Importance of Natural Resources

Jason Martin – DISA Forecast to Industry 2018


Good afternoon, everyone.
I’m Jason Martin. I’m the services executive here at DISA. Been here almost 18 years and I’ve been working in the
same space for almost 18 years. So I feel like I know this pretty well. But what I’m going to talk to you today
is about the change in evolution that we’re starting to go through
or that started to go through a couple of years ago that we’re really now starting to realize and what we’ve been able
to do and where we’re going. All right. This is my domain with
the support of Mr. Osborn, Mr.,
Mr. Rodakowski, Mr. Bennett. This is really what we’ve built
inside of operations to run the DISA data centers
and the DISA enterprise services. So everything you see
on the screen today is really how we’re operating at truly
the enterprise level. So there was a question. We just left the media roundtable
a couple of minutes ago and there was a question
from someone in the media that said, how is DISA adapting to
supporting the enterprise again after years of doing point solutions? What you can see is what
I’m doing with support of the operations folks
to provide those capabilities. So you’ve seen us grow
in a number of areas. I’m sure you’ve seen some version
of this chart before. But about a year ago, we had a couple
thousand users on the voice capabilities. Well, now, we’ve got 85,000. We’ve also got a global footprint
that you see there in the yellow circles. At the same time, we’ve also
downsized the data centers. We’ve gone from, gosh, in the past
10 years, we’ve reduced 10 data centers and eliminated over a half a million
square feet of raised floor space. So we’re able to continue to do all this
to investing in these new capabilities by truly bringing
enterprise solutions and really working across the enterprise to change the way
we’re doing business and to change the way that we
as a department are doing business. I was out at AFRICOM last week doing a symposium on enterprise services
and computing at the tactical edge. Based on what we’ve done
in the past couple of years, we truly can now do things
at the tactical edge. We’ve got big supporters in AFRICOM. We’ve done significant work over
the past year with the Army to bring new solutions
to the tactical edge which the enterprise
has really talked about for years and we’ve been doing
with things like DEE and DEPS but now, we’re trying to do it
with voice, UC, et cetera. So what we’ve really talked about
on the services side of the house is how do we
continue to do that. The next evolution that we’re
going to talk about today and that you see in the press and
it’s pretty much everywhere is Cloud. How are we doing Cloud? What the agency has done
with support from DoD CIO is we went off
and awarded the 2. 0 contract. I was involved in the 1. 0 initial build. We’ve taken that, evolved it into 2.0 and now, we ourselves have
put over 30 applications on the capability itself to date. So now, what we’ve done
is prep the environment. We’ve really brought up a capability
now that people can use, leverage and we’re starting to run with
that across the fourth estate and the DoD. And then finally, I’ll get into
a little more detail also but what we’re doing now and placing
heavy emphasis on is really integrating us with the commercial vendors’
off-premise solutions for Cloud with the secure Cloud computing
environment that we’ve built out also known as
the Cloud access points or capabilities within
the CAPS, we call them. So that’s really where we’ve placed a lot
of emphasis, time and effort over the past six months and I’m going to say, we
will continue to over the next year or two as we continue to move
people onto the CAPS and the NIPR side and
as we build up the SIPRCAPS. All right. This is really the foundation
for what we’ve been able to do on the services
side of the house. And I’m really just going to walk you
through what it is that we’ve built and help you explain how
we’re now offering that to both the enterprise
and the tactical level. You see at the bottom,
the IDAM capabilities. Lisa talked a little bit earlier
about ICAM and IDAM and what they’re doing from mobility perspective
and then to further evolve PKI. We’ve leveraged PKI. We’ve also worked with DMDC
over the past five or so years to roll out enterprise services. Those enterprise services for identity
management have been critical to not only building
our enterprise applications but now offering
that service across the DoD. So we have a single authoritative source of identity data to ensure
that we have secure access to both applications
and point devices, et cetera. That is truly the underpinning
and the foundation for what we’re doing
across the Department. I’ve got two other
services as part of that, which are push-pull
services for identity. I actually worked an issue
this morning with the Navy who needed the data sooner
than what we were able to do it. So we pushed a few buttons
and been able to move that a little quicker just
to give the Navy, again, enterprise data so they can make
enterprise authoritative decisions. Something we couldn’t do
a couple years ago. Finally, to secure all
that, big buzzword also, I heard someone say buzzword
earlier today, VDI. VDI, we did roll out. We did roll it out though. Not for the enterprise
at large but only for the folks that really have access
to privileged information. So our entire privileged
user base is now using a scaled-down version
of an enterprise VDI. Very, very excited about that capability. Without giving you
the real numbers, I’ll give you close to. We’ve been able to eliminate
over 200,000 user accounts simply by developing a single
authentication solution and a single entry into that solution. So from a security
threat perspective, threat vector perspective,
that’s pretty good. I mean, we dramatically reduced
the threat vector simply by instituting two solutions that we worked with industry
to build over the past couple of years. They are FOC and so we are really
excited about how that’s rolling out. And then we’re just continuing
to onboard more and more folks that manage applications
inside of our data centers. Then we’re in the process also,
I don’t know if they’ve talked about it on the innovation side
of things yet or not but we’re also trying
to offer that outwardly across the Department
so we can provide those same methods, TTPs,
procedures and toolsets to be able to provide that same
capability to ensure that others can leverage those
privileged user capabilities in their environments as well. I talked about milCloud 2.0. Again, what we’ve built inside the data
centers, the ecosystem data centers is the authentication and identity
mechanism for milCloud 2.0 also for the DISAdata centers. As you likely know,
the DISA data centers have changed dramatically
over the past couple years. I mentioned downsizing but I’ve also,
in terms of floor space and sites but we have also dramatically reduced and
changed how we run the ecosystem today. Don’t come to me and say, DECCs,
those aren’t a thing anymore, right? It’s the ecosystem data centers. But it truly is managing
things differently. We have nine different lines
of business out that are accountable to one person in Oklahoma City
where the ecosystem is headquartered. They run all business operations
in and out through Oklahoma City as a single entity
and then obviously, we work with the Cyber Operations
Directorate to ensure that we report out, monitor and manage
the data centers accordingly. But that’s also, again, out
of that single foundational data point that we’ve run on the data
services side of the house. Cybersecurity, I talked about. This is now the gateway for us
for the foundation to bring in off-premise solutions to communicate
with off-premise solutions. Be it service providers, customers,
data managers, data providers, et cetera. We’ve built all that out
using commercial industry multiple locations across the country in ways of meet me points
and various toolsets to provide those
communication capabilities. We’ve done all that in conjunction
with the data centers. And now, those two groups
work hand-in-hand to operate out of the data centers those
commercial access points. So in the end, again, really, what you thought you knew about
DISA operations, DISA data centers, DISA enterprise services
is dramatically different. We truly are a partner
with not only industry. We truly are partners
with our mission partners and we truly are partners across
the Department and federal government to ensure all
this stuff works seamlessly and it’s just simply
by changing a few basic fundamental and foundational
capabilities to do that. So where I’m going, I mentioned
all these things but just briefly, data centers,
we continue to restructure. We’ll be done by 2020. So you will see a full-blown ecosystem managed via lines of business
at that point in time. milCloud 2.0,
we continue to onboard folks. We do a significant amount
of speaking engagements and daily, when I say daily, truly daily, multiple
times a day, meetings with customers to ensure that they understand
what they’re coming into, how they’re going to consume our services,
what they need to consume them and who they need
to work with to do that. So I see that ongoing
for the foreseeable future. Secure cloud computing architecture,
I talked about as well. We continue to evolve.
We’re adding bandwidth capabilities. We’re adding monitoring
capabilities, toolsets, onboarding processes, procedures, etc.
to ensure we can bring on who we need to, when we need to at the speed
they need to be brought on. Virtual desktop, I talked plenty about. Capacity services, I’m sure
you guys are familiar with those. Those really and I’m going
to say revolutionized but about, I think it’s been 11 years ago,
we awarded our first contract. They’ve been nothing but successful. We’ve continued to see prices
go down year after year. We’ve continued to see
partnerships amongst industry, amongst the various OEMs on both
the hardware, software side. So I think that’s been a great success and it was interesting and I heard
at the AFRICOM symposium last week, I heard one of our former mission
partners who’s now a vendor say, “DISA has this really great capability.
Here’s how it works.” And I thought, “That’s not what
you said to me a year ago.” But it’s great that
they start to see that now. Maybe there’s an agenda
behind that but I don’t know. But truly, we have seen a lot of economies
of scale and a lot of really big cost reductions across the Department
by implementing this capability. 2.0 Level 6, SIPR side of the house,
we’re working on that right now with our vendor to bring that up which
should be done the first part of next year. Tactical voice services,
I touched on this briefly. We have– We brought this to the Army. The Army as you may know has,
well, the Army has a lot of solutions. I’ll leave it at that. What we’ve really tried
to get to the Army to do is to be able to have them
integrate into the enterprise. In turn, saving all of us money. So I think we finally got traction. We’ve got some really
good pilots going with true tactical
battalions and a brigade. Something that we’ve never done before. We’re able now to communicate through snap
and gate terminals with UC capability. Something that the Army’s
not been able to do. So we are very excited about that and I continue, I’ve got
four pilots right now. I continue to do more. I’m also working with some other parts
of the Department to do that as well. So exciting times for us in that area. milCloud 1.0, even though it was one of our
forerunner in Cloud, it’s been good. We’ve taken the lessons learned
and roll that into 2.2 or in 2.0. So I think about this time next year,
I would expect to see 1.0 be completely decommissioned
and all the capabilities onto 2.0. The CAP I talked about and then
active directory federation services, I also spoke about and how
we’re trying to push that out to support mobility initiatives,
Cloud capabilities, et cetera. This is something that’s
incredibly important, again, for identity credentialing
management. Something that the Department
really needs and something that we’ve
started to develop a little bit more
and really push that out. So with that said, I have
30 contracts right now totaling multiple billions
of dollars that I can’t talk about because they’re in source selection. So with that said,
I’m going to talk about these two. I have two maintenance contracts. One is the CA Software
contract maintenance renewal and then the SKIWeb
and enterprise messaging integration, sustainment integration
which is a capability we’ve had for about 12 years now, I think. So I covered a lot of stuff
really quickly but that’s it. What questions do you have? JIM: What are your plans
for voice cyber security? Especially where your networks
intersect with commercial voice? So great question. We spend a lot of time with Mr. Greenwell and the various parts of the Department
that do provide their own voice services. So what we’ve done in conjunction
with our friends out at the Defense Global Operations
Center at Scott Air Force Base, our AO and then our vendors, what we’ve done is we’ve gone through and built packages and built
network architectures to ensure that we are compliant with the necessary
and monitoring capabilities. So we’ve done that hand-in-hand, I would
say with industry and within the agency but there’s no secret sauce to voice. We have enterprise standard capabilities. We plug and play.
We plug in as needed. We’ve built three standard
offerings to be able to do that. They are all very compliant. Obviously, very monitored and ensure… what we’ve done is ensured through
a series of, I would say, network optimization and/or
research initiatives, really looked at what made sense and how we wanted to build
in those architectures and we built them in obviously
with security standards in mind. JIM: What’s the timeframe
and milestones for decommissioning
the milCloud 1.0 infrastructure? MARTIN: So I don’t have
those on hand right now. What we’ve got is a–
the number one priority is to move for us or to move 1.0 to 2.0. Like I said, I would expect
about a year but I don’t control all of the applications
in that environment. And as you all know, it’s not as simple as just
pressing a button and things move. But what we do have is our folks
or my team is specifically engaged with every application owner
in milCloud 1.0 to migrate them. So I would expect that to be
as soon as possible. But it takes time, right? It all depends on the application
and how it’s built. JIM: Final question, with the OOB privileged user VDI
solution being such a success, is there a plan to roll it out
as an enterprise solution and possibly a DISA-provided
service to the mission partners? How do I answer this without
getting in trouble by my boss? [soft laughter] My intent would be no. We implemented it
for a very specific solution or very specific problem set
and I think we’ve been very successful. I spoke about this at AFRICOM last week. I know there’s tactical units
trying to do the same thing but whether it’s tactical or enterprise,
the costs are unbelievable. So if I have a requirement, if I have a funding requirement
and it truly makes sense, I think we’re happy
to do that as an agency but I think there’s alternative
solutions we can look at. But again, it depends. We’re happy to help, obviously
but at present, I do not personally have a plan to roll
it out and enterprise VDI. JIM: Thank you, Mr. Martin.


Leave a Reply

Your email address will not be published. Required fields are marked *