Brocade stuff

8/18/2019 Brocade stuff

1/24

Cloud 2016EXPERT EDITION:INSIDE THIS ISSUE:Federal IT Spend Will BeHigher for These Two Reasons What the Army Wants in aCloud Vendor The Problems with thePentagon’s Cloud Policy NSA CIO Smithberger’s Secret

Sauce to Cyber in the Cloud How Law EnforcementCollaborates to Fight Terror

BROUGHT TO YOU BY:


2/24


3/24

Agency by agency, chief information oficersare hopping on the highway to the cloud. AsI heard it put at a recent AFFIRM event: Yes,it’s a highway, but it’s like Virginia Rt. 66 atrush hour, during a snowstorm—packedwith cars and not moving much.

From a strictly technical standpoint, it’s easyfor agencies to store and access data via thecloud.

What makes cloud computing hard is thelong on-ramp of thinking through the policy around balancingaccessibility with the privacy and security attributes that need tosurround the data. And then there is the potentially even longeroff-ramp of changing how individuals and groups re-imagine thecapabilities cloud can provide organizations enterprisewide.

In this Expert Edition, you’ll see many agencies have achieved

transition to certain cloud competencies, in some cases just the“low-hanging fruit.” The Food and Drug Administration is usinginfrastructure-as-a-service to process larger amounts of dataon demand, while the National Institutes of Health is using thecloud to save time generating MRIs. And the FBI’s Criminal JusticeInformation Services (CJIS) division is improving collaborationbetween law enforcement communities to deliver rich data in nearreal-time.

As these successes multiply, so do the investments in modernizingthe surviving systems. The Air Force invests in a special team ofcyber and network operations specialists to solve complex technicalpay and personnel glitches. And GSA’s 18F rolls out cloud.gov tohelp agencies work more effectively with cloud service providers.

Investments in creating new on-ramps that generate cloudsolutions also are increasing.

The Army forms a Cloud Computing Enterprise Transformation(ACCENT) vehicle to handle the bulk of the service’s cloudpurchases. The General Services Administration, partnering withthe Defense Information Systems Agency, will look to industry andDoD to provide feedback on a new multiple award cloud computing

services contract by the end of FY 2016.

The speed at which government travels the cloud highway toimprove internal operations and citizen services is only as fast asthe slowest vehicle, the road conditions or various factors. But rushhours eventually end and snowstorms turn into blue skies – leavingthe driving lanes open for the government to choose its ultimatedestination to modernize and improve how it delivers its mission.

Lisa WolfeProgram DirectorFederal News Radio

Table ofContentsFDA, NIH FindingSolutions to Health

Care Problems in theCloud …Page 2

Cyber, ModernizationEfforts DrivingExpected Growth in ITSpending …Page 3

Air Force DeploysSpecial Team to Fix HRTechnology Systems

…Page 4

Finally an AnswerEmerges for “WhyIPv6?”…Page 6

DoD’s Cloud PolicyRains Some Risks, IGSays…Page 8

18F Shines Some Light

on cloud.gov Platform,but Concerns Remain…Page 10

Army Shops CloudVendors to HostEnterprise Apps…Page 12

NSA’s Move to the Cloud Includes Something

Borrowed, SomethingNew…Page 14

National Park ServiceBringing Online to theOutside…Page 16

With New Threats,Law Enforcement Agencies Look for More Collaboration…Page 18

FEDERAL NEWS RADIO EXPERT EDITION: CLOUD 2016


4/24FEDERAL NEWS RADIO EXPERT EDITION: CLOUD 20162

FDA, NIH Finding Solutions to Health Care Problems in the CloudBY JASON MILLER

At the Food and Drug Administration, theNational Institutes of Health and severalother health care related agencies, the moveto cloud computing is having a dramatic

impact on their mission.

The FDA, for example, launched a newinfrastructure-as-a-service platform as part ofthe Precision Medicine initiative.

“At the FDA, we ingest large amounts of data,regulatory data, industry data and data fromgenomic sequencing and medical devices,” ToddSimpson, the FDA chief information oficer, saidat the 2015 Health IT day sponsored by AFCEA’sBethesda, Maryland chapter. “What used to takeweeks to process, we can now do in literallyhours.”

He said the infrastructure in the cloud is part ofan ongoing transformation to move away fromcostly on-premise computing environments.

The cloud lets the FDA spin up more processingpower when needed and spin it down when it’snot, said Simpson.

At the NIH, Alastair Thomson, the CIO for theNational Heart, Lung, Blood Institute said hisofice is working closely with Microsoft andAmazon to use their government-only clouds atthree facilities to reduce the time of an MRI scanto about 20 minutes from typically an hour.

Dr. Michael Hansen of the NHLBI Division ofIntramural Research is leading the MRI cloudproject and said it’s a huge advance.

“We realized that the raw MRI data coming offthe sensors might as well be encrypted,” he said.“You need advanced algorithms to do anythingwith it. It’s de-identiied when it goes away. It’snever stored there. It’s computed on and sentback. It makes it a lot easier.”

Thomson said now NHLBI is working withMicrosoft on how best to ensure the integrity ofthe data because it’s going to be used by doctorsto make decisions.

“It’s been about building understanding from thecommercial provider about what they actually do,how are they protecting it and what do we need todo to layer our protections on top of it,” he said.

Thomson said NHLBI also will take advantage ofthe cloud to improve collaboration on research.

“NIH has just implemented a science DMZ[separating trusted from untrusted networks] toallow communication of data over Internet 2 atextreme high speeds,” he said. “There is a lot oflearning we have to do about how it will work.”

Internet 2 is non-proit made up of public andprivate sector organizations, research labs anduniversities around the world to provide high-speed network services and a secure testing

environment.

Simpson also has an Internet 2 initiative as partof FDA’s new IT strategic plan.

“We have huge interoperability issues betweenour systems,” he said. “But I have additionalinteroperability problems. I have labs all acrossthe U.S. that are coming in with everythingEthernet and we are not equipped to get thosefeeds. The Internet of Things is coming in quickly

in the labs presence and we are trying to adaptfrom that standpoint.”

Simpson said the FDA also is looking for abusiness intelligence-as-a-service platform,and recently launched data loss preventionsoftware.

http://federalnewsradio.com/ask-the-cio/2014/09/fda-reorg-splits-cio-informatics-roles-in-preparation-for-network-innovations/http://federalnewsradio.com/ask-the-cio/2014/09/fda-reorg-splits-cio-informatics-roles-in-preparation-for-network-innovations/



Cyber, Modernization Efforts DrivingExpected Growth in IT SpendingBY JASON MILLER

Cybersecurity and the need to modernizelegacy systems are expected to push federalIT spending higher across both civilian andDefense sectors over the next few years.

“The unclassiied spending is just under $80billion, around $79.5 billion is what we areexpected to see,” said Robert Haas, the chairmanof the Professional Services Council’s VisionFederal IT Budget Outlook Team in an interviewwith Federal News Radio. “We’ve seen a dip inthe last couple of years. There has been a lotof pressure on the IT spend, along with otherfederal budgets. But we have optimism that issupported by the interviews we’ve conductedover the vision process that the 2015 numberswill have come in above what was expected, aswell as, the 2016 numbers still look to be verypositive.”

PSC’s Vision teams conducted dozens of

interviews with federal IT and acquisitionexecutives over nine months to come up withthe 51st annual forecast .

PSC estimated the civilian agency IT budget willbe about $49 billion in 2016 and it’s expected toincrease at about the rate of inlation to about$52.4 billion in 2021.

The Defense Department’s IT budget, whichhas dipped by about $3 billion over the last few

years, is expected to slowly increase to $30.5billion in 2016 and rising to about $33.5 billionby 2021.

Haas said the optimism of federal executives is agood sign especially since the trend over the lastfour years has been downward with a compoundannual growth rate of negative 1.6 percent. Thatwas much different than the previous ive yearswhen the compound growth rate of the IT budgetacross government was 6.4 percent.

Haas said agencies are under pressure tomodernize infrastructure and applications, andthe ongoing cybersecurity challenges require aninfusion of funding.

“One of the biggest drivers we are seeing isaround cybersecurity,” he said. “They are fundingcybersecurity projects oftentimes by takingfunding from other projects that currently exist.They will cut back on maintenance, they willcut back sometimes on new starts on programs.Conversely, the other area we are starting to seeis the replacement of the older systems becausein some cases they are able to save money byproviding a cheaper, more cost effective solutionthat is easier to maintain and takes fewerresources.”

The focus on replacing legacy systems is comingdirectly from the Ofice of Management andBudget. Federal CIO Tony Scott said late last year

that the problem with the legacy infrastructureis “a crisis bigger than Y2K.”

Haas said there are several takeaways forindustry and agencies.

First to industry, he said agency leaders made itclear they are looking for value and performanceand systems that provide for quick capabilitieswithout a huge investment in IT systems.

“If you can combine those features youwill probably have a winning system in thegovernment’s eyes,” he said. “We heard from anumber of folks we interviewed that they partnerwith the mission owners from an IT perspectiveto make sure the IT systems are aligned with theprocesses they support.”

http://federalnewsradio.com/budget/2015/02/it-budget-request-rises-to-86b-including-105m-for-digital-services/http://federalnewsradio.com/budget/2015/02/it-budget-request-rises-to-86b-including-105m-for-digital-services/https://www.pscouncil.org/i/f/Foundation_Events/Vision_Conference.aspxhttp://federalnewsradio.com/budget/2015/05/omb-requiring-5-percent-cut-in-discretionary-budget-for-2017/http://federalnewsradio.com/omb/2015/11/state-federal-technology-crisis-bigger-y2k/http://federalnewsradio.com/omb/2015/11/state-federal-technology-crisis-bigger-y2k/http://federalnewsradio.com/budget/2015/05/omb-requiring-5-percent-cut-in-discretionary-budget-for-2017/https://www.pscouncil.org/i/f/Foundation_Events/Vision_Conference.aspxhttp://federalnewsradio.com/budget/2015/02/it-budget-request-rises-to-86b-including-105m-for-digital-services/http://federalnewsradio.com/budget/2015/02/it-budget-request-rises-to-86b-including-105m-for-digital-services/



Air Force Deploys Special

Team to Fix HR TechnologySystemsBY JARED SERBU

Virtually every organization on the planet suffers from

frustrating IT glitches in its human resources department

from time to time. But most of them aren’t managing pay and

personnel functions for half a million people, and the outages

don’t usually last for several hours at a time.

Both of those things are true of the Air Force. So in early December

2015, the 24th Air Force — the service’s cyber and network

operations specialists — stood up a special mission team that

will undertake an end-to-end examination of the complex web

of both modern and legacy systems that make up the service’s

personnel and pay infrastructure and what can be done to make it

more reliable.

Each time a key link in the Air Force’s HR IT enterprise goes ofline for a few hours, the service’s

productivity losses are measured in man-years — not man-hours, said Bill Marion, the chief

information oficer for the Air Force headquarters’ manpower, personnel and services organization

(A1).

“When we’re down for three hours and then, with the latency it takes us another 45 minutes to

process each civilian hire, that has serious domino effects,” Marion said at an annual Air Force

IT conference hosted by AFCEA’s Northern Virginia chapter. “We need to root out any of the

ineficiencies we have.”

BILL MARION, CIO FOR THE AIR FORCE

HEADQUARTERS’ MANPOWER, PERSONNEL

AND SERVICES ORGANIZATION (A1)

http://federalnewsradio.com/defense/2015/03/dod-personnel-moves/http://federalnewsradio.com/defense/2015/03/dod-personnel-moves/



Part of the issue is sheer complexity: To process service members’ and civilians’ pay and personnel

transactions, the Air Force today uses 120 separate systems — 86 of which duplicate others that

provide similar capabilities — at 213 sites around the world.

The disaggregated nature of those IT systems means HR also is an extremely expensive and

manpower-intensive business for the Air Force, costing $1.3 billion per year and requiring one HR

specialist for every 22 airmen on the service’s payroll.

For the last ive years, the Air Force has had a plan to replace several dozen of its legacy HR systems

with a commercially-based enterprise resource planning system it dubs Air Force Integrated Pay and

Personnel System (AF-IPPS).

But the $570 million program missed its target to begin

delivering capability by summer 2015 and is rated at

“moderately high-risk” for failure, according to the

latest data on the government’s IT Dashboard.

Marion said the Air Force is now reexamining its approach to

AF-IPPS.

“It’s about building an entire ecosystem of lifecycle support for

the HR world in a way that’s consistent, repeatable and agile,”

he said.

To that end, Marion said the Air Force had taken several stepsof late to simplify the network architecture that supports its

HR data, to make its systems more self-service so that they

don’t require as much professional support, and to get out

of the business of hosting its own data centers as much as

possible.

In August 2015, the Air Force got the go-ahead to host sensitive data in a commercial cloud

environment at what DoD defines as impact level four. Since then, it has become the irst DoD

component to transition “critical mission information” into a nongovernment cloud.

The project involves the Air Force’s existing myPers portal, which lets airmen handle some pay and

beneits matters on a self-service basis.

“We’ve still got a few critical steps to go because it’s the irst time we’ve done this within the DoD,

with new concepts like cloud access points and rules for email lows, but the core is in place,” Marion

said. “We see great beneits coming from it.”

“...the Air Force ... has

become the first DoDcomponent to transition

“critical mission information”

into a nongovernment cloud.

“We see great benefits

coming from it.”BILL MARION

http://www.gao.gov/assets/670/662045.pdfhttps://itdashboard.gov/investment?buscid=915http://federalnewsradio.com/defense/2015/01/dod-rewrites-cloud-security-rules-in-move-toward-risk-acceptance/http://federalnewsradio.com/defense/2015/01/dod-rewrites-cloud-security-rules-in-move-toward-risk-acceptance/https://itdashboard.gov/investment?buscid=915http://www.gao.gov/assets/670/662045.pdf



Finally an Answer

Emerges for “Why IPv6?”BY JASON MILLER

W

here do agencies stand a decade after the

White House irst called on agencies to

adopt the more secure protocol IPv6?

It was so important, at one time, that

the Ofice of Management and Budget issued

two memos requiring agencies to move to the

more secure, better protocol on the network

backbone. The CIO Council also stood up a

working group, issued how-to guides, and there

were the assorted conferences, talks and lunches

about the importance of IPv6.

The first time OMB mandated agencies movewas in 2005, giving them a 2008 deadline.

Then two years after most agencies missed the

2008 deadline, OMB came up with two more

deadlines: By 2012, agencies must upgrade

public or external facing services and by 2014,

they must upgrade internal client applications

http://georgewbush-whitehouse.archives.gov/omb/memoranda/fy2005/m05-22.pdfhttps://www.whitehouse.gov/sites/default/files/omb/assets/egov_docs/transition-to-ipv6.pdfhttps://www.whitehouse.gov/sites/default/files/omb/assets/egov_docs/transition-to-ipv6.pdfhttp://georgewbush-whitehouse.archives.gov/omb/memoranda/fy2005/m05-22.pdf



“...we’re hoping commercial

cloud providers adopt it for their

public-facing services soon...”

CHRISTINE CALVOSA/FCC DEPUTY CIO OF RESILIENCY

that communicate with public services or

support enterprise networks.

Nearly a decade in the making, the latest

statistics from the National Institute of

Standards and Technology show quietly

agencies are leading industry.

And the FCC became the latest in a small

number to fully make the jump to IPv6.

“With the recent move

of the core FCC data

center to a commercial

cloud provider, FCC

enabled IPv6 for

public facing systems,”said FCC CIO David

Bray, in an email to

Federal News Radio.

The FCC made the move,

in part, because of its

decision to move to the commercial cloud.

“Our strategy at FCC is to reuse commercial

cloud services going forward, which is why we’re

hoping commercial cloud providers adopt it for

their public-facing services soon,” said Christine

Calvosa, the FCC’s deputy chief information

oficer of resiliency, in a statement to Federal

News Radio.

One of the reasons the public sector is way ahead

of the private sector is commercial providers

don’t see the demand for IPv6. Even though

many have rung the alarm bell about running out

of IPv4 addresses, the better security that comes

with IPv6 and host of other beneits, the private

sector hasn’t been overly excited about it.

Peter Tseronis, CEO and founder of Dots and

Bridges and a former chief technology oficer

at the Energy Department, who also led the

government’s transition efforts to IPv6, said

the inability to explain why IPv6 is important

beyond the technology aspects has been the

biggest obstacle for companies and agencies.

But Tseronis said with the emergence over the

last year or so of connected devices under the

moniker the Internet of Things, there inally is

a good explanation of why moving to IPv6 is so

important.

“If I was using the term

Internet of Things in

2005, it would have

been a lot sexier than

IPv6,” Tseronis said. “Westruggled with what

IPv6 means. We got

bogged down in technical

jargon and it became all

about compliance and

scorecard.”

The good news is agencies actually are making

real progress.

NIST runs a governmentwide scorecard on

agency progress to move external domains to

IPv6. The results show a strong majority of the

networks either are IPv6 enabled or on their

way. The Department of Interior, NASA and

the Social Security Administration have fully

moved their domains to IPv6. Others such as

the National Science Foundation, the VeteransAffairs Department and the Nuclear Regulatory

Commission are close.

On the other end of the spectrum, the

departments of Agriculture, Health and Human

Services and the General Services Administration

have a long way to go.

http://federalnewsradio.com/people/2015/09/tseronis-leave-energy-private-sector/http://fedv6-deployment.antd.nist.gov/cfo.htmlhttp://fedv6-deployment.antd.nist.gov/cfo.htmlhttp://federalnewsradio.com/people/2015/09/tseronis-leave-energy-private-sector/


10/24

DoD’s Cloud Policy RainsSome Risks, IG Says


BY SCOTT MAUCIONE

A Defense Department InspectorGeneral’s report found problems withthe Pentagon’s cloud policy that may havemonetary and cybersecurity risks.

DoD does not maintain a comprehensive listof cloud computing service contracts becausethe department’s chief information oficerfailed to establish a standard, department-wide deinition for cloud computing. Inaddition, the DoD CIO did not develop an

integrated repository that could providedetailed information used to identify cloudcomputing service contracts, the reportstated.

As a result, DoD has no way of determiningif it is actually saving money by migrating tothe cloud and may not be able to effectivelyidentify and monitor cloud computingsecurity risks, the report stated.

“DoD’s ability to track cloud computing costsavings and beneits is greatly limited if DoDis not aware what cloud computing service

contracts exist withinDoD … [and] unless DoDComponents accuratelyclassify their information systems as usingcloud computing services, DoD CIO will notbe aware what security risks are speciic tothose services,” the report stated.

The DoD IG found inconsistencies between alist of cloud computing service contracts keptby the CIO and the ones kept by the military

departments for iscal 2011-14.

For example, the Army identiiednine contracts for its cloud computingservices in that period, while the DoD CIOonly identiied three. Likewise, the Navyidentiied zero contracts when the CIO hadtwo potential contracts.

Part of that problem may have been becauseof the DoD’s lack of a repository for cloud

computing service contract information.

The DoD CIO uses four different IT reportingsystems to gather information on DoD cloud

http://www.dodig.mil/pubs/documents/DODIG-2016-038.pdfhttp://www.dodig.mil/pubs/documents/DODIG-2016-038.pdf



computing. However, the systems arenot integrated and do not providethe level of detail desired by the CIO,the report stated.

The DoD CIO is taking steps to remedy thesituation by looking for ways to link thesystems.

The DoD IG recommended the CIO issueguidance to establish a department-widedeinition or clarify NIST’s deinition. The

DoD CIO’s ofice responded, saying its DoDCloud Computing Security RequirementsGuide (SRG) “established a standarddeinition of cloud as well as requirementsand processes for assessing cloud computingsecurity risks.”

The DoD IG disagreed with the assessment.

The IG also recommended the DoD CIOestablish an integrated repository of

cloud computing contracts. The CIO’sofice responded stating it implementedenhancements to its systems to better collectcontract details.

The DoD CIO was contacted for furthercomments on the report but stated it hadnothing to add.

In recent years, the military has made aneffort to save money by hosting less of itsmaterial on its own drives and contracting

more private companies to provide cloudservices. Private companies can procure thebest available technology faster than DoD,which needs congressional appropriations.

The DoD CIO last year gave the militaryservices and department components theability to procure their own cloud servicesindependent of the department.

DoD has no way of determining if it is actually

saving money by migrating to the cloud and

may not be able to effectively identify and

monitor cloud computing security risks.

http://federalnewsradio.com/defense/2015/01/dod-rewrites-cloud-security-rules-in-move-toward-risk-acceptance/http://federalnewsradio.com/defense/2015/01/dod-rewrites-cloud-security-rules-in-move-toward-risk-acceptance/http://federalnewsradio.com/defense/2015/01/dod-rewrites-cloud-security-rules-in-move-toward-risk-acceptance/http://federalnewsradio.com/defense/2014/09/dod-upends-its-strategy-for-buying-commercial-cloud-services/http://federalnewsradio.com/defense/2014/09/dod-upends-its-strategy-for-buying-commercial-cloud-services/http://federalnewsradio.com/defense/2015/01/dod-rewrites-cloud-security-rules-in-move-toward-risk-acceptance/http://federalnewsradio.com/defense/2015/01/dod-rewrites-cloud-security-rules-in-move-toward-risk-acceptance/http://federalnewsradio.com/defense/2015/01/dod-rewrites-cloud-security-rules-in-move-toward-risk-acceptance/



18F Shines Some Lighton cloud.gov Platform,but Concerns RemainBY JASON MILLER

The General Services Administration’s18F organization rolled out a new service,cloud.gov, last October.

While there was some initial confusion ofwhat cloud.gov exactly is, an 18F spokesmanconirmed that cloud.gov is a platform-as-a-service based on the open source technologycalled Cloud Foundry.

Cloud Foundry is a not-for-proit supportedby a who’s who of private sector technologycompanies, such as IBM, VMWare, Intel, EMCand many more. The organization’s websitesays it is built for fast-cycle innovation of cloudapplications and boasts higher rates of useradoption, faster cycle time and higher reliability.

This sounds good on paper. 18F is takingadvantage of a no-cost or low-cost offering tohelp agencies move more quickly to the cloud.

“Cloud.gov enables 18F to deploy its cloud-based applications with baseline security andscalability concerns addressed consistently upfront, without dramatically scaling the numberof cloud operations experts in our organization,”an 18F spokesman said by email.

But if cloud services are widely considereda commodity, then why is the governmentcompeting with the private sector to offer theseservices?

Six vendors have earned Joint AuthorizationBoard (JAB) approvals for PaaS and nine vendorshave received agency approvals according to theFederal Risk Authorization and ManagementProgram (FedRAMP) website.

So if 15 vendors and agencies are offering PaaSalready, why did 18F presumably spend time andmoney to develop another competing platform?

The 18F spokesman said cloud.gov isn’tcompeting with the private sector.

“By using Cloud Foundry and making cloud.gov available, we’re raising the ‘lowest commondenominator’ capabilities agencies shouldexpect from any vendor to the Cloud Foundrycapabilities, and enabling greater competition,”he said.

The spokesman added PaaS vendors not part ofCloud Foundry also will beneit because cloud.gov will increase the migration of governmentapplications to a “12-factor model, and thereforethe applicability of PaaS models to government.”

“12-factor applications have very littledependency on the exact platform that issupporting them, so these applications willbe more easily ported to non-Cloud Foundrycommercial PaaS solutions as well,” he said.“Vendors of such systems have open-book accessto how cloud.gov works, and can thereforeprovide easy on-ramp solutions to migrategovernment applications to their platform.”

Is 18F is trying to be a PaaS cloud broker?

“It looks like they are giving you templates andways to work with particular CSP,” said onefederal CIO. “The more I looked at cloud.gov, themore I would like to know the details. It didn’tseem like they were trying to duplicate whatindustry was doing, but help us get to the cloudfaster.”

So why are vendors and some in governmentso concerned? It is a matter of bettercommunication from 18F? Or does the entireconcept of 18F make feds and contractorsuncomfortable?

Cloud.gov will be worth watching to see if 18Fcan attract customers beyond the work they aredoing for agencies. It also will be interesting tosee when Congress decides to take a look at the18F concept and whether the government is

unfairly competing with the private sector.

https://www.cloudfoundry.org/https://www.cloudfoundry.org/


13/24

Maximize the full value of your technology assets

with ViON Infrastructure As A Service Offerings.

Gain deeper insight into best practices for procuring technology as aservice – DOWNLOAD these White Papers Today:

Flexible IT: An Overview of Infrastructure as-a-Service

Information Technology “as-a Service” Considerations

for Contract Administration

PSC Technology Council Report on best practices for

Federal Agency Adoption of Commercial Cloud Solutions

http://custom.federalnewsradio.com/features/cloud-resources-from-vionhttp://www.vion.com/http://custom.federalnewsradio.com/features/cloud-resources-from-vionhttp://www.vion.com/



The Army has started polling

prospective cloud computing

vendors on their capabilities,

laying the groundwork for

a new contract vehicle that’s

likely to handle the lion’s share of

the service’s cloud purchases over

the next three years.

A request for information, issued

December 30, 2015, asks companies

to describe their approaches to dozens of

support services the Army believes it will

need as it transitions legacy applications from

government data centers to commercially-

operated ones between now and the end

of 2018, including authentication, network

monitoring and the ability to have secondary

facilities take over in case of a system failure.

The overall project, dubbed Army Cloud

Computing Enterprise Transformation

(ACCENT) still is in the planning stages, but

a draft request for proposals released last

November envisions a two-step acquisition

process in which cloud vendors would irst

qualify for spots on ACCENT via “basic ordering

agreements” (BOAs) but with no guarantee

of future work. They would then compete forindividual projects at the task order level.

Functionally, the BOAs would operate much like

the blanket purchase agreements government

Army

ShopsCloudVendors

to HostEnterprise

AppsBY JARED SERBU

https://www.fbo.gov/index?s=opportunity&mode=form&id=5bd51582b2244477c7bd0c5ffbd7527f&tab=core&_cview=0https://www.fbo.gov/index?s=opportunity&mode=form&id=daff37dab0afff7d1de46e28ac6fc994&tab=core&_cview=0https://www.fbo.gov/index?s=opportunity&mode=form&id=daff37dab0afff7d1de46e28ac6fc994&tab=core&_cview=0https://www.fbo.gov/index?s=opportunity&mode=form&id=5bd51582b2244477c7bd0c5ffbd7527f&tab=core&_cview=0



agencies routinely use to buy a variety of goods

and services, said Doug Haskin, the project

director for enterprise services within the

Army’s program executive ofice for enterprise

information systems.

“But we think the BOA is better for the high-

dollar contract actions that are associated with

hosting services,” he said in an interview with

Federal News Radio. “It also gives us more

lexibility to adapt to uncertain requirements

when you don’t know all the requirements

up front, which is the position we’re in now.

Keeping that lexibility is important for us

because we know that the guidance and

policies for commercial cloud in DoD have been

changing and will continue to change. I think it’s

also going to beneit industry, because if they’re

going to commit the resources to get onto this

agreement they need to know it’s going to be

viable and not obsolete in a year or two.”

The Army envisions using the contract to

buy infrastructure-as-a-service, platform-

as-a-service and software-as-a-service cloud

offerings. Vendors would need to meet the

governmentwide FedRAMP standards for cloud

security and have DoD-speciic provisional

authorizations to sell their wares to thegovernment, but the additional DoD security

controls they would need to comply with would

be set out task order by task order.

Additionally, companies would need to support

DoD’s public key infrastructure to authenticate

users via their common access cards, make

sure all the government data they’re hosting

is physically stored in the U.S. and be willing

to open their facilities to DoD security teams

at any time in case of a cybersecurity incident

or criminal

investigation. And

under task orders

issued for DoD’s

highest unclassiied

cloud securitydesignation —

Level 5— all

government data

would have to be

kept physically

separate from

that of the hosting

companies’

commercial clients.

The Army plans to

use the ACCENT

contract to follow through on guidance the

service’s chief information oficer issued in

July of 2014, telling all Army components that

they had until 2018 to migrate as many of their

enterprise-level applications as possible to

commercial environments.

“Keeping that

flexibility is importan

for us because

we know that the

guidance and policie

for commercial clou

in DoD have been

changing and will

continue to change.”DOUG HASKIN, PROJECT DIRECTOR FOR

ARMY ENTERPRISE SERVICES

http://federalnewsradio.com/defense/2014/09/dod-upends-its-strategy-for-buying-commercial-cloud-services/http://federalnewsradio.com/defense/2014/09/dod-upends-its-strategy-for-buying-commercial-cloud-services/http://federalnewsradio.com/disa/2015/09/dod-reaches-36-provisional-authorizations-commercial-cloud-services/http://federalnewsradio.com/disa/2015/09/dod-reaches-36-provisional-authorizations-commercial-cloud-services/http://ciog6.army.mil/Portals/1/CloudStrategy07312015.pdfhttp://ciog6.army.mil/Portals/1/CloudStrategy07312015.pdfhttp://federalnewsradio.com/disa/2015/09/dod-reaches-36-provisional-authorizations-commercial-cloud-services/http://federalnewsradio.com/disa/2015/09/dod-reaches-36-provisional-authorizations-commercial-cloud-services/http://federalnewsradio.com/defense/2014/09/dod-upends-its-strategy-for-buying-commercial-cloud-services/http://federalnewsradio.com/defense/2014/09/dod-upends-its-strategy-for-buying-commercial-cloud-services/



NSA’s Move to theCloud IncludesSomething Borrowed,Something NewBY JASON MILLER


17/24

The National Security Agency is taking a page

from commercial service providers as it sets

up three different cloud services. But NSA

is doing cloud computing in its own special

way.

Greg Smithberger, the NSA chief information

oficer, said the agency is bringing the

Intelligence Community IT Enterprise (ICITE)

program to reality by taking some of the

concepts of the commercial cloud and applying

special cybersecurity technologies on top.

“This is very similar to the sort of commercial

cloud offering that everyone is familiar with,

but in this case we are offering it inside our

very secure environment,” he said. “We’re

also providing a shared data storage cloud

for the intelligence community that allows us

to integrate data from across the community

while still maintaining that very ine-grained

access control and enforcing that need to know.That’s based on a lot of that unique technology

developed at NSA. We also are providing shared

resources for the community that allows people

from across the community to run shared data

analytics on that shared data repository while

still ensuring users only see the data they’re

personally authorized to see.”

Smithberger said all three clouds are operational

but NSA and its IC partners are expanding and

scaling out these initial foundational capabilities.

The end goal, he said, is to get capabilities

delivered to the analysts that will let them more

easily and more routinely collaborate across the

IC.

The rate of adoption is different throughout the

IC. Smithberger said NSA is using the shared

storage cloud and resources for analytics

aggressively, while others in the IC are working

those tools into their processes.

“It is successful but we have a ways to go to

before we realize the DNI’s full vision for the full

collaborate joint environment for the intelligencecommunity and it has

other components

than the cloud

components,” he said.

NSA also is planning

to adopt the shared

desktop environment

led by the DefenseIntelligence Agency

and the National

Geospatial Intelligence

Agency. He said it’s

similar to the virtual desktop environment

currently in use at NSA.

“That will probably be in the next couple of

years,” Smithberger said.

NSA is preparing for a new contract as part of its

typical desktop refresh cycle. Smithberger said

he expects to have a few thousand users on the

shared desktop in the coming year, but the major

transition will not happen until the contract is

awarded in 2017 or 2018.


GREG SMITHBERGER, NSA CIO



National Park ServiceBringing Online to

the OutsideBY JASON MILLERT

he Interior Department’s NationalPark Service celebrates its centennialanniversary in 2016.

As part of the commemoration, NPSwants to bring new technology tools andservices to national parks.

Shane Compton, the National Park Service’sassociate CIO, said the irst step is to workwith the telecommunications carriers andtheir subcontractors to bring the signal intoplaces like the Grand Canyon or YosemiteNational Park.

“We are looking to help people to pickup their own signal when they are therewith their mobile device,” he said. “We arelooking at partnering on testing new ideas.We have new tools out there that have beendemonstrated at some of our national eventswhere we have things like cellular on wheelsor high-speed microwave. Some of those

connectivity options as IT evolves, thosetechnologies often get cheaper and smaller.”

Compton said his ofice is evaluating what

can be done and is developing a plan that by2018, high speed connections are available atall national parks.

NPS is focusing on increasing bandwidth atnational parks because it wants to providevisitors more content — whether photos ortext or maps — about the monument or park.

“We are asking the parks, our regionsto come up with why you think WiFi

might actually be better for the customerexperience. It may not be a better customerexperience to hike out in the backcountry,but if you are in a visitors’ center or lookingat monuments, that is where that mightbe beneicial. We are trying to make someconscious decisions on where it will be thebest for the public.”

http://federalnewsradio.com/technology/2014/11/yellowstone-park-considers-bumping-up-bandwidth/http://federalnewsradio.com/technology/2014/11/yellowstone-park-considers-bumping-up-bandwidth/



Compton said he’s working closely with themission areas to ensure a better customerexperience across all areas of the parkservice.

National Park Service Director Jonathan Jarvis launched the Call to Action plan in2011 in preparation for the centennial in2016. Compton said many of the IT efforts tofocus on the customer are coming from thatstrategy.

“IT is becoming more and more important forthe customer experience,” he said. “I can tellyou the complaints we get when somebody

goes in to a park and inds a hotel doesn’thave [the] high-speed WiFi so they can dotheir work while they are on vacation. It’s anexpectation now so IT has to make sure it’sthere.”

But it’s not just about the external customers.Compton is focused on internal technologyimprovements as well.

He said NPS is considering moving more andmore sites and applications to the cloud .

“NPS.gov is one of the largest federalwebsites. People hit it every day. They maynot hit the home page, but they will do aGoogle search for a park and be on our site.Imagine a million people on the website atone time on one day; the cloud is perfect forthat,” he said. “We just think it’s a matter oftime before we move a lot of what we have to

the cloud.”

Compton said NPS’ goal is to move offplatforms and current servers and putthose applications into the cloud as part of anormal refresh life cycle.

JONATHON JARVIS, NATIONAL PARK SERVICE

DIRECTOR

http://federalnewsradio.com/federal-drive/2015/03/jonathan-jarvis-director-national-park-service-1/http://federalnewsradio.com/federal-drive/2015/03/jonathan-jarvis-director-national-park-service-1/http://www.nps.gov/calltoaction/http://federalnewsradio.com/technology/2012/05/interior-email-contract-saga-ends-with-onix-google-winning/http://federalnewsradio.com/technology/2012/05/interior-email-contract-saga-ends-with-onix-google-winning/http://www.nps.gov/calltoaction/http://federalnewsradio.com/federal-drive/2015/03/jonathan-jarvis-director-national-park-service-1/http://federalnewsradio.com/federal-drive/2015/03/jonathan-jarvis-director-national-park-service-1/



With New Threats,

Law EnforcementAgencies Look for More

CollaborationBY NICOLE OGRYSKO

R

ecent terrorist attacks andintelligence operationsin Paris and Beirut are

underlining the need forbetter information sharingbetween U.S. law enforcementagencies.

Law enforcement leaders said theyunderstand the power that data can haveon their ability to respond to crises, but thepath to sharing that information and developinginteroperable systems to support it has been tooslow.

“We get lots of information,” said Karl Mathias,chief information oficer and assistant director

of the information technology division at theU.S. Marshals Service, during a November 2015panel discussion at AFCEA Bethesda’s monthlybreakfast. “I have it from all over, from manydifferent sources, which is the problem. It’s

taking data and turning itinto knowledge that we canexecute against, [that] is really

the struggle we face.”

Too often, government thinksin terms of programs and

systems and the agencies thatown them, said Jeff Johnson, chief

technology oficer and assistant director

for IT applications and data division at the FBI.

Instead, agencies should consider theinformation itself and what purpose it will serve

toward the larger goal.

“If we focus in on that data and those attributesthat we really meaningfully want to protect, itwill enable us to more broadly share in the cloudbecause we will talk about what people havelegitimate, authorized access to what data,” hesaid. “What data needs to be shared with which



communities, and which protections that goesunder. Right now, we are protecting systems. Weprotect devices, and then we have exceptions to

those devices.”

The devices and systems law enforcementagencies use to gather, process and share threatdata are improving, but also at too slow a pace.

The FBI’s Criminal Justice Information Services(CJIS) division is improving collaborationbetween law enforcement communities, Johnsonsaid. The hope is to add more rich data anddeliver it closer to real-time.

The Marshals Service is working with the Bureauof Prisons to develop an automated, paperlessdata sharing program, Mathias said.

The agency also hired a chief data oficer to

work with Mathias in the CIO’s ofice on the data

analytics side.

For Mathias, his priorities lie in perfecting thebasic technologies and services his employeesneed to do their jobs, like tablet computers,

desktop support and mobile phones.

Ultimately, Johnson said the real task is makingthe data the FBI collects transparent, andthen equipping the right people with the rightinformation to make better decisions andintercept possible threats.

“That information doesn’t belong to a system,”Johnson said. “It doesn’t belong to a program.It doesn’t belong to an agency. It belongs to the

taxpayers. It belongs to the citizens of the world,and it must be shared. In order to get there,we must start to reshape the way we deine

programs, the way we fund programs and theway we acquire programs in the government.”

“If we focus in on that data and those attributes

that we really meaningfully want to protect, it will

enable us to more broadly share in the cloud...

...we must start to reshape the way we define

programs, the way we fund programs and the way

we acquire programs in the government.”

JEFF JOHNSON, CTO/FBI


22/24

Download the power of knowledge, packed with wisdom, from our team

of journalists and the entire

Expert Edition Library.

Experience the Difference.

Free at FederalNewsRadio.com

Download today!

http://federalnewsradio.com/technology/2015/10/federal-news-radio-ebooks/http://federalnewsradio.com/technology/2015/10/federal-news-radio-ebooks/


23/24


24/24

EXPERT EDITION:Cloud 2016

Brocade stuff

Documents

Transcript of Brocade stuff