The DON CIO is aware that commercial IT providers have overcome some of the same challenges that the DON is facing. They can provide lessons learned and best practices for current and emerging technologies and business processes. Four commercial IT providers, which provide hardware and software that are critical to DON desktop computing, were asked to share insight on data center consolidation, IT cost-saving strategies and software licensing. The companies sharing their views in these areas are:
With shrinking IT budgets and greater demand on computing resources, federal agencies are seeking to consolidate physical infrastructure while at the same time providing agile compute and storage services to their users. Cloud computing is an industry paradigm shift toward the reduction of data center footprints through virtualization (of compute and infrastructure) and segmentation, as well as the decoupling of data from the 'physical' location of the data center. This offers a means for government executives to address issues of budget constraints and agility of service, while safeguarding data and meeting all information assurance (IA)/certification standards.
The previous trend within enterprise organizations was to construct physical 'data centers' in an on-demand fashion as new applications and services were required. This led to the construction of multiple data centers with siloed applications (and infrastructure) that may serve only a single purpose. In some cases a data center would be a single server sitting in a wiring closet.
Siloed data centers require a tremendous amount of operational overhead and provide very little continuity of operations (COOP) protection. To achieve this goal of COOP, consolidation of infrastructure and agile compute services, federal agencies should begin the migration of services toward a cloud-based architecture that includes compute, network, storage, applications, and management consolidation.
The first step in the transition to cloud services is for federal government agencies to define a strategy, architecture, and solutions for cloud computing and data consolidation. Cisco defines cloud computing as a means to deliver IT resources and services in an abstract fashion from underlying components, with traits of at-scale, on-demand and multi-tenancy. These traits directly contribute to the cost savings (both the operating expenses [OpEx] and the capital expenses [CapEx] sides of the equation) and the flexibility of IT service delivery.
As federal agencies develop a cloud strategy and create their service catalogue, which abstracts the service offering (Software-as-a-Service, Infrastructure-as-a-Service and Platform-as-a-Service) from physical system components, underlying architectural considerations must be investigated. As the application or data is moved into the cloud, the 'data center interconnect' becomes critical.
Proper provisioning of bandwidth, quality of service and security must be implemented from the user locations to the data centers, as well as between data centers, providing secure access to applications and data, as well as replication and mobility of the applications and services.
Cisco is using its data center interconnect solutions both internally and to help other IT organizations meet business continuance and corporate compliance objectives, while offering benefits that include:
• Reducing business impact of any disaster events to help ensure business continuance;
• Improving productivity through enhanced application and data availability; and
• Meeting corporate and regulatory compliance needs and improving data security.
These solutions transparently extend local area network (LAN) and storage area network (SAN) connectivity and provide accelerated, highly secure data replication, server clustering, and workload mobility between geographically dispersed data centers. This enhances business resilience and helps enable application and data mobility between data centers, while maintaining operational consistency.
The Department of the Navy’s referenced directive is a positive step to execute a cost-effective strategy that drives a more efficient information technology infrastructure. DON actions to consolidate all of its networks, while ensuring they are interoperable from ship-to-shore globally, is an industry recognized best practice.
The DON CIO, Mr. Halvorsen, has acknowledged that to maximize the benefits of a data center consolidation initiative, the DON must also tackle the corresponding applications and data in alignment with consolidation efforts. In HP Enterprise Services’ experience, this combined approach generates significant mission and total cost of operations (TCO) benefits. Some recommendations for a successful data center consolidation strategy are:
- Align data usage with mission needs: To Mr. Halvorsen’s point, the DON’s data needs to be discoverable, accessible, usable and trusted. Segmentation of the DON’s data and applications into major usage groups would ensure the right people have access to the right data. A one-size-fits-all approach can be limiting for certain mission needs. Examples of usage groups may include: enterprise-wide, mission or command specific, non-specific, individual/collaboration and external usage.
- Limit and maximize applications: For enterprise and mission data and applications, the Navy should consider rationalizing the applications it’s using on the network to limit duplication in functionality and feature. This would enable the DON to reduce cost and to reduce the complexities encountered during the data center consolidation process. In our experience, alignment of action and governance oversight for this effort with the functional area owners yields benefits in time and cost of application migration.
- Adopt a mission-driven storage platform: For broad-based individual and collaboration data and applications, the DON should consider adopting an enterprise-wide collaboration/storage platform with logical segmentation for community of interest information. Such an enterprise collaboration capability would generate significant warfighter productivity through speed and access. This approach can also lower TCO by limiting data duplication and reducing the number of diverse applications and infrastructure required to access, store and secure the information globally.
- Link-up the funding authority and governance process.The entity charged with overall execution of large scale data center consolidation benefits from continuous, visible accountability to those responsible for overall mission outcomes and funding responsibility. For mission-driven organizations, such as the DON, such alignment ensures the proper balance of effectiveness with efficiency.
The age-old challenge has been and continues to be, how to deliver the right content to the right person at the right time in order to make a decision. Our warfighters deal with this on a daily basis and even have knowledge management cells stood up to address these issues. Organizations need to enable users with desktop and enterprise search capabilities to seamlessly allow discovery across myriad data stores provided by different manufacturers that comply with industry standards of interoperability.
As the product lines evolve, the ability to make data more discoverable and accessible is built from the beginning into many products with the end result a consolidated dashboard, report, or portal experience based on the user’s needs.
The ability to make data available to the end user at any time, and readable on any device is Microsoft’s vision for the future. The Navy’s move to consolidate data centers and manage the infrastructure in a more tightly controlled environment is similar to the approach taken at Microsoft to support one of the world’s largest networks. In order to run our own networks, we have developed tools that support IT operations, virtualization, data center management, identity and security for our online services. These online services, which have gained an industry term of the 'cloud,' bring capabilities to the user which until recently needed to be hosted by individual commands or companies.
Through our partnership with the Navy, many of these capabilities are available today. As the Navy moves forward with data center consolidation, management and virtualization capabilities will be a real key to success.
End-to-end capabilities from data storage and protection to display in a commander’s dashboard; these capabilities are available from Microsoft today to assist the warfighter in making the right decision at the right time.
Adoption of a private cloud Software-as-a-Service (SaaS) model and continued focus on service oriented design and governance are key to accomplishing data center consolidation, service discovery, and providing for a secure operational environment. Four fundamental approaches address these requirements:
- Continue to focus on designing for service orientation. Leverage service oriented architecture governance tools for documentation of SOA assets (services and metadata), service dependencies, and asset discoverability. Focus on reuse of services as enterprise assets. Ensure that requirements for service orientation are part of the acquisition process.
- Leverage industry standards for service interoperability and Web service security. Use tools for monitoring and auditing service interactions.
- Leverage the cloud computing SaaS model to provide a secure foundation for deployment of discrete services, service orchestrations and business processes.
- Use SaaS to provide complete database and shared database services in a Navy private cloud. Reduce number of database versions. Standardize database provisioning, monitoring, audit analysis and security updates. A common infrastructure capable of supporting the demands of online transaction processing, decision support applications and mixed workloads delivers efficiencies for cloud computing.
The former deputy DoD CIO Dave Wennergren (now the DoD assistant deputy Chief Management Officer) said the DoD has to stop building a new IT system every time it wants to solve a problem — systems cost too much to deliver and sustain — and they take too long to build. He recommends system reuse and Web services, among other methods. What are some of the considerations or methods to consider in delivering an enterprise IT service across the DoD or DON? Given the unique national security requirements of the DoD, do any of these IT cost-saving strategies make sense: cloud computing, Software-as-a-Service, Infrastructure-as-a-Service or Platform-as-a-Service? Are there any new strategies for savings on enterprise e-mail services?
DoD agencies need to balance key mission area requirements when they are looking at technology insertion: warfighting, business, intelligence and the enterprise information environment. There are four major areas where an enterprise organization needs to focus when it is considering technology insertion — governance, compliance, business, and finally, underlying technology requirements.
All four of these areas are intertwined and need to be considered when we look at implementing new IT strategies, such as moving applications to the cloud (Software-as-a-Service) or consolidation of IT infrastructure (Infrastructure-as-a-Service or Platform-as-a-Service).
Governance and compliance are two of the most complex tasks to take on when talking about implementation or consolidation of any type of enterprise service. The governance model sets the direction for the life cycle implementation process for that IT service, while the requirements for compliance (certifications and other federal-specific requirements) set the acquisition policy. A balance must be reached between governance and compliance to procure/implement a solution that meets the specific needs of government agencies.
As new requirements and services are developed, the governance model must evolve and adapt to the changing technological and business needs.
When services are moved to the cloud, whether a private cloud within the Navy or distributed in a community cloud (inter-DoD agency), governance plays a major role. Critical questions that need to be asked when you begin this process are:
• Directing: Who will establish the key IT investments and rules for such investments in each agency?
• Controlling: Who controls processes and services critical to mission and strategies within the agency?
Executing: Who participates in the execution of processes for services delivery within the agency?
• Communicating: What horizontal and vertical communications are required, and who is responsible for delivering them within the agency?
• Approving and Establishing Principles: Who will approve and guide the establishment of policies related to decision making?
Once the governance questions are answered, the business and technical requirements need to be examined to ensure that the end-user experience is going to provide similar performance and functionality to that of a locally hosted service. A balance must be struck between these two functional areas as well. From a business perspective, it may appear that the best value would be to maximize consolidation efforts, such as SaaS, IaaS and PaaS; however, the end-user experience could be adversely affected due to technology requirements/constraints (bandwidth, quality of service, security, distance of user to data center, etc.).
In summary, Cisco strongly believes that governance policies are key to enabling cost savings for IT infrastructures to be deployed into the DoD and DON enterprises. Once governance policies are evolved, the DoD and DON will then be able to realize cost savings across the enterprise with currently available technologies such as cloud and IT consolidation.
HP ENTERPRISE SERVICES
A. While there are a lot of different processes, HP Enterprise Services recommends using IT Service Management as a guidebook and a method to manage IT services. A one-size-fits-all approach doesn’t work, but designing the infrastructure once, keeping in mind that the design should be modular so multiple components fit specific requirements, and building in standardization will lower cost and minimize security risk. With multiple DON entities and industry suppliers interacting to produce IT services, IT Infrastructure Library process implementation broadly is required. These methods and approaches drive reuse and consistency in infrastructure, application, data and Web services across an enterprise like the DON.
B. Given the unique national security requirements associated with DoD IT networks, defense users may wish to consider the adoption of a private or dedicated version — or a hybrid model such as HP Enterprise Services offers of these evolving IT business models.
These emerging business models are pay-for-utilization, pay-as-you-go, and limited upfront investment based models. Providers in these capabilities leverage scale, component uniformity, service consistency and pool excess capacity to make the average costs attractive to their clients.
While the DoD as a whole, and most likely, individual services have IT scale at sufficient volume to execute a private version of these models, if commanders share infrastructure control and ownership across organizational boundaries they will achieve reduced TCO. The DoD is large enough in terms of the operations and scale for these models to execute successfully as they have across private industry, but the DoD should consider leveraging and utilizing them as a whole, not four separate clouds or models for each service.
C. Just as with enterprise services, a one-size-fits-all approach doesn’t fit all user needs. One strategy for cost savings on enterprise e-mail services that industry is using, is a Web-based system that allows functions, such as [the] calendar [function], to interoperate with other applications. However, the security and resiliency of these approaches may not always be sufficient to adapt to all classifications of data and mission requirements.
The Navy has been a leader for years in looking for the right mixture of IT innovation to support the myriad of needs from afloat to ashore. From early efforts to Web-enable the Navy — to the largest IT service contract in history — the Navy has been a leader. As the Navy moves towards the Next Generation [Enterprise] Network, it is prudent to consider the options that industry provides today and consider the right mixture of services.
There are many options available, such as hosted unclassified e-mail, Software-as-a-Service, Infrastructure-as-a-Service and Platform-as-a-Service. These choices are not all or nothing but can provide the right balance of on-premise and off-premise hosting. At Microsoft, we believe organizations need and want the flexibility and control to consume cloud services in the ways that best meet their unique needs. This is whether in Navy data centers, with a partner-hosted data center or from a Microsoft data center — and whether in a private cloud, public cloud, community cloud or a hybrid cloud.
Large, complex organizations, like the U.S. Navy, need to take a holistic approach to get to the desired IT and mission benefits from cloud computing across a matrix of these deployment and service models.
None of these models are all-encompassing. Part of the cloud’s unique power is its flexibility. Cloud models are designed to work together, so you can use the right models across an organization, as well as for individual workloads. Microsoft is delivering on that vision today by providing organizations a set of identity, security, management, development and end-user IT services that are common to, and integrated across, the cloud deployment and service models.
Many federal government organizations are looking to the public cloud to deliver ‘utility’ workloads, like messaging and collaboration. However for the Navy, the security and other mission requirements needed to support afloat and forward deployed units require on-premise private cloud solutions.
Moving to a private cloud infrastructure can also decrease server and network sprawl and costs by large margins. Properly implementing a private cloud is a complex task that will require significant planning and cooperation among central IT staff and business/program IT consumers. On-premise private cloud computing is about more than leveraging virtualization technologies. While virtualization has resulted in significant benefits in hardware and data center consolidation, creating a private cloud also requires:
• Centralized monitoring across the entire data center from:
-- server, network and storage hardware;
-- virtualization and operating system layers; and
-- health of the application workloads and the end-user experience in consuming them.
• Automation of both the human and IT system processes.
• Management of these resources as a single, expandable fabric.
• Applications and development tools that truly scale up and down.
• IT service management that [is] measurable for business stakeholders.
At Microsoft, we have deployed these solutions to support our own environment and have deployed them to support the military and other federal agencies by defining and delivering the optimal solution needed to bring maximum efficiencies to each organization.
Cloud computing is a significant advancement in the delivery of information technology and services. By providing on demand access to a shared pool of computing resources in a self-service, dynamically scaled and metered manner, cloud computing offers compelling advantages in speed, agility and efficiency. Today, cloud computing is at an early stage in its life cycle, but it is also the evolution and convergence of several trends that have been driving enterprise data centers and service providers over the last several years.
Cloud computing builds off a foundation of technologies, such as grid computing, which includes clustering, server virtualization and dynamic provisioning, as well as service services and large scale management automation.
Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. Cloud service models include:
• Software-as-a-Service (SaaS). Applications delivered as a service to end users over the Internet.
• Platform-as-a-Service (PaaS). Application development and deployment platform delivered as a service in the cloud.
• Infrastructure-as-a-Service (IaaS). Server, storage and network hardware and associated software delivered as a service in the cloud.
Deployment models include:
• Public cloud. Available via the Internet for the general public to use.
• Private cloud. A dedicated cloud for exclusive use by a specific organization or enterprise. Sometimes called an enterprise cloud; can be on-premise or off-premise hosted by a third-party provider.
• Community cloud. Shared by various organizations in support of a specific community; can be either off-premise or on-premise.
• Hybrid cloud. A mix of the specified cloud models cited above, or the use of technologies selected for their cloud capabilities integrated into traditional data centers.
Public sector organizations are increasingly being driven to improve operational efficiency, share information and integrate processes across operational boundaries while maintaining control over costs. Recently, cloud computing has captured significant attention as both a business model and a computing infrastructure model that enables public sector organizations to achieve these objectives.
Several key factors are driving cloud computing in the public sector including centralized IT management and procurement leadership and initiatives, including shrinking agency budgets through the consolidation of data centers and telecom networks owned and operated by government organizations. Here are some of the key points we have seen in the public sector:
• Cloud computing builds on well-established distributed computing and shared services concepts.
• Data center consolidation is a logical step in the evolution of an organization toward a cloud computing model.
• For public sector, the U.S. federal government’s National Institute of Standards and Technology provided a comprehensive framework to describe cloud computing, including service and deployment models and a framework for the development of cloud computing interoperability and security standards.
There are important differences between the public and private cloud deployment models.
• Operating system (OS) virtualization is not equivalent to cloud computing; it is only one of many enabling technologies.
• Virtualization can be delivered at different levels; service-driven virtualization, rather than infrastructure-driven virtualization, is the most beneficial form of virtualization.
• OS virtualization (hypervisor-based) is limited and deficient because it essentially promotes creating 'virtual silos' instead of physical silos; it therefore does not necessarily deliver the benefits of a true cloud model.
Due to security, integration and cost considerations, customers may be looking at private clouds hosted in DoD data centers or third-party service providers that meet DoD requirements.
• Private clouds offer greater control of security, com¬pliance and quality of service. Private clouds enable IT to maintain control of security, including: data loss and privacy, compliance (data handling poli¬cies, data retention, audit), and regulations govern¬ing data location, and quality of service since private clouds can optimize networks in ways that public clouds do not allow.
• Easier integration. Applications running in pri¬vate clouds are easier to integrate with other in-house applications such as identity management systems.
• Lower total costs. Private clouds may be cheaper over the long-term compared to public clouds, since it means essentially owning versus renting. According to several analyses, the break-even period is between two and three years.
The Defense Department’s Enterprise Software Initiative (ESI) (http://www.esi.mil) has negotiated licenses for commercial software applications for the DoD with enhanced terms and conditions that support the department’s IT objectives and industry best practices for software management since 1998 achieving more than $3 billion in cost avoidance. How is software licensing in your company managed, and do you have any recommendations for reducing software licensing costs?
Federal organizations have made sizable investments in Cisco technology to enable their networks to function as the platform for delivering the full spectrum of data, voice, video, collaboration and mobility services. A key and necessary component in delivering these services is the maintenance of application software, as well as maintenance of the operating system software for the routing and switching infrastructure.
Contract management across a government enterprise can prove to be a difficult and time-consuming task. Across an enter¬prise, many Cisco hardware procurements are awarded each year on various programs and initiatives with associated ser¬vices contract numbers generated in relation to those product orders. Maintaining records of all these contract numbers and keeping track of their various expiration dates can cause frus¬tration and lapses in coverage, putting the maintenance of the network at risk. Furthermore, the government is forced to deal with multiple points of contact for their maintenance needs, and contracting officers are forced to handle multiple procurements each year to renew the contracts — as opposed to handling one large, consolidated contract.
Cisco has developed an Enterprise Services Agreement (ESA) concept that is Federal Acquisition Regulations (FAR)-compliant and uses a services contract multi-year consolidation strategy specifically designed for federal end-users to help them alleviate the above described burdens.
The multi-year consolidation strategy includes a very simple process of consolidating an end user’s existing services contracts into one list with one coterminous contract end date. Pricing is prorated based on the period of performance required to successfully consolidate and co-terminate the contracts.
After the base year contract value is established, Cisco also provides up to four additional option year renewal prices to keep the contracts organized in this manner for future out-years.
The Cisco ESA strategy provides the following benefits to our federal end-users:
• Cost control with fixed pricing over the term of the contract.
• Avoidance of Cisco annual service contract price increases.
• Ability to consolidate service contract procurements, reduc¬ing government contracting costs.
• Easier to budget with predictable cost year after year.
• One vendor controls the contract throughout the option years, providing one single point of contact.
• Ability to 'true-up' on an annual, semiannual or quarterly basis.
• Comprehensive coverage of network software and assets to improve overall network support.
Cisco has implemented numerous ESAs within the Department of Defense and other civilian federal agencies. These agreements have resulted in tremendous cost savings in actual dollars spent, as well as cost reduction gained through process efficiencies. Having an ESA has also enabled federal agencies to accurately plan for budget expenditures and allowed them to leverage the network as a platform to deliver IT services to improve the end-user experience.
HP ENTERPRISE SERVICES
Similar to ESI, HP Enterprise Services manages the licensing and procurement of commercial software at an enterprise level and recognizes the benefits associated with this approach. Additionally, HP Enterprise Services manages its own intellectual property (i.e., software) and offers these types of agreements to its clients globally.
HP Enterprise Services recommends the DoD undertake the rationalization of its ESI licenses biased toward eliminating duplicate or underutilized commercial software applications. In alignment with Mr. Halvorsen’s stated viewpoint, the adoption of a data and application strategy across the Navy will enable a reduction in the number of licenses it currently has and [can] determine which ESI license is needed and who (what user group) needs it.
As discussed, HP Enterprise Services would further recommend the adoption of Software-as-a-Service based models in the appropriate private, public or hybrid configuration to gain [the] potential TCO benefit from idle or underutilized software assets. Ultimately, the DON’s goal is to get to a situation where it is licensing the software users need in a way that ensures the software and applications are secure and available for those user groups who need it. The considerations offered are industry best practices to achieve that goal.
The optimum way for organizations to own and manage software licenses is with consolidated enterprise agreements acquired and managed at the enterprise level, in this case the Department of the Navy, and used throughout the Navy and Marine Corps by users, commands and program managers. This differs from many of today’s practices where license ownership resides within programs, a model that tends to obscure the cost of licenses and creates many divisions of management, which themselves obscure the total picture of license ownership from the organization.
This new model of ’enterprise ownership program use‘ allows government agencies to acquire licenses at the lowest cost by leveraging economies of scale purchasing and receive the most advantage from benefits associated with those licenses. Government agencies then provide licenses to programs as government furnished equipment. This lowers the cost of both license ownership and programs thus creating an asymmetric degree of savings. The benefits are not limited to license cost. With fewer transacting entities, workforce costs are also lowered. And finally, enterprise-wide license agreements allow government agencies to project costs and growth over the FYDP (Future Years Defense Program) and POM (Program Objective Memorandum) cycle to ensure the resources are in place to meet requirements and programs solutions.
Oracle’s approach to our customers is similar to how we manage internally. We have the ability to engineer a solution that will complement the requirements of most organizations. There are a number of licensing options that can be considered to reduce software costs while maintaining the technology integrity required by the environment.
The structure of a solution can be based on total population, infrastructure components, application segmentation and consolidation. The primary success factor to achieving the cost reductions required is to establish policy and governance on 'what, who, when and where' software will be used. To the extent that can be achieved, a license agreement can be structured to drive cost avoidance, eliminate unauthorized procurements and decrease maintenance costs. As important however, is the ability to enable the enterprise with technology that is current, reliable and agile.