DISA's Maps Stratus Program's Future
The agency delivers the first apps under the cloud program.
The Defense Information Systems Agency (DISA) is delivering the first application under its fledgling cloud computing program known as Stratus.
Stratus is a hybrid, on-premise cloud computing program in the prototypical stages. It is intended to replace milCloud 2.0, which got the ax after DISA Director Lt. Gen. Robert Skinner, USAF, initiated a strategic assessment of programs. Officials looked for best value capabilities and wanted to be introspective and “really honest about how we deliver the best value capabilities to the warfighter,” Sharon Woods, director of DISA’s Digital Hosting and Computing Center, told reporters during a media roundtable discussion at the AFCEA TechNet conference in Baltimore April 26-28.
“When we did that analysis with milCloud 2.0, we determined it wasn’t the best value capability going forward. With Stratus, we already had some basic, underlying on-premise cloud capability in our data centers, so what we did was assess if we could take that underlying infrastructure, uplift it and then continue to add capability.”
DISA officials currently are seeing some early successes and defining the program’s future, Woods reported. “We’ve had a lot of success migrating different applications into the Stratus environment. We’ve also had a lot of new interest beyond customers who are looking to get out of the milCloud 2.0 environment. And we’re in the process right now of developing the roadmap going forward, continuously adding and iterating capabilities.”
DISA is going through that process now based on customer priorities because of an infinite number of capabilities they could incorporate. “We have both the NIPR and SIPR accredited environments, and we’re working with customers actively to see which potential requirements are most important to them,” Woods stated, using shorthand for the Non-secure Internet Protocol Router Network and the Secret Internet Protocol Router Network.
Like other DISA programs, such as the Thunderdome zero-trust solution, Stratus will use an iterative development process, potentially under an other transaction authority contract that allows for greater flexibility and innovation.
“I think we’re going to be rolling out more capabilities quickly and iteratively over time. From when we announced Stratus, we continued to add capability to it,” Woods said. “It’s a good foundation, and we’re already iterating just in the last couple of months in terms of adding capability around automation, around self service, around ordering and utility building and all the things that you would expect with commercial cloud.”
Stratus includes two pilot programs, one to integrate secure software development processes known as DevSecOps, the other involving Kubernetes containers. Kubernetes is an open-source system for automating the deployment, scaling and management of containerized applications, according to the Kubernetes website.
Woods describes Stratus as a constellation of capabilities. “Part of one of the constellation of capabilities around Stratus is our pilot for containers as a service. It is fundamentally a hybrid capability,” Woods explained. “When you think about Kubernetes and containers, most often people associate that with commercial cloud, but it does need servers to run on. So, what we have done is take Kubernetes containers and put them on-prem in DISA data centers.”
The reason for that, she added, is that not all mission partners are ready to move into the cloud right now. “So we started with web servers … and we’re actually in the process of prototyping our first customer right now—we started in November.”
Woods touted the security benefits of the container-as-a-service approach. There are a lot of cybersecurity benefits in containers and hardening that you get right out of the box.”
That first customer effort involves a time and attendance system application. “It’s a great starting point because time and attendance, or anything around the business logistics arena, it is very important to have the right web interface. That’s the first one out of the gate, and we’re right in the middle of it,” she offered.