DISA Testing Services for the Enterprise. Luanne Overstreet



Similar documents
How To Improve The Defense Communications System

Cyber Situational Awareness - Big Data Solution

Unified Capabilities (UC)

Unified Capabilities (UC)

DoD s Strategic Mobility Vision: Needs & Challenges

Forecast to Industry 2015

What is Unified Capabilities?

DISA and the Evolving DoD Enterprise

Information Assurance and Interoperability

Joint Information Environment Single Security Architecture (JIE SSA)

Marine Corps. Commercial Mobile Device Strategy

DoD Joint Information Enterprise

Space Ground Services in the Joint Information Environment (JIE)

Reliable, Repeatable, Measurable, Affordable

Mark S. Orndorff Director, Mission Assurance and NetOps

Infrastructure Development Forecast to Industry

Department of Defense (DoD) Unified Capabilities Master Plan (UC MP)

Joint Training Enterprise Architecture

DoD Mobility Kim Rice

Enterprise IT. Aligning Strong Solutions, Assuring Enterprise Strength

DISA Acquisition Opportunities

A Combat Support Agency

DEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN UNITED IN SERVICE TO OUR NATION

Partnering with Small Business

DEFENSE INFORMATION SYSTEMS AGENCY P. O. BOX 549 FORT MEADE, MARYLAND Thanks

TABLE OF CONTENTS. Section 5 IPv Introduction Definitions DoD IPv6 Profile Product Requirements...

Big Data Platform (BDP) and Cyber Situational Awareness Analytic Capabilities (CSAAC)

Space and Naval Warfare Systems Center Atlantic

DEFENSE INFORMATION SYSTEMS AGENCY P. O. BOX 549 FORT MEADE, MARYLAND Joint Interoperability Test Command (JTE) 7 Jan 15

Department of Defense NetOps Strategic Vision

DoD CIO s 10-Point Plan for IT Modernization. Ms. Teri Takai DoD CIO

DEFENSE INFORMATION SYSTEMS AGENCY P. O. BOX 549 FORT MEADE, MARYLAND

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C

Mission Partner Concept

A Comprehensive Cyber Compliance Model for Tactical Systems

DoD Mobility Overview

Triangle InfoSeCon. Alternative Approaches for Secure Operations in Cyberspace

Cloud Computing and Enterprise Services

Core Data Center Reference Architecture

Service Oriented Architecture (SOA) for DoD

Network Management and Defense Telos offers a full range of managed services for:

OFFICE OF THE SECRETARY OF DEFENSE 1700 DEFENSE PENTAGON WASHINGTON, DC

DEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN VERSION 2

Army Intelligence Industry Day Foundation Layer Technology Focus Areas

SUBJECT: Joint Information Environment Implementation Guidance

Network Operations (NetOps)

DEPARTMENTOFDEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C

MUOS Program Update. Program Executive Office Space Systems (PEO SS) Navy Communications Satellite Program Office PMW 146

DoD Cloud Computing Strategy Needs Implementation Plan and Detailed Waiver Process

IT Service Management in the JIE and the DoD Enterprise Service Management Framework

What s What Ahead For Architectures in the DoD? Mr. Dav Da e v DeVr DeV ies Mr. Martin Westphal

The Comprehensive National Cybersecurity Initiative

Open Source in the Cloud

US Army Network Security Reference Architecture

Jazz Musician and Educator

4. Objective. To provide guidelines for IS requirements and LCM support under NMCI.

NOV q11. DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTOr D.C

PRODUCT DIRECTOR, ENTERPRISE CONTENT, COLLABORATION, AND MESSAGING

This Conference brought to you by

Mobilizing Business Applications, Efficiently and Affordably

Defense Information Systems Agency A Combat Support Agency. Identity and Access Management (IdAM): Consistent Access to Capability

Access FedVTE online at: fedvte.usalearning.gov

Integrated Cyber Operations Business Portfolio

Operationally Focused CYBER Training Framework

GCMP 2012, Volume I. Defense Information Systems Agency (DISA) GIG Convergence Master Plan 2012 (GCMP 2012) Volume I

Table of Contents. Ezenia Inc. Evolution of Multi-Level Security

DoD IT Enterprise Strategy and Roadmap Department of Defense (DoD) Information Technology (IT) Enterprise Strategy and Roadmap

DoD Strategy for Defending Networks, Systems, and Data

Northrop Grumman White Paper

Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection

Next Generation Enterprise Network: Network Operations (NetOps) Concept of Operations (CONOPS) 7 April 2008

FedVTE Training Catalog SUMMER advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

Cloud Security. A Sales Guy Talks About DoD s Cautious Journey to the Public Cloud. Sean Curry Sales Executive, Aquilent

Missouri Economic Impact Brief US Department of Defense Contract Spending

UNCLASSIFIED R-1 ITEM NOMENCLATURE

Common Operating Environment (COE) and Global Information Grid (GIG) Enterprise Services (GES) Mr. Rob Walker 24 September 2003

FROM THE DOD CIO. Teresa M. Takai, DoD CIO

Enterprise Services to the Edge

FedVTE Training Catalog SPRING advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

NAVAL SEA SYSTEMS COMMAND STRATEGIC BUSINESS PLAN

DoD IA Training Products, Tools Integration, and Operationalization

UNCLASSIFIED R-1 ITEM NOMENCLATURE. FY 2014 FY 2014 OCO ## Total FY 2015 FY 2016 FY 2017 FY 2018

The State of DoD Biometrics

Forge.mil Open Source Collaborative Principles Within the DoD

STATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE

ARL. Laboratory Overview ARCTIC SOF CAPABILITIES WORKSHOP. Penn State. Presented to: Presented by: Mr. Tom Goodall 20 November 2014

DoD s Efforts to Consolidate Data Centers Need Improvement

Leveraging Network Infrastructure to Bring Critical Information to Users

Solutions. Unified Communications Answering the Call for Greater Collaboration and Productivity

APPENDIX J INFORMATION TECHNOLOGY MANAGEMENT GOALS

UNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 8 R-1 Line #50

Collaborative Development & Reuse of Open Source/DoD Community Source Software

CHAIRMAN OF THE JOINT CHIEFS OF STAFF INSTRUCTION

Cybersecurity Delivering Confidence in the Cyber Domain

Network Systems Integration

AFCEA Aberdeen Luncheon. Army Common Operating Environment (COE) Update. March 11, 2015

Advancing the U.S. Air Force Mission

NAVFAC EXWC Platform Information Technology (PIT) Cyber Security Initiatives

MAJOR AUTOMATED INFORMATION SYSTEMS. Selected Defense Programs Need to Implement Key Acquisition Practices

ITA. Improve the Customer Experience U.S. ARMY INFORMATION TECHNOLOGY AGENCY. Greg Garcia. AFCEA Belvoir Chapter Luncheon.

Transcription:

DISA Testing Services for the Enterprise Luanne Overstreet DISA T&E Executive 13 December 2012

Our Mission DISA, a Combat Support Agency, provides, operates, and assures command and control, information sharing capabilities, and a globally accessible enterprise information infrastructure in direct support to joint Warfighters, National level leaders, and other mission and coalition partners across the full spectrum of operations. Our Vision: Information superiority in defense of our Nation. 2

Enterprise Infrastructure Global Connectivity Global Computing Enterprise Services Mission Assurance In collaboration with COCOMs, Services, and Agencies 3

Operate & Assure DNC-CONUS - Scott DISA Alaska DISA STRATCOM DISA CONUS Global Operations DISA Command Center (DCC) - Fort Meade Joint Staff Support Center (JSSC) - Pentagon White House Communications Agency (WHCA) - Washington, DC Legend: DISA NetOps Center (DNC) Network Services/Transport System Management Center (SMC) Computing Services Infrastructure Services Center (ISC) Enterprise Services DISA Field Office DISA TRANSCOM DNC-EUCOM Network Assurance Analysts/Teams SMC-Oklahoma City SMC-Ogden DNC-NORTHCOM Field Security Ops Activity SMC-Mechanicsburg SMC-Montgomery DISA EUCOM DISA AFRICOM DISA Korea DISA Japan DISA NORTHCOM ISC-Columbus ISC-St. Louis DISA Okinawa DISA Guam ISC-San Antonio DNC-PACOM DISA PACOM DNC-CENTCOM (MacDill and Bahrain) DISA CENTCOM (Baghdad and Kabul) DISA SOCOM DISA SOUTHCOM Networks Computing Enterprise Services Information Assurance Infrastructure 4

Mission Assurance Enterprise Infrastructure Reduce Attack Surface Improve Network C2 Improve Safe Sharing Web Content Filtering Whitelist at NIPRNet Boundary Email Security Gateway Enterprise Sensors Host Based Security System (HBSS) Demilitarized Zone Identity Management Cross Domain Information Sharing 5

What s Ahead Current Capability Future Hundreds of Data Centers Divergent Voice, Video, and Data Services Data Center Consolidation Unified Capabilities Small Number of Shared Data Centers Integrated Voice, Video, and Data Real-Time Collaboration Service Oriented Security Enterprise Security Architecture COCOM Oriented Security Blackberry and Cell Phones STIGs Security Technical Implementation Guides Mobile Technology Cloud Broker/Cloud Computing Tablets, Application Stores Security Requirements Guides Agile, Secure Service Environment Many IT Infrastructures Joint Information Environment Single DoD IT Environment 6

Paradigm shift to Cloud Services Services are developed and integrated to support missions Common services are consumed Enterprise services are centrally managed Consolidation of resources decrease human services More capability monitored with less resources due to reduced footprint Better S/A and faster C2 increase Cyber management Consistent & consolidated architecture Commonality and UC promotes reciprocity in security and interoperability Rapid scaling and Onboarding of new users Enterprise Infrastructure Central Management Consolidated Architecture Acquisition strategies are changing the profile of T&E Customers 7

Customer Profile FY07 & FY10 Other (89) 11% Other Fed (41) 5% Combatant Cmd (67) 8% USA (98) 12% USN (106) 13% JITC Customer Profile from FY10 DISA is now 23.6% of the Business BTA, MHS, and NSA begin their business transformation into enterprise solutions, which totals 35.2% T&E in FY10 was still focused at a program level. Other DoD (167) 21% Joint Staff (17) 2% DISA (93) 11% USMC (36) 4% USAF (104) 13% JITC Customer Profile from FY07 DISA was 11% of the Business No other Business Systems or Enterprise Solutions under test. T&E in FY07 was program by program 8

FY12 Customer Profile In FY12, just under half of all JITC business is in support of Enterprise solutions. Chart to right depicts dollars not percentages. DoD Enterprise Capabilities, 25.9 NSA, 7.5 DoD WHS, 0.7 MHS, 1.5 Air Force, 9.4 DLA, 12.5 Marine Corps & Navy, 6.9 DIA, 1.8 Army, 9.1 Other DoD Programs, 5.2 TRMC, 0.6 NGA, 4.9 Commercial, 3.1 USSOCOM, 3.1 USCENTCOM, 0.5 JS J8, 1.6 Other US Gov't, 2.0 DISA is now 25.9% of the Business However, the trend shows Non-DISA organizations catching up. DLA (taking over from BTA) MHS, and NSA combined with DISA Enterprise Systems total 49.3%.

Anatomy T&E for Enterprise Services It Takes More than One Organization to Create an Enterprise 10

UNCLASSIFIED Enterprise IT Service Management Moving from Systems to Services ITSM T&E Criteria Utility: Fit for Purpose Improves performance and/or reduces constraints Warranty: Fit for Use Reduce performance variation Availability Capacity Continuity Security Enterprise Interoperability covered under Utility Integrated services & Central management Security directly tied to Warranty 11 UNCLASSIFIED

Approved Products List Unified Capabilities Fast track to production Video Presence Integrated Directory Co-Ringing IM/Chat Software Linkage Voice Conferencing & Conference Control Voicemail/ Email Integration Consistent products ensure a constant environment with reliable services Unified capability requirements support DISN (Network) and DISN Subscription Services (Voice, Video, Data, etc.) Mobile Devices Voice & Video / Conferencing Bridges Mobile Devices will use the same process, where security is key to approved for use Unified Capabilities consolidating a robust and resilient mesh of media 12

Cyber Testing & Training Finally, the aim of DISA s architecture capabilities at the Command Level is to provide the Cyberspace Commander with situational awareness, critical information, alerts and warning, along with threat information to support C2 decisions based on full awareness and understanding. To defend against what we don t know or expect. The DISA s Defense-in-Depth (DiD) architecture is designed to protect, detect, diagnose, react, and recover from hostile threats within the Global Information Grid (GIG). Applications, software and hardware are still required to comply with STIGs and IAVAs to protect against what we know. At the program level, penetration testing is conducted. Security teams also conduct interviews and make observations at hosting locations. To protect against what we expect. T&E processes and procedures, training and validation is what is missing and must be developed. Achieving interoperability (systems, processes and people) of the cyberspace domain is critical to the defense of our networks, systems and information. At the next layer, the Enterprise Infrastructure Level, DISA is embarking on the Enterprise Infrastructure Hardening initiative, a series of sensors, monitors, reaction and analysts systems to protect and defend critical enterprise infrastructure DISA layers defenses at the Computing Infrastructure Level (local enclave environment) to protect critical programs, systems, enterprise services, servers (data) and host processing. For Situational Awareness and Monitoring

Mobility Acquisition Planning Phase and is subject to change. DoD Mobile Application Storefront Classified and Unclassified Centralized Application Store with Decentralized Application Development by CC/S/A with MILDEP unique Enterprise Email (i.e. NMCI or AFNet) PKI Based VPN Worldwide Wireless Commercial Carriers Mobility Networking DoD Mobility Gateway Mobile Device Management Defense Enterprise E-Mail Calendar Commercial Mobile Devices SIM Card Control ID/Credential SIM Cards procured by CC/S/A and registered on Management Servers Centralized Government Management Servers CC/S/A promotes Policies to Centralized Management Servers A Messaging VoIP to DSN Video Secure Government Enterprise Services Enables the mobile user access to secure commercial carrier transport and government enterprise services 14

DoD Enterprise Cloud Service Broker USAF USN USA USMC DoD Consumers T&E will likely focus on V&V of services to broker, and performance and user experience post deployment. CLOUD BROKER Understand, collect, and aggregate DoD consumer requirements Define services to be offered to DoD Manage service provider relationships Monitor performance Match actual and anticipated user demand to current and future services Integrate DoD Identity and Access Management DISA Unclassified DISA Classified Commercial Private Unclassified Commercial Private Classified Commercial Unclassified 15

New Approach to T&E Services Testing as a Service (Agile for the Enterprise) Interfaces, environments, services Automated script generation agnostic SMEs to support performance, interoperability, security, etc events Single Security Architecture Platform as a Service Infrastructure as a Service Common services (Comms, capacity, etc) Government Acceptance Testing Hosting Environment Integration Central Management Consistent User Experience SME support available as a consistent service to T&E customers 16

SUMMARY Department moving towards a converged Enterprise Service Environment DISA Architecting and Building the infrastructure and common services Services/Agencies shifting acquisition approach and require more than functional based automated T&E capability DISA/JITC working to enable environments, tools, services and SME s into an enterprise Testing as a Service offering 17

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information