Preparing for JEDI
The Defense Department is moving forward with preparations for an enterprise tactical cloud, says the DOD’s top information officer.
The Defense Department’s Joint Enterprise Defense Infrastructure, or JEDI, cloud effort has been tied up in the Court of Federal Claims since a preliminary injunction was issued in February. And although that has prevented the DOD from implementing Microsoft Azure cloud computing solutions, the department is not sitting idle, according to Chief Information Officer Dana Deasy.
“Cloud for me has always been first and foremost about supporting the warfighter,” Deasy told a group of reporters yesterday during a virtual Defense Writers Group meeting. “And when we got put on hold with JEDI, that didn't mean we were going to stop working on figuring out ways to support the warfighter.”
In September, the department announced it had completed a comprehensive reevaluation of all the JEDI Cloud proposals it had received. The DOD determined that Microsoft's submission remains “the best value to the government,” according to a department statement. The military is waiting to begin contract performance once the court rules on the matter.
Meanwhile, the CIO has been working with the services to prepare the necessary software development and other “prerequisites” to be able to harness the cloud fully across the services.
“The cloud is nothing more than a facilitated environment that allows us to do what really matters,” Deasy said. “And that's going to be the DevOps [development operations], agile development and what you're seeing when you're reading about the Air Force initiative with their OneCloud. They are learning to build software in very different ways, which the cloud very much enables you to do. So, what are we doing right now? We are doing a lot of work with the services on getting them prepared to move their development processes and cycles to DevOps so when the cloud finally does get awarded, we're not starting at day one.”
This effort includes identifying appropriate software tools, integration environments and directories. And despite the delay, the JEDI cloud is a necessary component, the CIO emphasized.
“JEDI is still is going to fulfill a hole in the overall need across the Department of Defense, and that has always been first and foremost a tactical edge cloud,” he confirmed. “We still do not have an enterprise tactical edge cloud. We have clouds that are in place or helping us do many aspects of JADC2 [Joint all domain command and control]. But there's aspects of JADC2, where we are still going to need that tactical cloud out at the tactical edge.”
The CIO also is leading the development of zero trust architecture for the department, working over the last year with a cross-functional team with representatives from the services, the Defense Information Systems Agency (DISA), Defense Digital Service, U.S. Cyber Command and industry. DISA is currently working on drafting a zero trust architecture from the group’s efforts, while the CIO’s office runs pilot programs to experiment with it.
“We actually set up a lab environment and started looking at zero trust concepts, and then we took some small networks inside the DOD and actually put it into a production environment to learn,” he noted. “One of the things that we have been trying to learn is what does it take to actually manage these environments? We could put a brilliant architecture together, but if it's not viable from a management operation standpoint, that's where this stuff gets really hard.”
The pandemic and the need to telework has helped to refocus the ability to apply zero trust to personal devices and remote work platforms, Deasy observed. “So, what we're trying to do right now is take all the lessons learned from those pilots we ran, and take the actual things we are seeing out of teleworking.”
The difficulty, the CIO said, is determining the next steps after DISA releases the cybersecurity architecture, as the department’s great numbers of users presents a challenge.
“We are going to have really hard conversations,” he stated. “Where do we go next? Where do we first try to now roll this out at scale, beyond the work we're already doing in the Microsoft Teams environment. We are still in the early days of discussion as far as where the natural next [steps] would go.
In regard to the disputed Federal Communications Commission (FCC) ruling that granted a license to Ligado Networks, the CIO explained that the Department has not heard anything further from the FCC. The DOD submitted a stay and a request for reconsideration and presented technical data on why allowing Ligado to operate would greatly impede GPS signals upon which the military and civilian rely.
“We provided all the necessary documentation back to the FCC, all the engineering data,” he stated. “We met individually with each commissioner of the FCC and walked through any questions they had, and we have simply not heard anything back from the FCC regarding the stay nor the request for reconsideration.”