Henry J. Sienkiewicz Technical Program Director Center for Computing Services 27 February 2009

1. Henry J. Sienkiewicz Technical Program Director Center for Computing Services 27 February 2009 To request an accessible version of this presentation please e-mail monica.fitzgerald@gsa.govTo request an accessible version of this presentation please e-mail monica.fitzgerald@gsa.gov

2. 2 An Operational Perspective Warfighter-centric Legacy & Web 2.0 Internal & external services

3. 3 Center For Computing Services

4. 4 DISA Computing Environment 4,000,000+ users 13 facilities 445,000 sq ft raised floor 34 mainframes 6100 servers 3800 terabytes of Storage 2,800 application / database instances 215 software vendors

5. 5

6. 6 What is �Cloud Computing?� User: Builds a web application, Using a standard platform Using a standard database Upload this application to a cloud provider Cloud provider automatically Provisions the services Scales the application and the database together User Doesn�t care about which servers, which databases, which hardware, how much memory (the cloud platform handles all of that) Users� are totally free away from any technical complexity other than the service itself. Cloud provider Decides how to cache content, how and where to deploy servers based on demand, performs backups, and even has the ability for the business to distinguish "production" from "staging" deployments. Has ongoing management and monitoring of the external service. User: Only pays for what s/he uses when s/he� needs it.� Everything else is an implementation detail.

7. 7 Clouds Complexity With A Promise Of �. Application Flexibility Standardized Increasingly �click to run� services Live in remote Internet data centers Scalable to millions Use shared IT infrastructure Procurement Efficient Rapid Commoditized �Pay by the sip� Security Simplified Streamlined

8. 8 Cloud Types and Cloud Development

9. 9

10. 10 Cloud Types Platform-As-A-Service (PaaS) The delivery of a computing platform, and/or solution stack as a service Facilitates deployment of applications without the cost and complexity of buying and managing the underlying hardware and software layers For example: Web application frameworks Ajax Python Jingo Ruby on Rails Web hosting Proprietary Infrastructure-As-A-Service (IaaS) The delivery of computer infrastructure as a services, typically platform virtualization For example: Full virtualization Grid computing Management Compute Applications-As-A-Service (AaaS) /Software-As-A-Service (SaaS) Leverages the Cloud in software architecture Eliminates the need to install and run the application on the customer's own computer For example: Peer-to-peer / volunteer computing Web application Software as a service Software plus services Database-As-A-Service (DaaS) Leverages the Cloud for delivering database services

11. 11 Creating A �Cloud�

12. 12 Enabling the Cloud Environment Infrastructure Consolidation Global Information Grid Capacity Services Virtualization Rapid Provisioning Facility Analysis Software Network-Centric Services Software-as-a-Service (Saas) Forge.mil Processes ITIL Security (Certification & Accreditation) Computing Service Provider (CSP) Analysis �Greening�

13. 13 Infrastructure

14. 14 Legacy of Consolidations and Savings

15. 15 Network Services

16. 16 Capacity Services

17. 17 Increased server utilization Significant savings Faster provisioning

18. 18 Rapid Access Computing Environment Agile and responsive computing Authorized customers order and gain access to a Server in less than 24 hours Provides flexible development platform for Web, application or database Windows, Red Hat, SUSE Servers in less than 30 minutes MIPR or government credit card

19. 19 Facility Analysis Building site Building controls Electrical systems Exterior structure Operations & maintenance service management Fire protection systems Security system HVAC systems & plumbing Interior structures Much, much more��

20. 20

21. 21 Net-Centric Enterprise Services

22. 22 Software as a Service (SaaS) Counts represent all platforms (IBM, Server, Unisys) Product counts are individual products, some of which function as a software suite Products are licensed individually, but may be inter-dependent Counts represent all platforms (IBM, Server, Unisys) Product counts are individual products, some of which function as a software suite Products are licensed individually, but may be inter-dependent

23. 23 Forge.mil Collaborative environment supporting the development and sharing of open source and community source software within the DoD Limited Operation Availability: January 23, 2009 General Availability: March 27, 2009 Common evaluation criteria and an agile certification process to accelerate the certification of reusable, net-centric solutions Limited Operational Availability: June 20, 2009 On demand application development and lifecycle management tools provided buy DISA CSD on a fee-for-service bases for private project or program use Availability: TBD

24. 24

25. 25 Information Technology Infrastructure Library A customizable framework of best practices designed to promote quality computing services in the information technology (IT) sector. A systematic approach to the provisioning and management of IT services, from inception through design, implementation, operation and continual improvement. Computing Services is a DoD leader in educating its professional staff in information technology �best practices�: Almost 100% of staff educated at the Foundation Level of ITIL concepts 100% Customer Management Executives (CMEs) are certified ITIL Practitioners in Service Level Management Over 100 GS-12 through GS-15s are Practitioners in Incident/Problem Management Approximately 50 key personnel are Practitioners in Change/Release/Configuration Management

26. 26 Computing Service Provider (CSP) Overview A tactical tool that allows DISA to extend enhanced operational capabilities (NetOps) to non-DECC computing center environments. Two primary components: Facility capability assessment Integration of tools and processes to enable NetOps Capabilities Applies a structured methodology to enable service management that ensures Support for centralized visibility into the operation of key systems and services consistent with NetOps operational construct Compliance and risk management under DISA�s IA program Compliance with DoD requirements for computing infrastructure and operations processes appropriate to MAC Level CSP is not a periodic audit/checklist Requires specific process and technical changes to enable NetOps Sustainment requires long-term coordination between DISA, system owner, system operator

27. 27 Certification & Accreditation Various C&A approaches �Traditional� Defense Information Technology Security Certification and Accreditation Process (DITSCAP) Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) DIACAP Emerging Models Landlord/Tenant Application Security Evaluation (ASE) Appropriate approach based on risk identification and mitigation

28. 28 Security Technical Implementation Guide (STIG)  Goals: Intrusion Avoidance Intrusion Detections Response and Recovery Focus Areas: Network/Perimeter Peripherals Operating Systems Users

29. 29 �Greening� DECC Infrastructure Increasing energy costs Increased cooling requirements to support more compact implementations Increased regulatory environment Consolidation Virtualization Duct cooling Variable frequency drives Motion sensor lighting Water reclamation

30. 30 Infrastructure Consolidation Global Information Grid Capacity Services Virtualization Rapid Provisioning Facility Analysis Clouds Complexity With A Promise Of �. User: Builds a web application, Using a standard platform Using a standard database Upload this application to a cloud provider Only pays for what s/he uses when s/he� needs it.� Everything else is an implementation detail. Cloud provider automatically Provisions the services Scales the application and the database together

31. 31