DISA maps out milCloud 2.0
- By Mark Pomerleau
- May 13, 2016
Building upon the success of milCloud, the on-premise cloud solution managed and operated by the Defense Information Systems Agency, the Defense Department is making plans for milCloud 2.0.
That second iteration won’t be built or maintained by DOD, according to John Hale, DISA’s cloud portfolio chief. “We will bring a commercial provider into the [DOD Information Networks, also known as the DODIN] to provide services internally to the Department of Defense,” he said.
Part of cloud’s appeal is its cost saving potential, an immensely important component in the era of sequestration. “By leveraging cloud capability -- both commercial on-premise and off-premise -- we can bring significant savings to the department, and we can also provide a new, agile functionality to our mission partners going forward,” Hale told the audience at the AFCEA Defensive Cyber Operations Symposium last month.
However, even milCloud 2.0 is not the solution for every program. “There is always going to be the need for traditional hosting in a DOD data center,” he said. Certain workloads, such as nuclear command and control, “just do not fit well in a virtualized or cloud model.”
milCloud 2.0 will also affect mission partners as they’ll be billed based upon consumption of capabilities as opposed to a flat rate they pay each month for milCloud 1.0. While Hale expects mission partners will welcome the change, he said his job is to help partners find them the best solutions for their needs. “It may be off-premise commercial cloud, it may be on-premise commercial cloud, it may be traditional hosting, or it may be a mix, depending on what the particular mission needs are,” he said.
Cloud technology also offers benefits for the Mission Partner Environment that supports international combat operations, humanitarian and disaster relief work and cooperative security activities. The cloud technology for that environment “is going to have to be commercial based. We’re not going to be able to do this at, say, a U.S.-only based system,” DOD CIO Terry Halvorsen told Congress in March.
DISA’s plans in the short term include the delivery and enhancement of milCloud 1.0 capabilities to ease mission partner migration. The agency expects to increase automation, develop and deliver cloud access points, revise and evolve DOD's Cloud Computing Security Requirements Guide and provide a clearer path for commercial cloud service providers through the provisional authorizations process.
Hale said milCloud 2.0 will be delivered in two phases. Commercial providers will first be brought into DISA data centers to determine a business model for hosting DOD workloads with an on-premise private cloud. Phase II will include providing capability on classified and unclassified networks. DISA’s long-term plans include evolving the cloud access points into the Secure Cloud Computing Architecture for securing mission applications on commercial cloud services and continuing to improve DOD’s security posture while simultaneously reducing operating costs.
Halvorsen told lawmakers that he hopes for an almost complete cloud environment in five years with private clouds within segments of DOD, private clouds that are just inside DOD, private clouds comprising DOD and other components of the federal government and hybrid public clouds.
Mark Pomerleau is a former editorial fellow with GCN and Defense Systems.