IT Modernisation Dr Peter Lenk Chief IT Modernisation Task Force 2
Agenda IT Modernisation (ITM) Vision Implementation Details Status & Implementation Approach and Schedule Conclusions 3
VISION 4
IT Modernisation Vision IT Modernisation will fundamentally change the way the NCI Agency provides IT services: Centralisation of Management Centralisation of IT Infrastructure Provision of services IAW Standard SLAs Defined quality levels Measureable Cost effective 5
Local Resources Local People Local Processes To-Be Current Architecture Situation Networking / Processing / Storage / Core Services People / Processes / Applications Local Resources Local People Local Processes Shared Resources Wide Area Network Local Resources Local People Local Processes Local Resources Local People Local Processes 6
Vision: The End State Three Views Ops Centre Service A Service B One Single Resource Pool Service C User View Administrator View Physical View 7
Operational Benefits Operational effectiveness gains: Increase the availability of IT services Enhance the Business Continuity (BC) Enhance Disaster Recovery (DR) posture Enhance the Information Security posture Increase operational agility & flexibility Universal access to services and data Increase mobility and flexible working Metered usage - transparency of costs Standardisation Levels of performance Training Efficiency gains: Reduce the manpower required to provide & maintain services Better sustainability Reduce life-cycle costs 8
NCI Agency versus Industry Benchmark (2012) 0.1% 3.4% 1.9% 3.3% 12.1% 3.7% 17.7% 37.7% FTEs Building Maintenance Power and Cooling IT Hardware IT Software 79.8% Buildings and facilites Hardware Energy 29.8% 2.5% 7.0% Connectivity BC/DR NCI Agency Personnel Comms Industry (Gartner Benchmark) Assuming 10,000 sq.ft. US data centre O&M costs are dominated by manpower 9
Planning Linkage to Manpower Savings 3500 Agency Manpower Projection 3000 2500 2000 1500 1000 500 0 2016 2017 2018 2019 Total CIV MIL Data Centre Framework, Integration, SMC (WP1) Wave I Wave II Wave III Wave IV 2014 2015 2016 2017 2018 2019 2020 10
Implementation Depends on Three Pillars PEOPLE PROCESS TECHNOLOGY Operational Users ICT is a people intensive business. Finding, attracting, developing and growing the right talent pool within an effective organizational structure is key Effective organizations implement and refine business process to ensure repeatable operational behaviors. The development, documentation, training and implementation of effective processes is a key step in maturing the organization NCI Agency Technology continually offers new opportunities NCI to improve the quality of service and support we deliver to our clients. It is our responsibility Agency as the innovator to bring new technology to improve service to NATO 87% Savings 13% Savings 11
IMPLEMENTATION DETAILS 12
Scope : Geographic > 1000 users 1000 <> 500 users 500 <> 200 users < 200 users 13
10 GbE Internet GW > 1000 users 1000 <> 500 users 500 <> 200 users < 200 users 14
As-Is (Conceptual) Site 1 30+ data centres/server rooms Client Device Consumer Network 2500+ servers of over 100 different types, and becoming obsolete Data Centre/Server Room Client Device Site 2 Multiple operating systems and multiple versions of each Application/project specific resources WAN Data Centre/Server Room Site N Data Centre/Server Room Consumer Network server utilization rates between 9% and 30 % Locally managed Three supported domains Consumer Network NU Client Device NR NS 15
To-Be (Conceptual) Standardised resources Data Centres Local Computing Facilities Access Gateways Consumer Networks Client Devices Resource pooling Centrally managed Two supported domains NU/NR NS 16
Supported domains IT modernisation will make provisions for two networks on different security levels as indicated below Protected Business Network Up to NR In support of majority of administrative business processes; appropriate operational processes; and processes requiring interaction over the Internet. NATO Secret Operational Network Up to NS In support of war fighting processes; processes requiring higher level assurance; and military and political communications. 17
Transition from NATO Secret ON to the Protected Business Network (PBN) Shift of applications from the NATO Secret Network to the PBN. 3 scenarios Application remain on NS Application moves to PBN Application on both networks (different instances) Contractor will be required to migrate both the application and the data (data will be identified by the purchaser). 18
Design Design Objectives Follows a services based approach Traceable requirements implementation Agency provides requirements, constraints Contractor proves through the design: how the ITM services are implemented and how the Purchaser requirements (section 14, SRS) are met In a top-down way (architecture design to detailed implementation design level) Support for ITM project life-cycle 19
Design - Service Based Approach 4 Service Design Packages: Enterprise SMC IaaS Client Provisioning Core Enterprise Services (i.e. Exchange/Sharepoint) Service Design Package addresses: Technical (related to section 14 requirements) Process and Organisation (related to section 10 requirements) 20
Enterprise SMC Design Service Based Approach Core Enterprise Services Client Provisioning Infrastructure as a Service (IaaS) 21
IaaS Centralization/Consolidation Exchange Centralization A48.F5 D5/Viborg D6/Stavanger Consolidate D7/Glons D4/Uedem NATO HQ D1/NORTHWOOD C1 D2 Brunssum Other applicable Applications: D15/Norfolk Mons C2 Core C3 D3/Ramstein - Sharepoint, etc. - Others should be developed with this in mind D12/Lyon D10/Oeiras C4 Lago Patria High Availability Exchange Service D13/Athens D16/Izmir D8/Poggio Renatico D9/Retamares A34.F14-vrn 22
IaaS Centralization non-consolidation A48.F5 D5/Viborg D6/Stavanger But NO consolidation D7/Glons JOIIS D4/Uedem D1/NORTHWOOD JOIIS NATO HQ C1 JOIIS D2 Brunssum D15/Norfolk Mons JOIIS C2 Core C3 JOIIS D3/Ramstein D12/Lyon JOIIS C4 Lago Patria JOIIS D16/Izmir D10/Oeiras JOIIS Multiple instances Of Applications D13/Athens D8/Poggio Renatico D9/Retamares A34.F14-vrn 23
IaaS Non Centralization Consolidation Local Applications D5/Viborg A48.F5 D6/Stavanger D4/Uedem D7/Glons D1/NORTHWOOD NATO HQ C1 D2 Brunssum L e g a c y D15/Norfolk D12/Lyon Mons C2 Core C4 Lago Patria C3 Castlegate D3/Ramstein D16/Izmir D10/Oeiras D13/Athens D8/Poggio Renatico D9/Retamares A34.F14-vrn 24
Security Aspects The implementation will require security accreditation at enterprise and local site level. Security Accreditation efforts are lead by the purchaser supported by the contractor. Security measures are based on the purchaser s risk assessment Security products need to on the approved Product list (http://www.ia.nato.int/niapc) 25
Service Management Concept of Service Operations Centres Initial Service Operations centre in SHAPE (current NCI Agency Service Delivery main location) Alternate location JFC Brunssum as it already hosts Service the Alternate NCC and NCIRC Desk Provision of the Service management tools for the IaaS capability Framework for integration Control Centre with communications and (IT Operations) Core and FAS management elements Includes enterprise Service Desk Technical Management 26 Contractor Support
Proposed Service provisioning model is NATO Owned NATO Operated (NONO) with the exception of outsourced print and scan services (COCO) However the contractor will have life-cycle support responsibility for the O&M elements (by site for 5 years): 4 th level support (HW/SW) Service Charges Sustainment training Contractor support for Life-Cycle Management 27
Life-Cycle Management Based on Total Cost of Ownership (Living document updated during the life-cycle) Breaks down into Cost of Procurement Cost of Implementation Cost of Support Cost of Operation (Manpower) Ceiling of 465 FTE s Contractor NCI Agency 28
ITM Topology NGCS - NCI Mission Networks (DCIS,FMN) NR ITM One-Way Secure Diode NS Gateway(s) IEG Scenario C P102 Incr 1 NU DMZ s PIA (NU) Mail Notification NGO s Emergency Services Internet ANWI Industry Agencies Gateway(s) IEG Scenario B P102 Incr 2 NS enclaves NATIONS National Secret 29
NCI / ITM Overlap (draft) 30
STATUS & IMPLEMENTATION APPROACH & SCHEDULE 31
CP 9C0150 Projects Serial Title 0IS03090 Provide NATO Messaging Service 0IS03091 Infrastructure as a Service and IT Consolidation 0IS03092 Extend, Upgrade and Adapt Fielded Baseline 0IS03093 Provide Unified Communication and Collaboration Services 0IS03094 Provide Web Enabling Services 0IS03095 Provide Information Administration Services 0IS03096 PMIC 0IS03097 BiSC PMO 0IS03098 Geographical Information Services 0IS03099 Upgrade Enterprise Directory Service 0IS03100 Upgrade Information Portal Services 0IS03101 Upgrade Bi-SC AIS Service Management and Control (SM&C) Capability 0IS03102 Information Exchange Services ITM AGS Sigonella 32
CP 9C0150 Authorisation CP 9C0150: Submitted by ACT August 2011 Endorsed by Military Committee January 2014 Endorsed by RPPB 14 February 2014 Authorised by the NAC 21 March 2014 We are nearing the end of the beginning 33
Project Authorisation TBCE submitted to the NOR on 18 June 2013 NCI Agency submitted single TBCE for the scope of ITM, covered in: Bi-SC Capability Package 9C0150- Core Information Services for Command and Control P91 Infrastructure as a Service and IT Consolidation P92 Extend, Upgrade and Adapt Fielded Baseline P101 Upgrade Bi-SC AIS Service Management and Control (SM&C) Capability One project from Alliance Ground Surveillance P191 Extend BiSC AIS Services to the AGS Main Operating Base 34
ITM Implementation approach: Incremental implementation approach by site Priority to establishment of Service Operations Centre, Data Centres and Sites with urgent Hardware replacement requirements Optimized implementation (Time/Cost) Centralisation of services in Data Centres Expect up to 80% centralisation of applications by the end of wave 4. 35
Planning Implementation Road Map Data Centre Framework Integration SMC (WP1) Client Device Framework (WP2) Strategic Consultant (WP5) NCIRC Adaption (WP6) Sole Source NATO HQ (WP4) Wave I Wave II Wave III Wave IV 2014 2015 2016 2017 2018 2019 2020 36 36
Project Authorisation Undergone two screenings with the WGNTEs Estimated Investment Committee authorisation schedule: Introduction 3 April 2014 First discussion 8 April 2014 1 st Stage authorisation early May 2014 WP1 2 nd Stage authorisation end June 2014 WP1 IFB release 1 July 2014 Subject to timely IC authorisations, the NCI Agency hopes, for WP1 (WP2 slightly later): Release IFB by summer 2014; and Contract Award by summer 2015. 37
Planning Implementation Plan Security Operation Centre (SOC): SHAPE (BE) JFCB (NL) Data Centres (DC): SHAPE (BE) JFCN (IT) DC: NATO HQ (BE) Enhanced Nodes (EN): ACT (US) MARCOM (UK) LANDCOM (TU) AGS (IT) EN: JFCB (NL) AIRCOM (DE) JWC (NO) JFTC (PL) EN: NSPA (LU) NCIA (3) (BE, NL, PO) EN: NAEW (DE) Standard Nodes (SN) SN: JALLC (PO) CAOC U (DE) CAOC T (ES) DACC (IT) SN: NSB (3) (DE, IT, PL) DCIM (10) NSPA (3) (IT, HU, FR) SN: NAEW (4) NSTO (2) NDC (IT) NSO (DE) Wave I Wave II Wave III Wave IV 2014 2015 2016 2017 2018 2019 2020 38
ITM Implementation work packages Overall ITM Scope broken down into 5 work packages WP1 Implementation and migration of Back-end Services (Approx 115M ) WP2 Establish a Framework Contract for the Client Devices (Approx 41M ) WP4 Expansion of NHQ Data Centre for the Enterprise WP5 Provide Consultancy Support to NCI Agency. WP6 Adapt NCIRC FOC Alignment of the work packages with proposed procurements 39
Work Package 1 WP 1 - Implementation of Back-end Services WP1.1 Implement Infrastructure and centralisation of applications (Integrator Role) WP1.2 Establish a Framework Contract with the NCI Agency for DC and Nodes equipment WP1.3 Service Management and Control (SMC) tools and equipment WP1.4 Implement Client provisioning services WP1.5 Implement outsourced print and scan services 40
Planning Implementation Road Map Data Centre Framework Integration SMC (WP1) Client Device Framework (WP2) Strategic Consultant (WP5) NCIRC Adaption (WP6) Sole Source NATO HQ (WP4) Wave I Wave II Wave III Wave IV 2014 2015 2016 2017 2018 2019 2020 41 41
Wave I Work Package I Fixed Milestones Achieve Design Acceptance EDC + 20 weeks Establish SOC & DC s IOC EDC + 50 weeks Wave I Sites completion EDC + 78 weeks NCI Agency welcomes reduced implementation timeline proposals, but not extensions 42
CONCLUSIONS 43
ITM Prime Contractor We are looking for a Strong Partner to implement ITM Someone who has implemented similar Projects before Similar scale, scope, multiple international sites For International, Defence, Government, and/or commercial organisations with similar complexities Implementation experience needed in both: Corporation (Prime Contractor, & suppliers), and Key individuals (Project Mgr, Tech Lead, Test Dir, Migration Mgr) Strong Service Management & Control experience to provide: An integrated system that can provide metering and reporting linked to agreed SLAs/OLAs Implementation of ITIL processes 44
4 Major Challenges to Industry Strike right balance between CAPEX and OPEX This is a spend to save activity Most of our OPEX costs are manpower related Abstract, pool and automate Create a single pane of glass Hide underlying complexity Provide flexibility and efficient management Migrate the application space Virtualise Migrate Centralise Work with imperfect information 45
Peter.Lenk@ncia.nato.int Questions? 46