Defense Enterprise Computing Alfred J. Rivera Director, Computing Services DISA 24 May 2011
Agenda • Enterprise Infrastructure • DISA Computing Environment • DoD Focused Computing • Service Opportunities • Summary 2
DISA Enterprise Infrastructure Full Network Diversity Defense Enterprise Computing Centers Global Content Delivery Nodes (GCDS) Fault tolerance built-in Defense Information Systems Network (DISN) Remote Systems Management Remote Systems Management Critical Application Hosting 14 Facilities • Air Force/Marine Corps/Army Global Combat 4,000,000+ Users Support System (GCSS) • Missile Defense Battle Management (C2BMC) 34 Mainframes • TRANSCOM Global Transportation Network (GTN) • Defense Connect Online (DCO) Command/Control • Coalition Applications (CENTRIXS ISAF) 8000 Operating Environments • Defense Distribution Standard System (DSS) 9 Petabytes of • Air Force and Army Combat requisition, Storage resupply, maintenance and mobility systems • Air Force Transportation and cargo movement 2800 Applications systems Warfighter Logistics • Army/Air Fore/Navy Medical Systems (i.e. Composite Redundant Network Health Care System (AHLTA), TriCare Online) Total Capacity Connectivity • All Military and Civilian Pay and Personnel Systems 2005 2011 • Electronic business and contracting systems 480 GBS 8197 GBS Medical, Pay, Personnel 3 3 Computing and Services power from the Edge back 3
Computing Technology & DECC Evolution 1800% Mainframe Distributed Cloud Computing 1600% Processing Processing Server/Storage Virtualization 1400% IBM & UNISYS platforms Client-Server solutions Services- based acquisitions 1200% Centralized database Internal Storage Area Dynamic provisioning processing Networks (SAN) Percentage Change Utility pricing Full data replication Enterprise resource 1000% (since FY00) Planning (ERP) Remote Management implementations Silos 800% “The Defense Information Systems Agency has Virtual Tape Systems also identified tens of millions in net savings by improving their financial operations.” 600% Sen. Tom Coburn (R-OK) 31 Jan 2011 10% composite computing rate reduction from FY11 to FY12 400% Storage Workload 200% Server Workload Cost 0% -200% 1994-2002 1994-2002 2002-2008 Present 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 Unit cost efficiencies from DISA’s computing in FY10 resulted in an extra rate reduction and a return of $28 million in resources to DISA Customers 4
DoD Capability Focused Computing Target State Current State Dedicated Resources – Resources are Cloud Hosting Shared computing resources that enable aligned to more static operations Foundation elastic response to demand spikes Data stores tightly coupled with Shared data stores, separate apps from applications data, enable accessibility & deep search Development and test hosting environments inconsistent with end- Dynamic resource scaling state production hosting Data and storage coupled with Global Meshed Computing across Dept. Interoperability applications – limited interoperability resources – dynamic metro pairing across functional areas Baked in resilience with geo-redundancy; Limited point-to-point networking predictably adapt to loss of data center capabilities for data movement Integrated with the Network for seamless supporting replication and COOP NETOPs Content delivery globally deployed to Virtualized content delivery across the 61 nodes worldwide globe – applications built into capability Design to the Edge Net monitoring via SYNAPS across Intranet Performance Acceleration (IPA) – NIPRNet and SIPRNet – select apps supporting streaming media MAC-2 designed Content Delivery JWICS implementation solution in place Net Storage on NIPRNET and SIPRNET Edge computing / MAC-1 designed Global meshed computing network designed from the edge back 5
Enhanced Global Availability • Computing strategy going forward must focus on the view from the deployed end user: “DECC in a CONUS / Bahrain – Mobile “containers” for in -theater processing Can” OCONUS or reachback – Secure “mobile phone” like applets pushed from CONUS or OCONUS infrastructure CONUS / Kabul Shipboard • To maintain optimum “always on” posture, OCONUS design infrastructure and applications for increased mission assurance levels via active “hot” failover configurations Garrison Deployed Tactical Extending from the Edge back Back up Site Active Active Active Site Metro Pair Passive Data loss Backup < 30 mi during failover Current State: Passive Backup & Failover Target State: Synchronous Redundancy 6
DISA’s Cloud Maturity Cloud processing currently On Demand – Self Service limited to x86 virtual OEs OD-SS Available only in RACE T&D State of the Art: currently. To be expanded to Race 7 Minute provisioning P2P. Current production OEs are not Fully automated, self service (manual via Web Self-Service and fulfillment is 24+ interface or auto via API) provisioning of OS, hours (not including application Storage and Network, in multiple geographically environment build) dispersed zones. Capacity Services Plus Broad Network Access Commercial Best State of the Art: Practice Unified and secure access to cloud services via Broad network access is constrained by DOD IA constructs that wired, local wireless or mobile wireless networks delay network access and compartmentalize „zones‟ or DMZs . Self that maintains the cryptographic integrity of service T&D OEs have no broad access at all. exchanges between all active entities (no SSL or TLS proxies) State of the Art Resource Pooling Undeveloped State of the Art: Processing : Virtual OE resources are pooled at DECCs within the constraints Processing, Storage and Network resources are of DOD IA policy arranged into massive and dynamic pools to Storage : HDP technology enables efficient storage pooling support the Cloud offering. The pooled resources Network : Consolidated network infrastructures at DECCs provide network are available for either automatic (demand based) pooling or manual self service allocation. Rapid Elasticity Current OE Size : Manual VMWare change on request State of the Art: Current OE Qty : Manual VMWare provisioning action on Primarily leverages ability to stamp out a large request quantity of standard size OEs very quickly. Oes Planned OE Size : VMWare DRC themselves not designed to dynamically change Planned OE Qty : RACE P2P allocated size Measured Service State of the Art: Resource consumption measurement Use of OEs in Cloud is automatically billed by the for billing purposes is manual, not tied hour. Customer has access to online tools that to actual consumption. No online tools show real-time utilization of cloud resources and that enable real-time or near real-time APIs that enable automatic expansion of monitoring of utilization by customer processing resources to meet both anticipated and unanticipated demand 7
Enterprise E-Mail Service • DoD Enterprise Focus Edg Edg e Ser e • Enterprise Data & Scaling DMZ Ser ver DMZ ver A D A D Mailb Mailb ox • US Army first Serve PAC EUR ox Serve r r Edg Edg e e Ser • DISA Managed Service DMZ Ser ver DMZ ver OGD MECH A NIPRNet A D D Mailb Mailb ox ox Serve • DISA DECC Hosted Serve r r SATX MONT Edg • Fully Redundant; Highly Available e Edg Ser e DMZ ver Ser DMZ ver A D OKC STL A • Globally Distributed Mailb COLS D ox Mailb Serve ox r Serve r Edg • 24 X 7 Operations e Ser DMZ ver A D • NIPRNet first, then SIPRNet Mailb ox SMTP Serve r Edge Edge *@mail.mil DMZ DMZ Server Server Classes of Service Replication • Outlook Web Access (all users) AD AD Additional Mini-Pods • Outlook (business class users) Application supporting Geo-diversity Mailbox Mailbox Level • Blackberry Service (select users) Server Server Replication Each Pod supports 77K users 2010 2010 2011 Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct BUILD/TEST CONUS OCONUS INSCOM HQDA CONUS – Continental US; OCONUS – Outside Continental US; AKO Web HQDA – Headquarters, Department of the Army; INSCOM – Intelligence & Security Command (army); CONUS AD Forest AKO – Army Knowledge Online (AKO); AD – Active Directory; Functional AFRICOM – African Command; EUCOM – European Command; AFRICOM DISA DISA – Defense Information Systems Agency; EUCOM TRANSCOM TRANSCOM – Transportation Command; 8
Recommend
More recommend
