Putting The Cart Before The Horse

Winchester, VA – September 9, 2019: This last week the Department of Defense (DoD) awarded a multi-billion-dollar award to General Dynamics Information Technology (GDIT) for what is coined as the Defense Enterprise Office Solutions (DEOS) contract. The scope of this contract is to deliver an office suite of applications and services to support DoD users such as email, collaboration tools and productivity software. Modelled around the Microsoft Office 365 experience, the DoD has been in pursuit of a cloud-based solution for several years now, beginning with then DoD Chief Information Officer (CIO) Mr. Terry Halverson. One of the biggest challenges the DoD has when wanting to consume commercial technology is providing the underlying network needed to support such technology. Why is that you ask?

The DoD unclassified network established well over ten (10) years ago is based on a now outdated IPv4 infrastructure that is largely operating on static IP address assignments and routing tables. Domain Name Service (DNS) has historically been used for interfacing with the Commercial Internet, but not used internally for managing dynamic routing decisions. To add to the complexity is the DoD’s lack of inherent trust between their internal agencies, components and combatant commands. The DoD does not work with “one” flat enterprise network like one would expect, but rather an internet of networks peered together through a multitude of firewalls and other security appliances. So, as you might imagine, getting anything to communicate end-to-end and between network enclaves is very challenging and often is met with failure. Cap that off with the fact that the DoD is still running an outdated “client-server” framework for their applications, deploying thick clients on their fielded workstations and laptops, and what we find is a network not ready for today’s trend in consuming commercial cloud like services.

So here comes the current DoD CIO, Mr. Dana Deasy, who is pushing the DoD toward Commercial Cloud type services. We have seen plenty of press surrounding the Joint Enterprise Defense Infrastructure (JEDI) acquisition which is to provide general purpose cloud hosting services., and now with DEOS awarded, it would appear the DoD has put the cart before the horse. There is no evidence that Commercial Cloud type services and technologies will work over a DoD network. Most commercial based technologies designed for datacenter hosting are designed to work over the public internet, which is an open trust network leveraging DNS primarily for making routing decisions and pointing web-based clients to hosted servers. Many commercial cloud hosted services depend on open source browsers such as Google Chrome as their consumer graphical user interface. Even Microsoft with their introduction of Edge is abandoning their legacy proprietary browsers for more open solutions.

With the optics on saving money and improving operational efficiencies, I can appreciate the DoD’s desire to take advantage of the commercial trends being exercised by Fortune 500 companies around the world, as well as some of our State sponsored competitors out there looking to compromise our national security interests; but until the current Defense Information Systems Network (DISN) is upgraded and the overall DoD Information Network (DODIN) flattened to eliminate the multitude of firewalls and private network instantiations that make up the DoD enterprise today, the potential of Commercial Cloud services being successfully deployed over the DODIN will never be realized.