Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Cloud The Military

US Navy Abandons Cloud and Data Center Plans In Favor of New Strategy 68

An anonymous reader writes: The U.S. Navy is not pleased with the progress it has made on data center consolidation and plans to change strategies. "Later this year, we will make an organizational change to our approach to data center consolidation. The Data Center and Application Optimization (DCAO) program office will move from under Space and Naval Warfare Systems Command (SPAWAR) headquarters to under Program Executive Office-Enterprise Information Systems (PEO-EIS) as a separate entity or program office," said John Zangardi, the Navy's deputy assistant secretary for command, control, computers, intelligence, information operations and space and acting chief information officer. The secretary added that over the past three years, the U.S. Department of the Navy had consolidated 290 IT systems and applications at 45 national sites.
This discussion has been archived. No new comments can be posted.

US Navy Abandons Cloud and Data Center Plans In Favor of New Strategy

Comments Filter:
  • by SuperKendall ( 25149 ) on Monday May 18, 2015 @11:48PM (#49723857)

    I guess it must be, let the Wookie win.

  • by lucm ( 889690 ) on Monday May 18, 2015 @11:49PM (#49723859)

    The U.S. Navy is not pleased with the progress it has made on data center consolidation and plans to change strategies.

    I'm sure changing strategies will allow them to make up for the slow progress since the last change of strategy.

    • I'm sure changing strategies will allow them to make up for the slow progress since the last change of strategy.

      As funny as that sounds, that may be part of the reason of the slow progress. All the way at the top, a reorganisation may look splendid, and should on paper improve efficiency and all that. But at the workfloor we all too often are then bogged down by slow decision taking at the intermediate management levels, or just very practical problems that were overlooked.

  • by Karmashock ( 2415832 ) on Monday May 18, 2015 @11:53PM (#49723867)

    ... in awhile.

    First law of computer security is physical security.

    If the DoD loses physical control over their system then they cannot secure them. This looks like folly to me.

    I think DoD consolidated data centers is entirely reasonable and I don't know why they're shifting from that. Being able to hug the server is enormously valuable. If something goes wrong with it, then someone has to hug it. And if it isn't one of your people then that means you're giving access to a third party.

    Considering how interested foreign governments are to gain access to these systems, it would be a mistake to think the cloud system is going to protect anything. We've seen repeated examples of the cloud system failing in security.

    The cloud system is generally more economical. But that is its only virtue.

    As to this notion that the navy has to democratize its tech... the military is not a democracy. What is more BYOD schemes are inherently less secure. If the military doesn't take information security seriously, they are going to get their clocks cleaned.

    Putin for example has shifted the FSB to use typewriters that print on PAPER to secure top secret documents because they don't trust their information security. For the DoD to think they can get away with BYOD schemes, commercial datacenters, and "Democratizing" their information security means they have NO clue the sort of resources being put into breaching their systems. This is madness. Ask the NSA if they'd do any of these things.

    1. The NSA runs their OWN datacenter. They do not sublet.
    2. The NSA doesn't democratize their information security. They dictate it. Within their organization, you comply or else.
    3. The NSA would outright laugh at a BYOD scheme since they don't even let cell phones or mobile computers or thumb drives within many of their facilities much less let their staff run around with god knows what kind of machine that has access to their most critical systems for no reason.

    This is dumb.

    Look, different agencies should be responsible for whatever they understand. If I wanted to run a naval battle engagement, I'd put the Navy in charge of that. If I am trying to secure government computer systems, then I would put experts in that field in charge... give this to the NSA. They know how to breach a system so they know how to secure it.

    • It's not just you -- the article had a quote that makes it seems like there's an unknown sysadmin care bear:

      Culturally, we have to make this shift from a mistaken belief that all our data has to be near us and somewhere where I can do and hug the server, instead of someplace where I don't know in the cloud. This is a big shift for many within the department. It's not going to be an easy transition.

      I don't know about you, but we don't have our racks just standing their on their own ... they're in rows, so y

      • As to hugging, it is an expression. It means can you touch it. Not whether you can literally get your arms around the entire thing.

        Point is that as a sys admin, if I can't touch a server or there isn't someone I trust that can touch the server... then we have a problem.

        Cloud services are fine for non-mission critical low security work.

        But if you're talking about something that is absolutely vital to your organization or contains really sensitive information... no.

        The biggest sellers of data service services

    • by Anonymous Coward

      In the past, the government used private companies for data centers in the past. However, said companies were held up to a level of standards.

      However, these days, very few cloud providers are FISMA compliant, much less compliant with more stringent security protocols. There is also responsibility. Worst comes to worse, a private cloud just goes bankrupt and all that Federal data winds up being handed over to the next buyers of physical servers (yes, there is support to be DAR protection, but not many pla

    • by rtb61 ( 674572 )

      The Navy along with all the other defence forces form the core of major emergency services not just in war but also in national emergency. The Navy along with all the other defence forces need to be able to function upon a manual pencil and paper basis, so that when all else fails in the face of a major catastrophe, they can still function. That means distributed data systems with full manual backup of all essential command and communications structures.

      Consolidating all command and communications data a

      • Completely agree.

        It should be noted that the US strategic air command is moving BACK to cheyenne mountain.

        The military does need to have multiple redundant fail safes.

        As to consolidation... it depends on what you're consolidating.

        Logistics and procurement for example don't need distributed databases. You can centralize that. YES have a backup where someone can just pick up a phone and call an order in manually or by fucking carrier pigeon. But the primary workhorse of day to day procurement and inventory sh

        • by rtb61 ( 674572 )

          For manual systems to work, you have to practice them. Make sure the courier rider is still there, make sure the forms are still there and make sure the boxes of pencils are still there. Basically the military needs to keep manual systems going because when all else fails, part of their function is to remain functioning. Military transport vehicles at their very core should be very reliable, very fuel efficient and be capable of running without electronics. They have the bodies and keeping them busy with p

          • As to combat backups, I entirely agree. However, peace time systems don't need to be that robust.

            That is to say, a system that handles accounting and inventory don't need to be as robust as the system that fires the nukes when you hit defcon 1.

    • The NSA was the first agency I thought of as well, but I thought I might be modded +Funny for even suggesting it. They know security, and they obviously know how to build massive datacenters. Why aren't they building centers for the Navy and Marines that remain under government control? For top military secrets, that seems to make a lot more sense than using commercial datacenters.

      More of those "inter-agency walls" that were supposed to have been torn down under the reorganization of the Department of Ho

      • Organizational walls are a good thing. Keep an open mind. You need tight organizations that can operate independently. The walls are bad when they don't talk to each other but they should be able to operate independently of each other. When you jam everything together you tend to get a one size fits all system which is ultimately shitty for everyone. You can't run the Marines on the same system the NSA runs on... its incompatible. So the idea is to let each department work like its own little kingdom of spe

      • they obviously know how to build massive datacenters

        I wouldn't be so sure about that [datacenterknowledge.com].

    • by LWATCDR ( 28044 )

      It really depends on the system.
      For instance things like logistics aka buying food, cleaning supplies, tools, and so on. could all be done on COTs systems and using public data centers.
      Things like how many SM-2s are down for repair is a different issue.
      And then keeping things separated is yet another issue.

      • I disagree because you can infer things from what you think are meaningless bits of information.

        Imagine if you were Sherlock Holmes... someone very intelligent, very rational, very knowledgable... and you were handed a long list of seemingly meaningless statistics from the Navy's various requisitions including time stamps, locations, etc. Do you honestly think that someone couldn't infer something you'd rather keep secret from all that?

        Of course they could.

        Which is why the bias should be to keep things secr

    • They figured out a long time ago that it was more efficient and gave better quality results to have one Government Printing Office than ten thousand printing offices - the same logic applies to IT. IT can be both commoditized and customized by qualified individuals - if the Navy needs something special, then the Government IT Office should have to acquire skills to meet the Navy's needs. Intelligence already has specialized IT systems, to handle classification transitions - hire those guys away to the GIT

      • I do agree that there should be a centralized archive of all information open to congressional audit. That said, I am okay it that is only an archive and the active databases are segmented.

        I don't want to hamstring organizations by forcing their day to day operations to flow through a third party just to carry out basic operations.

        I am okay with requiring them to DUMP all data from their system in real time into an archive. But the flow has to be one way. The data goes INTO the archive. The Navy systems wou

    • I don't have a clue as to all the use cases the navy needs a data center for. I really don't.

      But I'm pretty sure a lot of it can be sent into *the cloud* with vendors with decent credentials. I would hope the navy ensures the cloud location and physical security. Maybe they reach an agreement to post their own navy security for particular labs? This is not an usual agreement to have a dedicated physical location for big clients. This happens with corporations. I'm sure the military could get such an agreeme

      • They're using it for a lot of things. And if I breach that system, I can monitor the Navy's activities at the very least. Having lax security is not acceptable.

        And really, I don't think people are appreciating that the level of security required to keep shithead hackers out is not the same level required to keep out state sponsored cyber warfare divisions.

        its like comparing a bank robber with an army battalion.

        You are not giving enemy action even remotely enough respect.

    • Comment removed based on user account deletion
      • ... this is so mindlessly kneejerk that it doesn't qualify as human thought.

        We're talking about who should design secure government computer systems.

        One would think you would admit that the NSA is competent at cracking computer systems. As such, they know how to secure them as well. Which means they're qualified.

        I expect you're an "abolish the nsa" type person? Well, get over it... major countries need electronic intelligence divisions.

        Does the NSA need to be reformed? Obviously. should nothing like the NSA

    • The NSA let Edward Snowden have unlimited and unmonitored access to their secrets, and bad things happened. If you care about security you don't let your secrets out of your control.
      • Ed wasn't working alone... it is quite obvious that he had quite a bit of help from inside the agency from other like minded people.

        Furthermore, he claims he wasn't as low down the totem pole as the NSA claims. It is quite possible he was a senior analyst/agent/operative.

        Regardless, you can't stop someone that has access to your critical systems having access to your critical systems.

        They either have it or they don't.

        You think it will be better with corporate private sector datacenters? Come on now.

  • Dear Mother Navy (Score:4, Informative)

    by hax4bux ( 209237 ) on Monday May 18, 2015 @11:58PM (#49723883)

    It makes me sad every time I read articles such as this. I feel the Navy has been adrift since morse code and torn tape relay were retired. Perhaps it is time for you to reconsider SPAWAR? I often wonder how they help defend the constitution against all enemies foreign and domestic. My last COTAR was obviously a spy for some foreign agency. Anyway... there are many examples of how to make big systems work and none of them are at SPAWAR. COTS can do this, other organizations do this. Why not you?

  • by mveloso ( 325617 ) on Tuesday May 19, 2015 @12:16AM (#49723921)

    Program Executive Office-ENterprise Information Systems (PEO-ENIS). You know, for those Southern folks.

    • we had a time management system called "P.M.I.S."

      colloquially, it was referred to by a few engineers as "P-MIS". "Put your time into P-MIS." "Make sure you've kept up your P-MIS project."

      This quickly caught on and became common vocabulary. The new female VP even used it once in a meeting without thinking about what it sounded like.

      At the same company, we had a policy of naming the PC's inappropriate scatalogical terms.
      During a client training session we were watching an active Wireshark capture without a po

    • mistaken belief that all our data has to be near us and somewhere where I can do and hug the server

      He wants to "do" the server. So you may be right.

  • I thought the military mindset was to stay the course no matter how obviously flawed the strategy is. It's good to see flexibility is no longer a dirty word.
  • Because of limited bandwidth to the cloud from undersea, MOOC students will still face the traditional question of "What am I gonna do in a submarine?"
  • The US Navy are the most intelligent people in all of the United States armed forces. If they tried to accomplish an important national goal, and didn't fully succeed, then they very well should be listened to.

    These people are not slackers. They are the real deal. If they're having trouble, the "cloud" industry needs to listen to them.

    • by johnck ( 782010 ) on Tuesday May 19, 2015 @01:03AM (#49723979)

      A smart person in one field does not always or even often carry that intelligence and understanding to another field.

      For instance, scientists are some of the most intelligent people in all of the United States. But I wouldn't trust the great majority of them to configure a home router securely let alone run off on a tax burning mission to consolidate IT infrastructure and chase down the gold medal in 'How To Do IT Wrong And Blame It On The Technology Instead Of Admit Perfectly Reasonable Ineptitude'.

      I know quite a few people in the Navy, much respect to all of them, but to attribute their ability to take on a task of this magnitude (pop pop) based on their intelligence ranking among the armed forces in its entirety isn't exactly a high bar to begin with.

      • Apples and Oranges. You assume that the Navy does not have trained IT personnel. I believe that was the point. If the Navy can't do it, because they employ the trained personnel to do it, then you should take notice.

        FYI you argument is inane, because you do not know the great majority of scientists. Thus your judgement is meaningless.
  • by Lorens ( 597774 ) on Tuesday May 19, 2015 @12:50AM (#49723963) Journal

    Space and Naval Warfare Systems Command (SPAWAR, in other words "Space War") had a problem fulfilling The Next Generation Enterprise Network (NGEN) contract? I think the Navy Trekkies are in control of the acronym office!

  • The Navy's efforts to consolidate job titles and office names has been a huge success.
  • Well, that reduces the targets for an enemy by 245.

Real Programmers don't eat quiche. They eat Twinkies and Szechwan food.

Working...