When the Defense Information Systems Agency launched its MilCloud platform in 2013, it was the early days of cloud computing.
The initial idea was simple: DISA would provide a platform to embrace commercial cloud services to reduce costs, enhance standardization and increase agility and responsiveness to the changing needs of warfighters.
Now eight years later, Jim Matney, the vice president and general manager for DISA and the enterprise services sector for General Dynamics-IT, said MilCloud 2.0 is about all of that and much more.
“In our case being inside the DoD Information Network (DoDIN) and being inside the DISA ecosystem, all of that hardware infrastructure, the underlying architecture is supported by MilCloud already. That’s why there aren’t transaction fees and bandwidth fees associated with this platform,” Matney said during the DoD Cloud Exchange. “When we look at being inside the DoDIN from a flexibility and affordability cost, it’s a tremendous benefit. Security is a second benefit from being inside the DoDIN. We benefit from the physical security associated with being inside DISA. We have a dedicated internal cloud access point, that’s between the DISA system and our cloud because we are a commercial cloud that’s just sitting inside their facilities. So we have a dedicated line so you don’t have the potential choke points or have to leave the DoDIN to get access to your data. Everything is staying inside the DoDIN infrastructure. That provides that additional level of security that’s above and beyond.”
IL6 cloud likely available this summer
This continued evolution of MilCloud 2.0 includes access to Amazon Web Services that started in February, and the initial approval to offer cloud services with security at Impact Level 6 (IL6).
Matney said GDIT is prepared for all of the security testing evaluation associated with IL6, which will be on the classified side of MilCloud 2.0.
“Depending on the timing that it takes for all of the security testing to be completed, we’re estimating by the middle of this year so summer 2021, that it will be available to customers and mission partners,” he said.
The addition of AWS and the move to offer IL6 services is part of the path GDIT has pursued over the last three-plus years, when DISA awarded it an eight-year, $500 million contract to run MilCloud 2.0 in June 2017.
Matney said MilCloud 2.0 provides military services and defense agencies a path to meet the broader DoD cloud strategy that calls for both “fit for purpose” and “general purpose” clouds.
“The thing about MilCloud and what it actually offers is we look at it as meeting several pillars of the strategy. One of the three that we’d like to be able to talk to is the ease of use,” he said. “Since it’s a contract, it’s already awarded, and it doesn’t require additional acquisition. Users are able to just bring money and get services, what I like to call at the speed of relevance. A mission partner has a need to be able to conduct any cloud services to be able to spin up and support a mission. We’re able to provide services within 48 hours of them being able to get money into our portal. So it doesn’t require additional task orders or the like. So that makes it very convenient and easy to use for our mission partners.”
Easier for mission partners to migrate
Matney said the recent MilCloud 2.0 partnership with VMware is another example of making the platform easier to use. GDIT recently completed a changeover to use the VMware virtualization environment.
“We are listening to our mission partners to make it easy for our mission partners to migrate their applications into our environment. When you look at the virtualization environments, the virtualization platform that many organizations are using is VMware,” he said. “So now it makes it easier for mission partners, the folks who are responsible for those applications, essentially to migrate their application into our environment. It’s a like-for-like environment. You don’t have to refactor. There may be nuances that potentially may come up, but we’ll still test it. But the likelihood that there will be issues associated with that migration effort is a lot less.”
The second pillar is affordability. He said GDIT priced MilCloud 2.0 to be competitive with other cloud service providers.
“It’s pay-as-you-go. So it doesn’t require that significant upfront investment you would need if you’re trying to build out a capability in your own data centers,” Matney said. “The other piece is that it’s secure. Our entire cloud platform has been approved at IL5, which is the highest unclassified rating that you can get for a cloud platform.”
Considerations when moving to cloud
This means a military service or defense agency can go to the MilCloud 2.0 portal with a need, get an estimated cost for a particular application or service and then spin it up within 48 hours of uploading the funding.
“Our pricing as it relates to the compute and storage is cost competitive. We looked across the other cloud service providers to make sure that our costs are competitive with the other cloud service providers. But then we also provide the additional benefits,” he said. “The mission partners don’t have to pay for that bandwidth or the transaction fees. We’re in two locations, Oklahoma City as well as Montgomery, Alabama, and all the applications, all the data that is stored in each of those locations automatically have a disaster recovery capability to the other location that is not at an additional cost to the mission partners.”
Matney said any move to the cloud should take into account several factors and MilCloud 2.0 is no different.
“One of the requirements we have is that everything that comes into the cloud requires you to either show or demonstrate that you have the ability to be able to provide those security services yourself, which means you’ve adjusted them so you can reach into the cloud to be able to do those security scans and the necessary requirements there,” he said. “Or you can leverage what MilCloud offers as a managed services or security services capability that DISA offers. That’s one of the big takeaways, when we look at taking your application, moving it out of your data center, moving it into the cloud, is that security piece who’s doing the scanning and making sure that it stays secure as your overall security posture for your enterprise.”