly what's happening if/when there's an anomaly in the cloud provider’s network and determine a fix as quickly as possible.  As Montemarano noted, there is concern about the impact on day-to-day network operations of taking data and computing capacity that's currently housed within the military and placing it in outside servers that the department's cyber workforce might not have complete visibility into.

The speakers added several other concerns, including the need to develop criteria for identifying applications that are commercial cloud eligible and reforming cumbersome policy barriers that severely slow the pace of migrating applications to the cloud.  These concerns, while serious, took a back seat to the far more complicated security requirements.

Major Takeaways

The panelists’ comments contained several potentially important implications for the DoD’s use of commercial cloud solutions.

  • First, security requirements for handling data at 6 different levels of classification, and for using different service delivery types (SaaS, PaaS, and IaaS), are seriously complicating the acquisition.  The contract(s) put into place must provide DoD customers with flexible solutions that accommodate varying levels of need.  To me this says that the commercial cloud program will either be carved into multiple procurements competed separately based on data classification levels or be implemented as a single acquisition with multiple vendors selected to provide services in different functional areas (for lack of a better term) by data classification level.  Both options scream multiple award IDIQ contract.
  • Second, DISA is seriously considering following the approach the CIA took when it hired a single cloud provider to provide an infrastructure walled off from the Internet.  This strikes me as the option the agency will eventually choose.  I think this because it is the simplest way forward and because the DoD has shown a growing tendency in recent years to leverage the experience of the Intelligence Community when it comes to implementing new technologies.  The similarity of the Joint Information Environment (JIE) and the ICITE initiatives comes to mind here.
  • Third, as expected, FedRAMP compliance will be absolutely required for vendors to win contracts.  The recently announced June deadline for FedRAMP compliance makes more sense now, doesn’t it?
  • Fourth, the command and control requirement created by U.S. Cyber Command hints that DISA will require continuous monitoring of cloud provided services.  This means that all cloud systems will need to be interoperable with the JIE and accessible by the Acropolis analytics cloud that the agency just stood up.
  • Fifth, the panel stated that applications selected for commercial clouds will be migrated during technical refresh cycles.  For what it’s worth, this is exactly the process being used to refresh hardware for the JIE.

As we can see, these implications could have serious repercussions for the type of acquisition that DISA carries out and for the requirements that it puts in the solicitation.  Not the least of these implications is cost.  The FedRAMP requirement alone ensures that being a cloud provider for the federal government just got more expensive, suggesting vendors need to weigh their path forward carefully in this increasingly difficult fiscal environment.


Opportunities in Army Network Operations

Just before the Christmas holiday I posted a short piece explaining how network engineering efforts in the Army are leading the way to the Defense Department’s new Joint information Environment (JIE).  In this post I’ll elaborate on some of the points I made earlier, especially concerning the Army’s focus on network operations.
The December post noted that the Army has expressed an interest in acquiring a number of capabilities that it may host in its new Core Data Centers once those centers are in place.  Upon reflection I realize now that I got ahead of myself.  There is a lot of ground for the Army to cover before it can turn its attention to acquiring the capabilities I mentioned in the earlier post.  This is particularly the case as far as network operations (NetOps) are concerned.

Infrastructure Enhancements

Presently the Project Manager Installation Information Infrastructure Communications and Capabilities (PM I3CS) remains focused on upgrading the network and communications hardware required by the Army to increase bandwidth and network interoperability across the Service’s bases, posts, camps, and stations (B/P/C/S).  This effort includes:
  • Upgrading core routers capable of supporting speeds of up to 100 GB per second.
  • Reducing Non-classified Internet Protocol Router Network (NIPRNet) entry and exit points from 435 in the continental U.S. to fewer than 20 points globally.
  • Deploying upgraded Application Delivery Network/End User Building (ADN/EUB) switches.
These efforts, presumably being carried out largely via orders issued under the Infrastructure Modernization (IMOD) IDIQ contract, are scheduled for completion in the CONUS by the end of fiscal 2014.  Work will then shift to overseas locations for fiscal 2015-2016.  Simultaneously the Army is working to consolidate data centers into a handful of Core Data Centers.  The anticipated result of these efforts is to have built by fiscal 2017 a more highly integrated and interoperable network infrastructure capable of delivering enterprise services.

Network Operations Capabilities

This is where a series of network operations capabilities fit in that I errantly referred to as “enterprise services” back in December.  According to Army documents, some of these capabilities may be procured “as-a-Service.”  Whether these “services” will be hosted in the Army’s CDC’s or in commercial data centers remains to be seen.  The capabilities currently on the Army’s radar to be delivered as managed network operations services are as follows:
  • IP Network Management System (NetMan)
  • Network Intrusion Prevention System (NIPS)
  • Wireless Intrusion Prevention System (WIPS)
  • Firewall Element Management
  • Proxy Management
  • Router Element Management
  • Switch Element Management
  • Virtual Private Network (VPN) Management
  • Virtualization Management System (VMS)
  • Network Access Control (NAC)
  • Identity Management System
  • Directory Services Management

Given the Army’s anticipated schedule for completing its network infrastructure upgrades (i.e., the end of FY 2014), I assume we may see procurement activity related to these capabilities beginning this fiscal year.  Where the opportunities will appear remains a mystery.  Some may be competed openly while others may be procured via contract vehicles like PD CHESS’ IT Enterprise Solutions 2 – Services (ITES-2S).  However they are procured, look for them to appear sooner rather than later.


Army Network Modernization, Cloud Services, and the Joint Information Environment

As the Department of Defense moves toward the Joint Information Environment (JIE), it is becoming clear that the Army is leading the way.  The Navy and Marines have expressed agreement with the concept of the JIE, but each remains wary about the approach.  Despite a directive from the DoD Chief Information Officer, the Navy has resisted transitioning Defense Enterprise Email.  The Marines, meanwhile, have gone so far as to argue that the rest of the DoD should adopt their network approach because the current Marine Corps Enterprise Services (MCES) environment is already a joint environment.  Then there is the Air Force, which is slowly falling into line with the Army behind the JIE concept.
This leaves the Army (and the Defense Information Systems Agency) as the “tip of the spear” when it comes to building the JIE.  Why the Army has assumed this role is known only to those at the heart of the effort.  My own speculation is that the Army was chosen to lead the JIE effort because it was the Service in the direst need of network consolidation and modernization.  After more than a decade of fighting overseas, Army network capabilities in the continental U.S. had become sub-par and were open to cyber-attack from any number of directions.  This was a potential disaster waiting to happen so addressing it became priority number one.
The Army’s network modernization efforts to enable interoperability and enhance security began in fiscal 2011 and accelerated in FY 2012 as it pushed toward the “Network 2020” goals set out by the CIO/G-6.  These goals coincide conveniently with the goals of the JIE, including
  • Application Inventory – Planned for completion in FY 2014 and leading to the elimination of duplicate applications and consolidation of widely used apps into enterprise services.
  • Data Center Consolidation – Planned to begin in FY 2014 and continue into FY 2015 with the goal of consolidating 185 Army data centers into the DISA DECCS and a handful (# unknown) of Core Data Centers (CDCs), supplemented by Installation Processing Nodes (IPNs) for Army and DoD customers.
  • Network Consolidation – In FY 2013/2014, deploy new network equipment (i.e., Multi-Protocol Label Switching technology) to create an MPLS “cloud” that increases bandwidth, reduces latency, and enables provision of standardized capabilities.
  • Cloud-Based Enterprise Services – From FY 2014 to FY 2019 utilize some DISA-provided enterprise services like Defense Enterprise Email, but also provide a large number of enterprise services in Army Core Data Centers.
The Army and DISA’s CDCs and IPNs are expected to operate as the cloud infrastructure that the Army, Air Force, and other DoD components will use for cloud-based shared services.  But while the enterprise services to be delivered by DISA are generally well known – email, directory, unified capabilities, collaboration, etc. – less well known are the capabilities that the Army intends to procure for hosting in its cloud.  Pardon me, “Core Data Centers.”  Some of these capabilities include the following:
Competition for the ESMS is just starting, but procurement of the other capabilities should only be a matter of time.  By my count there are as many as 25 other capabilities that the Army says it will need.  I’ll be listing these capabilities in a forthcoming report on Defense IT that Deltek has scheduled for publication just before Christmas.
Cloud services are critical to the shape that the JIE eventually assumes.  These services will be delivered from the Core Data Centers run by DISA and by the MILDEPs, so there will be business opportunity in both places.  The opportunity in the Army for cloud providers may in fact be better than that presented by DISA’s Commercial Cloud Services procurement, even though the DISA competition gets more press.  Who knows?  Maybe it is the Army’s cloud strategy and the Navy and Air Force’s stated intent to use commercial cloud services that are the reasons why DISA found less demand across the DoD for the commercial cloud services it intended to provide.


More Entries