Running head: U.S.C.G. ACTIVE DIRECTORY MIGRATION 1

Transcription

1 Running head: U.S.C.G. ACTIVE DIRECTORY MIGRATION 1 Analysis of the United States Coast Guard Active Directory Migration Gregory Crain University of Central Florida

2 U.S.C.G. ACTIVE DIRECTORY MIGRATION 2 Abstract This paper summarized the research performed on the United States Coast Guard Active Directory Migration. The project ran from March 15, 2004 to September 17, 2008 and was designed as an initiative to establish the United States Coast Guard enterprise-wide Information Technology Infrastructure by incorporating Microsoft Active Directory and Exchange. The project ultimately migrated the systems and the resulting scheme maintains over 54,000 users and complies with the Department of Homeland Security and United States Coast Guard Command, Control, Communication, Computers and Information Technology long-term strategic plans. The information gathered was obtained via an interview with Eugene Vogt: Director of Strategic Development for General Dynamics Information Technology, Coast Guard Maritime & Boarder Security Programs National & Homeland Security Division. The interview took place on November 1, 2012 and was the only source of direct information about the project readily available due to the classified nature of government projects.

3 U.S.C.G. ACTIVE DIRECTORY MIGRATION 3 Analysis of the United States Coast Guard Active Directory Migration The United States Coast Guard is one of the five branches of the military (U.S. Coast Guard). Founded in 1790 and originally known as the Revenue Cutter Service, it was born from a suggestion of Alexander Hamilton. Consisting of a mere 10 vessels, its sole purpose was to assist the republic in collecting taxes. Over the years the Revenue Cutter Service naturally took on other roles as the nation matured. The Revenue Cutter Service expanded its horizons to include policing the seas, protecting national assets, and patrolling the seas to rescue those in need (Havern). In 1915, the Revenue Cutter Service merged with the United States Lifesaving Service and was renamed its current title: the United States Coast Guard. In 1939 the United States Lighthouse Service was amalgamated into the Coast Guard, followed by the Steamboat Inspection Service in 1946 (Havern). After several consolidations, mergers, and transfers, the United States Coast Guard as we know it today exists as a sector within the Department of Homeland Security. Consisting of nearly 42,000 active duty members, the Coast Guard has 11 missions: Ports, Waterways, and Costal Security Drug Interdiction Aids to Navigation Search and Rescue Living Marine Resources Marine Safety Defense Readiness Migrant Interdiction Marine Environmental Protection

4 U.S.C.G. ACTIVE DIRECTORY MIGRATION 4 Ice Operations General Law Enforcement The United States General Accounting Office is responsible for determining accountability within government offices. It often performs investigations to ensure that policies in place are being practiced. In December of 2000, a report was filed against the United States Coast Guard. The goal of the United States Coast Guard Information Technology sector, as with any Information Technology division, is to deliver the right information to the right people at the right time (United States General Accounting Office, 2000) and in order to do that they must indentify and address operational problems with agency wide implications. The report goes on to state that the United States Coast Guard s Information Technology policies, procedures, and practices in the areas of investment management, architecture, software acquisition and development, information security, and human capital were compared to applicable laws, regulations, federal guidelines, and industry standards in accordance with accepted government auditing standards. It was determined that while the United States Coast Guard had many of the important Information Technology management policies and procedures in place, it consistently failed to adhere to them. The following recommendations were sent directly to the United States Coast Guard Commandant: Investment Management Develop written procedures to guide IT Investment Board operations Establish an IT oversight process that compares actual cost and schedule data with original estimates for all projects to determine whether investments are proceeding as expected and to take corrective actions as appropriate

5 U.S.C.G. ACTIVE DIRECTORY MIGRATION 5 Establish a comprehensive inventory of IT assets that includes up-to-date cost and schedule information Establish a process for analyzing, validating, and prioritizing the costs, benefits, schedules, and risks associated with all IT investments Develop and oversee a comprehensive IT investment portfolio. Information Technology Architecture Ensure that all system investments are compliant with the IT architecture Ensure that legacy systems integration processes are effectively implemented across the agency Software Acquisition and Development Initiate software acquisition process improvement efforts to address weaknesses in requirements development and management, and acquisition risk management Initiate software development process improvement efforts to address weaknesses in project planning, project tracking and oversight, quality assurance, and configuration management. Information Security Implement a complete, effective security awareness program Ensure that systems risk assessments and accreditations are completed Implement appropriate corrective actions on vulnerabilities identified during facilities physical security evaluations Implement appropriate corrective actions on the network security weaknesses we identified

6 U.S.C.G. ACTIVE DIRECTORY MIGRATION 6 Develop and implement a centralized mechanism to monitor and enforce compliance with physical security and information systems security policies Human Capital Management Assess the IT civilian workforce to identify knowledge and skill requirements and any gaps Maintain a complete inventory that includes specific Information Technology knowledge and skills Analyze and document the effectiveness of strategies for recruiting, training, and developing Information Technology personnel, and use the results to continually improve human capital strategies Below is a chart taken from the report that better analyzes these problems.

7 U.S.C.G. ACTIVE DIRECTORY MIGRATION 7 Due to the wide variety of tasks the Coast Guard is responsible for, it has a great deal of information to keep track of, something that General Dynamics does best. General Dynamics has been working closely all branches of the United States Military and its affiliates since its founding in 1952, specializing in Marine Systems, Information Systems and Information Technology, Combat Systems, and Aerospace Engineering (General Dynamics). Over the last 50 years, the development of Information Technology has altered all facets of the world, and it is no different for General Dynamics: Once primarily known for providing tanks, ships and submarines to the Department of Defense, today General Dynamics has become a market leader in mission-critical information systems and technologies to agencies across the U.S. government and to allied nations around the world. In fact, the company s Information Systems & Technology group is the largest and fastest growing segment of General Dynamics. General Dynamics Information Technology is one of four business units within General Dynamics Information Systems & Technology group. General Dynamics Information Technology is a provider of mission-focused IT services to defense, intelligence and civilian agencies and commercial customers (General Dynamics). In addition to a strong Information Technology sector, General Dynamics is responsible for a vast majority of Maritime undertakings, having designed several ships for the United States Navy and creating the NASSCO shipyard, the only major shipyard on the West Coast of the United States that carries out the construction and repair of U.S. Navy ships (General Dynamics). It is because of this specialty as defense contractor with prestigious accomplishments in Information Systems and Marine Systems that the Coast Guard chose General Dynamics Information Technology to help address these concerns, upgrade its data processing system,

8 U.S.C.G. ACTIVE DIRECTORY MIGRATION 8 provide a more thorough and resilient backup network, and a means to universally communicate information through the entire nation and beyond. The United States Coast Guard Active Directory Migration is the project proposed to address these problems. The main goal of the project was to complete the tasks recommended to them and to establish an enterprise-wide information technology infrastructure incorporating Microsoft Active Directory and Exchange. This involved reorganizing and consolidating electronics and IT support under a center to be known as the Command, Control, Communication, Computers and Information Technology Service Center. The primary placement of said center was to be in Alexandria, Virginia. The new center was planned to comprise a support center, offering assistance for all maintenance, logistics, and technical issues, using a strong focus on Project Management skills, Systems Development Lifecycle practices, and Information Technology Infrastructure Library methodologies. In addition to the data center and policy updates, the project also involved a data migration from Microsoft NT 4.0 and Exchange 5.5 to Microsoft Server 2003 and Exchange Server This was the most tedious and important part of the project as the scope of this migration was to include the 600+ ships that comprise the United States Coast Guard Cutter Fleet. The project started on March 15, 2004 (Vogt, 2012). Rather than offload the entire project onto the General Dynamics Information Technology sector, the United States Coast Guard worked closely with the team to ensure that the project went according to plan. This is not an uncommon practice, as for the last 10 years General Dynamics has made it a point work hand in hand with the Coast Guard in order to meet changing mission challenges with a high degree of flexibility. The direct orders read as follows:

9 U.S.C.G. ACTIVE DIRECTORY MIGRATION 9 General Dynamics Information Technology is tasked in the support of a tiger team approach by assisting network administrators throughout the Coast Guard. Tiger teams complete the migration process and integrate with the Coast Guard s enterprise forest at the unit level In addition, other tiger team members have been tasked with supporting the cutter initiative by grooming servers, domain controllers and manually migrating cutter workstations Specifically, General Dynamics Information Technology provides technical advice, planning, coordination, scheduling, and implementation of all aspects of the Coast Guard s required migration activities and system support services (Vogt, 2012). As the plan was carried out for an entity of the United States government in conjunction with a defense contractor, many details of the plan are classified. All relevant unclassified data provided was acquired via an interview with Eugene Vogt: Director of Strategic Development for General Dynamics Information Technology, Coast Guard Maritime & Boarder Security Programs National & Homeland Security Division. During the time of the United States Coast Guard Active Directory Migration, Mr. Vogt was employed at General Dynamics Information Technology and was involved in the project. Before that he served in the United States Coast Guard Information Technology sector and is familiar with its inner workings. Mr. Vogt s exact role in the project is not to be disclosed, as it is with the rest of the stake holders; however some assumptions can safely be made. The Project Sponsor is the entirety of the United States Coast Guard. The Department of Homeland Security comprises the Steering Committee; because the Coast Guard is subject to their authority and directly reports to them so they have ultimate say. Due to General Dynamics Information Technology being hired for the project, the Project Manager is someone from General Dynamics Information Technology; yet due to the immense scope of this assignment there were most likely several project management levels with Team

10 U.S.C.G. ACTIVE DIRECTORY MIGRATION 10 Leads spread throughout to keep everything running smoothly and to keep the project schedule. However, the project team consisted of members of both the United States Coast Guard Information Technology sector and employees of General Dynamics Information Technology because both executed the tasks and produced the deliverables for the project. The professionalism and experience of the team kept the project on time and the budget in check over the course of the project, until August 29, 2005: the day Hurricane Katrina made landfall. Rated at a Category 5 when it hit New Orleans, Louisiana, it was quite a force to be reckoned with. Although the project was not completed yet, the United States Coast Guard already had a reputable communications system in place and was fast at work. Due to Hurricane Katrina s devastating impact, the United States Coast Guard was forced to drop ALL projects to work on damage control. Thankfully, the team from General Dynamics Information Technology was more than willing to lend a hand as well: In those first days, General Dynamic Information Technology s team of engineers took the muddy back-up tapes from District 8 Servers, and built a virtual D8 server at Telecommunication and Information Systems Command from spares in days, while our IT engineers deployed to the Alexandria Louisiana Convention Center with Secret Internet Protocol Router Network and Secure Satellite communications. Back at Government Communications Headquarters, a General Dynamic Information Technology technician ran virtually continuous secure Video Teleconferences as Government Communications Headquarters forces converged in this area of devastation to save over 30,000 people (Vogt, 2012). Even after the storm was over, the United States Coast Guard was hard at work rescuing people stranded on rooftops. At one point requiring ten percent of its total units and forty percent of its

11 U.S.C.G. ACTIVE DIRECTORY MIGRATION 11 helicopters, this was the single largest effort in United States Coast Guard history (Price). 5,600 units served, comprised of units from every district, and they put their best foot forward and took on their greatest challenge (U.S. Coast Guard). Even with the magnificent performance, the United States Coast Guard could only minimize impact, and that impact was still massive. It is estimated that 1,300 people lost their lives over the course of the disaster. Over 90,000 square miles of infrastructure was completely annihilated. Millions of gallons of oil were spilled into the gulf. All these factors taken into consideration resulted in an estimated $200 billion in damages (United States Goverment Accounting Office, 2006). Having to stop work on the project was enough to push the project off schedule by months; however many of the systems they had already implemented or were in the process of implementing were lost to the storm causing a setback of several years. The project was officially completed September 17, 2008, more than four years after its starting date (Vogt, 2012). Aside from the setback that was Hurricane Katrina, the project came to completion. At first glance, if one sees that the budget and schedule were horridly off, this project is considered to be a failure. A hurricane is classified as a known-unknown risk because the occurrence of a hurricane cannot be predicted yet there are contingency plans in place should one strike. Hurricane Katrina was no run of the mill hurricane. Meteorologists worldwide consider it a freak of nature, and some go so far as to say it was a perfect storm. The hurricane was projected to make landfall as a category 3 and the United States Coast Guard planned accordingly. At the last minute, the hurricane gained a second breath of strength and swelled into a category 5. The storm itself, as deadly as it was, was second only to its aftermath. The constant rainfall caused the levies to break and flooded the entire city of New Orleans. This chain of events is something that has never happened before, and in all likelihood might never happen again due to its unique

12 U.S.C.G. ACTIVE DIRECTORY MIGRATION 12 nature. As such, this risk should be classified as unknown-unknown. Considering that the rest of the project went without any hiccups, and the final deliverable was a fully functional system that meets all the requirements of the project, this is a special case in which depending on who is doing the analysis the project can only be classified as a challenged project.

13 U.S.C.G. ACTIVE DIRECTORY MIGRATION 13 Works Cited General Dynamics. (n.d.). Retrieved from General Dynamics : Havern, C. B. (n.d.). U.S. Coast Guard: A Brief History. Retrieved from U.S. Coast Guard History: Price, S. (n.d.). A Bright Light on the Darkest of Days: The U.S. Coast Guard's Response to Hurricane Katrina. The History Channel. (n.d.). Hurricane Katrina. Retrieved from The History Channel: U.S. Coast Guard. (n.d.). Retrieved from U.S. Coast Guard History: United States General Accounting Office. (2000). Information Technology Management: Coast Guard Practices Can Be Improved. United States Goverment Accounting Office. (2006). COAST GUARD Observations on the Preparation, Response, and Recovery Missions Related to Hurricane Katrina. Vogt, E. (2012, November 1). Director of Strategic Development for General Dynamics Information Technology, Coast Guard Maritime & Boarder Security Programs National & Homeland Security Division. (G. Crain, Interviewer)