DISA CIO: Cloud Computing ‘Something We Absolutely Have to Do’
Cloud computing has its share of naysayers, no doubt, but John Garing is not among them.
Garing, CIO of the Defense Information Systems Agency (DISA), believes cloud computing will be a driving force in the Department of Defense (DoD). In fact, Garing says that although he shares some of the concerns espoused by the IT media (such as the danger of hosting multiple applications on a single platform), he, personally, is more than optimistic, calling cloud computing “something we absolutely have to do.”
“We have seen what … Amazon [and] Google have done, and it seems to us that there is a need for that,” he explains. “For example, if you deploy a force somewhere in the world for disaster relief … or a special operations team, they ought to be able to connect to the network like you or I can from home, and bring together or compose … the services and information they need for what they’re doing at that particular place and time, rather than have to connect to a bunch of applications.”
Step 1: RACE
The first step in this journey kicked off on Oct. 14, when DISA’s RACE (Rapid Access Computing Environment) infrastructure went live. RACE is a shared services cloud that gives DISA customers on-demand, self-service access to developmental testing resources. Although RACE is located entirely within DISA’s walls, customers still get the public cloud experience with a Web portal, 24-hour-a-day availability, a service catalog and a credit card payment option. RACE supports applications built on either the LAMP or Windows stacks.
Like most cloud computing initiatives, efficiency and cost-savings were big drivers of RACE. Garing says the ability for users to compose services in minutes and pay for the testing infrastructure only as they use it is a better option than the “elaborate process” of writing a funding document, doing an interdepartmental requisition for funds transferred and so on. A week ago, he saw someone experimenting on RACE provision a Web site and do the funds transfer in only 7 minutes. “That’s pretty impressive for the Department of Defense, or the federal government,” he jokes. “Seven months would be more like it.”
In terms of cost, Garing believes the cloud model must be “a whole lot cheaper than the way we do business traditionally” because it helps avoid a large capital investment. The old acquisition model includes over-provisioning infrastructure for each application to meet uncertain demand, resulting in untold quantities of idle resources. Additionally, Garing says, DISA has a full cost recovery policy for IT expenditures. With a five-year straight-line depreciation period and two-year average contracts, DISA’s users do not have much time to recover their costs. With RACE, however, all they have to do is turn resources on and off in DISA’s datacenters.
Alfred Rivera, director of computing services for DISA, says the foundation of RACE is the agency’s capacity on demand initiative. The physical resources for RACE are located in DISA’s datacenters, but it has entered into contracts with various vendors to buy capacity “by the drink,” with the vendors retaining capital ownership of the boxes. He elaborated that this is a “joint capacity” relationship where DISA manages capacity utilization in support of its customers, and the vendors ensure DISA has the capacity to meet its growth demands.
A second-order effect of the cloud initiative, says Rivera, is the ability to put in place a standard, homogenous architecture, which further reduces costs and complexity. Garing says the traditional procedure is that customers go to Rivera’s Computing Services Directorate to host their applications, and are charged for the services they want. However, he added, configurations vary greatly depending on which division is develops the applications and which contractors they choose to work with. With RACE, he says, departments need to specify with contractors that applications must conform to either LAMP or Windows.
This being the DoD, however, it should come as no surprise that performance — specifically as it relates to agility and speed — also is of the utmost importance. Garing says that because the DoD cannot always predict where its forces will be deployed, or for what purpose, the agency needs a platform that can deliver on these characteristics. “It’s all about the war fighter,” he stated. “Everything is about the war fighter and those other people at the edge who need to have information to do their jobs.” The cloud model will edge users to focus their talents on innovation rather than on worrying about storage, databases or computing power, he added.
Just a Testing Environment… For Now
Although RACE is strictly a development and testing environment for the time being, DISA definitely has bigger things in mind. “It’s the germ upon which we will grow this more important cloud, this platform,” says Garing.
Rivera says DISA is taking “baby steps” right now, addressing near-term issues like security while moving “very carefully” toward new architectures, technologies and uses to support departmental customers and war fighters. On the agenda, once security is hammered out and a seamless transition plan is in place, is rolling out a production environment. Infrastructure-wise, Rivera says the end game is “a finite architecture that is homogenous,” which probably will include Solaris support for war fighters, and an IBM presence.
He added that DISA also is looking to build a “Federated Development Certification Environment” — a foundational set of applications and services on top of which customers can develop edge-type tools for publishing information and getting access to data stores. And although RACE currently is focused on defense support, Rivera says DoD back office support is not out of the question.
Garing agrees, citing increasing pressure and acquiescence to enterprise-type services within the DoD as driving RACE’s use in broader environments. However, he says, any new services will always be under the control of the Computing Services Directorate, and the goal of encouraging standard application types will remain.
Public Clouds: Tempting, but Dangerous
What are the prospects of DISA acquiring resources from a public cloud provider? “I don’t see it happening any time soon,” says Garing.
But that doesn’t mean he wouldn’t like it to. Garing says DISA has talked to providers like Google, Amazon and Salesforce.com, and really likes what it has seen, but one of the strengths of those clouds is that you can’t tell where data is being processed, and “we are not at a level of sophistication where we would accept that.” Possible solutions include carving off part of a public cloud under a .mil domain or having someone build DISA its own cloud (both of which have been proposed and discussed), but that’s not really the point, Garing says. “The dilemma is [that] the strengths of these public clouds are incredible, in my view,” he explains. “To take one of those — an element of it, an aspect of it, a piece of it — and put it inside our firewall would seem to me to start to sub-optimize the benefits of the cloud that you’re trying to use.”
Garing draws an “irresistible force versus immovable object” analogy to illustrate more clearly DISA’s internal dilemma. In this case, he says, the irresistible force is the “incredible thirst for collaboration and information-sharing that Web 2.0 tools and many young people have brought on board,” and the immovable object is security — “and those two clash frequently.” DISA’s job, particularly that of the Computing Services Directorate, is to arbitrate that clash and make good risk decisions, he says. Often times, this means looking at the worst-case scenario and taking a conservative route, because while the agency’s decisions are made inside the Washington, D.C., beltway, the ultimate consideration has to be what kind of risk the operational commander is willing to take.
“It’s like a big, beautiful plum hanging out there [that] we’d like to grab, but it’s like the fruit of the poison vine almost,” says Garing. “You’ve got to be so careful.”
On-Demand Enterprise will follow this look at the Department of Defense’s cloud computing strategy with a piece on how the federal government as a whole might adopt cloud computing technologies.