Email this Article Email   

CHIPS Articles: NMCI Update

NMCI Update
By Joseph Cipriano - July-September 2001
Connecting Technology (CT) Spring 2001, May 15-17, 2001 had the honor and pleasure to have Mr. Joseph Cipriano, PEO-IT as a guest speaker. The following is edited from Mr. Cipriano's presentation at CT.

Introduction

I'd like to talk to you about the progress we've made with the Navy Marine Corps Intranet in the last year. The Department of the Navy Chief Information Officer (DON CIO) likes to talk about re-purposing our networks as Navywide assets. Previously we treated networks as local assets — assets under the control of a command or a group of commands. The first thing we did was re-purpose that thinking a network is really a Navywide asset and how we should best use it should be determined by the Enterprise although it still must satisfy the needs of all the local users.

Bandwidth on Demand

For a period of time, the Navy had been unable to access access information. We were prevented from doing things we knew we could do, and using applications that we had developed for a Web environment because we did not have the bandwidth to support them. Our first attempts at Web-enabling applications were not very successful; in large part this is still true today. Typically, this is due to bandwidth limitations and problems with routing information to support Web-enabled applications.

We had to eliminate this as a restriction because as we started to look at the business issues of what it costs to provide information technology (IT) to individuals, we found that the cost of bandwidth was about three to five percent of the total cost.

One way to make decisions faster and solve problems faster is to make knowledge available to our folks wherever that might be, and NMCI makes this possible — the availability of information, databases and applications wherever you might be.

Improved Communications

We believe in doing these things — making these resources available — we would make life better for our Sailors, Marines and Civilian employees, and in doing so would support the DON transition to an eBusiness model — again for the purpose of faster, better decision making capability. The network that provides end-to-end connectivity consists of four pieces — the Navy Marine Corps Intranet, which is the newest piece to be added, the IT-21 network and the Marine Corps Tactical Data Network and NMCI OCONUS.

These four networks together are part of a larger one — providing desktop-to-desktop connectivity to the warfighter worldwide. NMCI is largely taking care of the shore infrastructure. We have an NMCI contract and an NMCI concept and they are not exactly the same. The NMCI contract, which is what most people know about and have heard about, deals with implementing this concept within the continental United States (CONUS) and some overseas locations (OCONUS). It provides information as a service from desktops to the ends of piers, where it connects to ships in port and to teleports to communicate with deployed ships and deployed Marine units via satellite.

Program Goals

The goals we set for this program are to improve information security, to improve interoperability, to enable information superiority and optimize the cost per unit of service across the Enterprise. When you optimize the cost per unit of service it doesn't mean that you are going to save money necessarily — it really means that you are going to be able to buy more information and more access to information at the same cost as you were spending before — and that was our objective.

We wanted to provide more information to more people without increasing the amount of money we were spending on IT. We have been seeing a steady increase in those costs over the last several years and we could see that it would continue to increase to infinity if we didn't do something to make it fit in a value model for DON business.

There were certain requirements that were put into the contract that are being implemented to ensure that we would be interoperable with the joint warfighter. In addition to those requirements, we have the Joint Information Interoperability Test Center [JITC], independently testing the interoperability of applications that are used and shared within the Joint Forces. We have made these services available under the NMCI contract to all the services.

Desktop CLINs and Service

NMCI doesn't buy hardware; it is purely a service contract. But hardware is used to provide that service and the hardware changes with technology. The NMCI contract is a fixed-price contract where the price is fixed over a long period of time. The service provider picks the technologies that will provide the service at the lowest possible cost because that allows him to make the most profit. If the contractor can satisfy the customer and satisfy the terms of the service level agreement by introducing a new technology he is incentivized to do that.

But people focus on what they see, and what they see for NMCI is just the tip of the iceberg, which happens to be the appliance sitting on the top of their desks. See the figure at right, which shows the descriptions of the line items associated with some of the current desktop appliances. In the next 30 days these may change as technology changes. So if you order a "Red Seat" to be delivered in two or three months from now you may get 1.2 GHz processor instead of an 800 MHz processor. The cost stays the same but what is delivered changes with the market — that is how the contract is written. In addition there is built-in refresh for your new purchase based on where the market is at that particular time so new orders are refreshed over time as well.

Most people would look at Figure 1 and say, "Gee, I could go to Best Buy or Circuit City and buy a computer for a lot less money than that." And that is true — but we aren't buying computers — we are buying service.

With that service we get a set of software. Each of the CLINs for any of the desktop appliances comes with a standard set of software that allows us to exchange information and collaborate. Enterprise licenses for the software products and future software upgrades are included in the seat price.

In addition, there are a number of services that are included in the same seat price — security intrusion detection, encryption, the roll out of PKI [Public Key Infrastructure] and the common access card [CAC] across the DON and the costs associated with that. CAC readers and setting up the new firewalls to implement the stricter security requirements are all included in those basic prices. Wide-area network access on the commercial WAN is included in those prices; the DISN costs are not. The infrastructure cost to support all voice, video and data transmission is included in those basic prices. So as we order voice, all the infrastructure costs are already built into those seat prices, as are the upgrades to that infrastructure over time.

Interoperability with the Joint Forces, enterprise functions such as enterprise help desks, network operating centers (NOCs) and the costs associated with their creation and operation are included in the seat price, as well as the associated hardware and software. The costs for messaging, training for all users, directory services, e-mail, help desk support and tech support are all included in the seat price. The costs of help and tech support are the biggest cost drivers — about 70 percent of the costs are in people.

The savings resulting from an enterprise network come from consolidating services so you can reduce the number of people it takes to maintain and operate the network. The big payoff is when you are able to do that. The capital investment to upgrade the infrastructure on our bases to bring them up to the level necessary to supply service in accordance with the service level agreements in the contract is included in those seat prices.

The figure at right shows the amortized costs of our capital investment over a period of five years. When you examine the size of the capital investments the seat prices begin to look like something you would expect to see at Circuit City or Best Buy. About $44 of the seat price goes to outfitting the piers with fiber and connections so that when our IT-21 ships are in port they will have access to the full range of capabilities and services.

The PKI and security upgrades are $450 of the seat price — security is expensive. The level of security that we are implementing with NMCI is the best available today. If we were to just roll out PKI and bring the Navy up to the existing Department of Defense (DoD) security standards we would have to spend $450 per person to do it, whether or not we implemented NMCI.

The technology refresh, which is built into the seat price is something that is frequently not taken into account because previously we budgeted for it separately. The refreshing of the hardware and the software on a periodic basis — not just the accessories on the desktop but the servers and everything else that is necessary to provide service — is built into the seat price. If you just subtract the amortized costs you are down to $2000 per seat. All of a sudden that price begins to look very good and in fact many people ask, "How could all that be done for that price?"

Impact on Military Personnel

We are impacting our personnel as we implement NMCI and we anticipated this. We were concerned that we were taking away opportunities for sea/shore rotation for our military officers so they could stay current in their skills for rotation back to sea. We have identified a number of billets in the Navy and Marine Corps that have been established and assigned to the NOCs for NMCI in CONUS.

Assignments of officers and enlisted personnel to the NOCs provide an excellent opportunity to get experience and training in the very latest IT that they can use when they go back to sea. They will receive state-of-the-art training and certifications. The contributions they will make to NOC operation as they work and train offset the costs the contractor incurs in NOC operation. We share in the savings of that contribution on a 50/50 share line with the contractor. We believe this is a win-win situation for the DON and our service provider. The proposed locations of the support detachments are collocated with the NOCs in fleet and Marine Corps concentration centers. So they are easy, good places to be detailed to — if you are in an IT billet in the military.

Lessons-Learned

We had a lessons-learned conference for NMCI where we exchanged information among stakeholders about the things we learned as we started to roll out the first implementations of the NMCI. We learned a lot of things. If you look at a couple of the first places to transition, you will see we had trouble staying on schedule in getting to network turnover. But if you look at the last places to transition you will see we were about a month ahead of schedule getting them to turnover compared to what we originally had planned.

We saw a very sharp learning curve as we shared these lessons-learned among ourselves and with our partner — the Information Strike Force (ISF). The DON and our partner, the ISF learned, that both of us needed to do more planning than we originally anticipated when we started. We, on the government side, needed to understand better the inventory of what we had and the kind of applications we had running on our network. The better we understood that, the easier and faster the transitions would go.

We developed new documents to obtain formal agreements between the DON and the service provider. We developed standard contents for those documents to help people make sure they had thought about everything necessary as they began the turnover process. We also ran into the normal types of things that you would expect, for example, discovering asbestos in buildings. We had to remind ourselves that those things were going to be issues — and the sooner we find out about them the easier they would be to deal with. It has been quite a learning experience for us. We have another lessons-learned conference planned in the near future. We will be focusing on lessons relative to the legacy applications and how they transition to NMCI.

Implementation

NMCI implementation progress has advanced rapidly. We very quickly went from releasing a request for proposals to making a contract selection. We started implementation at Naval Air Systems Command (NAVAIR) with assumption of responsibility (AOR) in January 2001. We started test and evaluation in April 2001. We should finish end-to-end testing later this summer. We believe that the testing will continue for some time because this is an enterprise network and until the enterprise is implemented there are aspects of it that you cannot test thoroughly. Right now we are in the process of deciding what should be tested now and what would be better to test later. We expect to be finished with implementation across the Department in October 2003.

The service delivery process starts with a task order issued by someone who wants to order services. The activity is allowed to pick whatever services they need to support their requirements. Then a site concurrence memorandum is developed with both the service provider and the local activity agreeing on how the transition is going to take place in the NMCI environment. For example, part of the agreement could specify how support would occur if there were shared assets — people sharing the network who will not be transitioned to NMCI. Following that is the AOR, where the ISF takes responsibility for operating and maintaining the existing network.

Information is transitioned to the ISF so they understand how the existing network and applications operate. The ISF controls the activity's transition to the NMCI environment. In preparation, the Strike Force will upgrade the local area networks, the base-area networks and wide-area networks. Then the ISF will roll out the servers to create the NMCI server farms, load the applications on the servers and connect the servers to the NMCI NOCs. The ISF will then roll out the activity desktop accessories and finally connect the activity to the NMCI. There is quite a bit of time from when the process starts until the activity will actually see anything different as a result of implementing the NMCI. At this point, we are still in the very early stages of implementation so very few of our activities have actually seen the benefits that NMCI can provide.

Test & Evaluation

Out test and evaluation (T&E) plan covers a broad spectrum. It consists of a full range of contractor testing, laboratory testing, equipment system testing and end-to-end testing. The last phase of the contractor testing includes scenarios working with NMCI users to ensure they have the decision-support capabilities to perform their jobs.

After the completion of the contractor evaluation, Operation Test Force (OPTEVFOR) will perform an independent test that will duplicate parts of the contractor's testing plan in addition to they testing they will conduct. Security teams or "Red Teams" will be attacking the network to test the hardiness of the security safeguards in place. JITC will be testing interoperability as part of the T&E plan.

Legacy Applications

The NMCI contract includes the requirement for legacy application access. So if there is a legacy application running on an activity network today, there must be access to that legacy application with NMCI. This has been the most difficult problem to reconcile in getting NMCI rolled out to all locations. This is because of the significant number and variety of legacy applications in use — many more than we anticipated. It required a very disciplined process of characterizing, rationalizing and prioritizing the applications for certification. This entails ensuring the applications can run within the Windows 2000 environment, and if they can't, to find a way for them to operate outside the Windows 2000 environment. The certification process also ensures compliance with the DoD security standards.

If you look at a large business comparable to the DON in size — the business may have 50 to 100 applications to operate — the DON has many thousands. This is not the most efficient way to transition but our folks are working very aggressively to reduce the number of applications with great success.

I would like to give credit to the Space and Naval Warfare Systems Command (SPAWAR) for their leadership in this effort. [Former SPAWAR Commander] Rear Admiral Gauss set an objective of reducing legacy applications by 40 percent and in less than a month SPAWAR realized a 42 percent reduction in legacy applications. They were able to do this pretty quickly just by eliminating redundancies.

The biggest challenge with these legacy applications isn't so much that they operate on different platforms, or the various coding used — we can accommodate that fairly easily. The challenge is that many of them are not compatible with our current security standards. NMCI has been given the job of bringing us into compliance. This has caused us to critically review these standards and perform a cost/risk analysis for achieving full compliancy. In some cases we may study the risks involved and decide to allow transition.

This is a very serious process as we review the risk implications of not meeting full compliancy to the security of the DoD. But we now have the data to make informed decisions as never before. The DISN is already in place and is being upgraded with the DISN expansion program. In addition to the DISN, we have access as necessary to augment our WAN to bring it up to the service level agreements. We have access to the vBNS+ network, which is a very robust network and is already available at many of our locations.

Cost Analysis

As we were working through the budget process to ensure there was enough money in the Navy POM [Program Operating Memoranda] to pay for IT through the NMCI contract, we came up with some very specific data on what people were ordering, what their requirements were, and how much it cost them. We found that some activity costs are significantly higher than others. This is for the activities that have a large number of requirements for classified seats because classified access costs more than unclassified access does. We graphed the the costs and found the average NMCI seat price across the Department is $3,412 per person to provide the IT services outlined above, and includes the amortization of all the fixed investment costs, as well as the services and desktop accessories.

Compare this to $3,851 — the number we came up with in preparation for NMCI when we did our initial business case analysis to estimate the average cost per person for these same IT services across the Navy. We did an "apples to apples" comparison.

Our analysis revealed that if we were to take the average seat cost of what activities are ordering and if we were to add the maximum number of incentives that the contractor can earn — assuming his performance delights 95 percent of our users — he can earn up to an additional $400 per seat. If you add that $400 to the actual average NMCI seat cost of $3,412 — it is still less than we are paying today for equivalent IT services.

After the completion of the base contract when we have paid for all the capital investments — the upgrades to the pier, the new firewalls, and the implementation of PKI and the common access card — we will just be paying the costs of operating, maintaining and refreshing the network. This will reduce the average seat cost another 15 percent. I think we have demonstrated that this is a good business deal for the Navy.

NMCI Benefits

In anticipating the benefits that would come with NMCI we compared our expectations to results from similar private industry programs. We decided we could expect to see improved security, improved quality of service, improved management oversight, improved efficiencies, economies of scale and personnel efficiencies. We now have enough data with NMCI to say with confidence that we are going to achieve the benefits we anticipated. By eliminating all access to the commercial Internet except through one of the NMCI NOCs — we have eliminated our greatest external security risk.

Our greatest internal security risk is our people accessing information that they do not have the authority to have and sharing it with other unauthorized individuals. The best way to deal with this is by the implementation of the PKI and common access card. Consequently, the NMCI will address two of our greatest security threats. To that we added the NMCI Defense-in-Depth network architecture and state-of-the-art intrusion detection tools. Under NMCI we have a truly robust security system — far superior to any we had available in the past.

Quality of service has been a best effort in the past. If you tried to send messages, if the network wasn't too busy the quality of service wasn't too bad - but if the network was busy, service could be terrible. We replaced that kind of a best effort with service levels specified in contract terms in the service level agreements for how long it takes to move packets of information across the country, what the percentage of information loss is in the packets, the availability of the network and much more.

The network is monitored online — people can access information to see how the network for their community of interest is performing or in their theater — if they are a CINC. They can make decisions on how it is being used to improve the performance if they have a special situation by contacting the military personnel in the NOCs. We now have detailed quantitative measures for quality of service and security. For the first time in the government we can measure security quantitatively.

We have improved management oversight and even though we have some very difficult things to do we have more and better information than we ever had before. We know in detail what applications are running on our network, we now know exactly what our security posture is and how to improve it, and we know how much it costs to provide IT services to our people. We can make value decisions that we were not able to make in the past.

We have also seen economies of scale. We expect the cost of providing IT services to actually go down on a cost per unit basis. The savings from this are going to allow us to provide service to 50,000 people, who don't have it today and to upgrade the quality of service for the remainder of the Department.

We know our analysis is accurate because we know precisely where the savings are coming from. They are coming from building a network robust enough to support remote server farms, enterprise help desks and regional network operating centers — these are factors that drive the number of people necessary to operate a network, and people are 70 percent of the operating cost. The savings are real and are consistent with similar efforts in other organizations.

Personnel Efficiencies

As our military members and civilian employees transfer and travel between activities the look and feel of the human interface with IT services will be the same no matter where you go. Access to the NMCI will be through a DON portal; you will be able to customize your own individual Web page for accessing information and applications. This will make your life easier and reduce the need for training as you move from activity to activity.

On travel you can access any NMCI appliance wherever there is an NMCI seat — you won't need to carry anything with you. Since the NMCI contract includes voice, video and data — we can have video teleconferencing (VTC) virtually anywhere from the desktop to more elaborate, higher-definition areas. This reduces travel time and costs as well as the inefficiencies associated with getting a large number of people together to collaborate. The combination of VTCs with collaborative Web-based tools also supported by the NMCI creates an environment that allows faster, better decision-making and problem solving capabilities.

Table 1. Actual Hardware Changes with Market--NMCI Price Remains Fixed. CLIN: 0001AA. Title: Fixed Workstation - Red Seat - $2958.12 per year. Pentium 800 MHz. Provides performance for use with 2-D and light 3-D graphics or engineering related applications, applications that require additional processing capability.  CLIN: 0001AB. Title: Fixed Workstation - White Seat - $2863.68 per year. Pentium III 733 MHz. Ideal for the typical user of Microsoft Office Professional Software. CLIN: 0001AC. Title: Fixed Workstation - Blue Seat - $2788.08 per yaer. Celeron 566 MHz. Provides adequate performance for daily office productivity applications. Ideal for administrative functions. CLIN: 0001AD. Title - fixed workstation - thin client - $2335.92 per year. CLIN: 0002. Title: Portable seat - $3699.00 per year. Dell Latitude C600. Provides excellent performance for office productivity software. Supports users needing remote access to NMCI. Enables high-quality presentations while on travel.
Table 1. Actual Hardware Changes with Market--NMCI Price Remains Fixed.

Table 2. Selected amortized costs of NMCI seat costs include costs which are amortized over the life of the contract. White seat cost: $2864 per seat per year. Pier cost: $44 per seat per year. PKI/Security Upgrades: $450 per seat per year. Technology refresh $370 per seat per year. White seat less amortized costs: $2000 per seat per year. Economics of scale drive down cost per unit of service.
Table 2.
Related CHIPS Articles
Related DON CIO News
Related DON CIO Policy

CHIPS is an official U.S. Navy website sponsored by the Department of the Navy (DON) Chief Information Officer, the Department of Defense Enterprise Software Initiative (ESI) and the DON's ESI Software Product Manager Team at Space and Naval Warfare Systems Center Pacific.

Online ISSN 2154-1779; Print ISSN 1047-9988
Hyperlink Disclaimer