Successfully reported this slideshow.

Overview of GovCloud Today


Published on

2011 Washington DC Cloud and Virtualization Conference and Exposition presentation 9/8/2011

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Overview of GovCloud Today

  1. 1. An Overview of GovCloud Today<br />Kevin L. Jackson<br />General Manager Cloud Services<br />NJVC, LLC<br />
  2. 2. Cloud Computing<br />Not a new technology but a new approach in the provisioning and consumption of information technology<br />A services oriented architecture (SOA) implemented typically on a virtualized infrastructure (compute, storage, networks) using commodity components coupled with highly automated controls enable the five essential characteristics of cloud computing.<br />Key Concerns<br /><ul><li>Standards
  3. 3. Portability
  4. 4. Control/Availability
  5. 5. Security
  6. 6. IT Policy
  7. 7. Management / Monitoring
  8. 8. Ecosystem</li></ul>Key Benefits<br /><ul><li>Significant cost reductions
  9. 9. Reduced time to capability
  10. 10. Increased flexibility
  11. 11. Elastic scalability
  12. 12. Increase service quality
  13. 13. Increased security
  14. 14. Ease of technology refresh
  15. 15. Ease of collaboration
  16. 16. Increased efficiency</li></li></ul><li>Cloud Computing: Value and Capabilities<br />Time<br />Reduce time to deliver/execute mission<br />Increased responsiveness/flexibility/availability<br />Cost<br />Optimizing cost to deliver/execute mission<br />Optimizing cost of ownership (lifecycle cost)<br />Increased efficiencies in capital/operational expenditures<br />Quality<br />Environmental improvements<br />Experiential improvements<br />
  17. 17. Federal Information Technology Reform<br />
  18. 18. U.S. Federal Cloud Computing Market Forecast 2010-2015Market Media Research<br />
  19. 19. Cloud Spending<br />
  20. 20.
  21. 21.
  22. 22. Decision Framework for Cloud Migration<br />Framework is flexible and can be adjusted to meet individual agency needs<br />
  23. 23. FedRAMP<br />
  24. 24. FedRAMP A&A and Continuous Monitoring<br />Categorize (Low, Moderate, High) cloud service offering<br />Assists sponsoring Federal Agencies to ensure appropriate categorization of data<br />Select and tailor FedRAMP Security Control baseline<br />Assists Sponsoring Federal Agencies in supplementing the FedRAMP Security Control Baseline<br />Document generic controls implementation<br />Joint Authorization Board review and approval process assistance<br />System Security Plan development<br />Third party independent assessment of security control effectiveness<br />Security Assessment Report (SAR) document<br />Plan of Action and Milestones for remediation<br />Refinement until accepted by JAB<br />Continuous Monitoring Plan for the cloud service offering<br />
  25. 25. Continuous Monitoring Deliverables<br />Vulnerability/Patch Management Scanning and Reporting<br />Configuration Scanning and Reporting<br />Incident Response Planning and Response<br />POA&M Mitigation and Remediation<br />Change Management and Control<br />Penetration Testing<br />A&A Documentation Maintenance<br />Contingency Plan Testing<br />
  26. 26. GSA Infrastructure-as-a-Service Blanket Purchase Agreement<br />Lot 1: Cloud Storage Services <br />Scalable, redundant, dynamic Web-based storage <br />Procure and use data and file storage capabilities remotely via the Internet <br />File and object data storage capabilities on-demand, dynamically scalable per request and via the Internet<br />Lot 2: Virtual Machines <br />Scalable, redundant, dynamic computing capabilities or virtual machines <br />Procure and provision computing services or virtual machine instances online via the Internet <br />Remotely load applications and data onto the computing or virtual machine instance from the Internet <br />Configuration and management of virtual machines via a Web browser over the Internet <br />Procure and provision block storage capabilities for cloud virtual machines remotely via the Internet <br />Block storage capabilities on-demand, dynamically scalable per request for virtual machine instances<br />Lot 3: Cloud Web Hosting <br />Web application hosting services in the cloud: scalable, redundant, dynamic web hosting service <br />Procure and provision web hosting service online via the Internet <br />Securely load applications and data onto the provider’s service remotely from the Internet <br />Configuration of Cloud Web hosting services via a Web browser over the Internet <br />
  27. 27. GSA IaaS BPA Awardees and Capabilities<br />
  28. 28. Public Cloud vs. Federal Community Cloud<br />
  29. 29. IC Cloud Computing<br />16<br />
  30. 30. DISA Enterprise Cloud Services<br />Defense Information Systems Agency<br />A Combat Support Agency<br />Reduce Attack Surface<br />Configure securely, automatically<br />Enhance perimeter defenses – defense in depth<br />Drive out anonymity<br />Improved And Safe Sharing<br />Cross domain flows as an enterprise service<br />Evolve directory, identity, and access control to support net-centricity<br />Improved Network C2<br />Improved cyber readiness<br />Improved situational awareness<br />Cyber attack detection, diagnosis, reaction at network speed<br />Increased Operational Effectiveness<br />Increased Warfighter access to required information and services, especially across organizational and security boundaries<br />Increase network flexibility, allowing for rapid response to operational conditions (e.g. Haiti) <br />Increased Information Security<br />Strong cryptographic authentication (PKI)<br />Standardize access policies to enable more consistent access decisions<br />Increase agility and interoperability with the implementation of commercial standards<br />17<br />
  31. 31. Death of the Relational Database<br />The economics of data storage led to the use of content addressable storage, flat storage architectures and internet scaling.<br />Database design, database tuning no longer required with infinite scalability and consistent responsiveness<br />1t<br />18<br />3t<br />
  32. 32. Traditional Analytics<br />Traditionally, lexical searches, filtering or Boolean search attributes are used to reduce data to a “working set”. Analytical tools are then applied to this “working set”.<br />Tools/Analysis<br />Reports/Conclusions<br />All Data Sources / Types<br />19<br />NJVC, LLC Proprietary Data. Do Not Distribute<br />
  33. 33. Cloud Enables Searching All the Data, All the Time<br />Reports/Conclusions<br />20<br />NJVC, LLC Proprietary Data. Do Not Distribute<br />
  34. 34. Hybrid Enterprise<br />Enterprise IT<br />Outsourced IT<br />Cloud Services<br />
  35. 35. Datacenter Operations<br />Manual<br />Automated<br />
  36. 36. Operational Funding Model<br />CAPEX – Buy, Build, Run, Refresh <br />OPEX – Select, manage and monitor IT services<br />
  37. 37. Security<br />Infrastructure-centric security<br />Data-centric security<br />
  38. 38. Conclusions<br />Cloud computing is a technological evolution<br />“Drive for scale” (Internet) and “Drive for cheap” (Commodity components, Extensive automation) and the economics of Moore’s Law (Cheap storage) led to a new business model and a revolutionary economic model<br />Fiscal realities and business model economics are driving rapid government adoption of cloud computing<br />Cloud computing is accelerating in the global marketplace. Government cloud computing is also accelerating<br />Shift from infrastructure-centric to data-centric security is inevitable<br />Cloud computing can also enable significant enhancements in many agency mission areas<br />US Federal Agencies are responding quickly to the “Cloud First” policy<br />If you don’t have a cloud computing strategy in place now, you’re behind the curve<br />
  39. 39. Thank You !<br />Kevin L. Jackson<br />Director, Cloud Services<br />NJVC, LLC<br />(703) 335-0830<br /><br /><br /><br /><br />