Originally posted on http://www.vmware.com by Peter Brandano
One of the greatest challenges that all large-scale cloud programs across Federal Government and DOD have faced is driving adoption once the full operating capability (FOC) is reached. Often, these clouds sit idle for months awaiting application transformation, re-platforming, and migration.
Next generation warfighting capabilities rely on cloud-agnostic providers like VMware to seamlessly connect information domains that span tactical edge, base infrastructure, and multiple public clouds with a unified approach that is simple to manage and highly effective.
This article outlines ways that the DOD can drive rapid consumption of the Joint Warfighter Cloud Capability (JWCC). There are five key capabilities that will drive widespread adoption of JWCC.
- Accelerating JWCC Application Onboarding – The DOD’s application owners can accelerate onboarding of JWCC workloads by:
- Taking advantage of the significant investment that DOD has made to establish a broad VMware install base from operations and data centers to tactical edge. (DOD install base: >85 million workloads world-wide, >80% of DoD’s application workloads, and >95% of DoD and National Security agencies)
- Leveraging VMware-based virtual computing, networking, and storage on Amazon Web Services, Microsoft Azure, Oracle Cloud, Google Cloud Platform, IBM Cloud, and DISA MilCloud 2.0.
This vast DoD VMware install base coupled with cloud service provider’s VMware-based virtual infrastructure enables rapid VMware to VMware migration. More importantly, it eliminates application refactoring. Porting workloads rapidly to VMware-based hyper-scaler clouds will drive immediate JWCC consumption. It will also allow each cloud service provider (CSP) to rapidly acquire its share of JWCC workloads which will help the overall viability of the JWCC multi-cloud marketplace. Figure 1 below presents the various CSPs that are capable of natively hosting VMware workloads for JWCC.
2. Enabling Rapid Migration Between Clouds – A multi-cloud without the ability to easily move between CSPs is not a true multi-cloud. It is simply a collection of distinct siloed clouds. A true multi-cloud takes advantage of each CSP’s common VMware-based computing, network, and storage cloud services to rapidly migrate applications between clouds. The latter will enable JWCC consumers to move workloads immediately between clouds. Consumers will need this capability to meet mission requirements, counter security threats, reduce cost, or to gain access to unique CSP services.
Furthermore, this common VMware-based infrastructure will enable JWCC consumers to host applications across multiple cloud providers, in DOD data and operations centers, and/or the tactical edge. This will give consumers access to best-of-breed services from each CSP. It will allow application owners to host data where it is most accessible and will enable computing capability at the tactical edge where access and bandwidth may be limited.
3. Migrating and Maintaining Security Posture from Source to JWCC – Preserving the networking, computing, and storage architecture, configuration, and security policies during a migration can be difficult. However, doing so when migrating from an existing VMware environment to an identical VMware-based cloud is quite simple. One can simply transfer the all servers, networking, storage, configurations, and security policies as-is. No transformation or re-architecture is needed. This preservation is critical to being able to minimize risk and cost associated with maintaining compliance and accreditation of legacy workloads. Migration of existing secure, accredited mission workloads is depicted in Figure 2 below.
4. A Fully Compatible VMware-based “Smart” Tactical Edge –Tactical Edge capabilities from Army WIN-T to Navy CANES and countless others across the DOD leverage VMware Cloud Foundation and software defined datacenter technology to meet their missions today. This significant DOD investment in VMware at the edge coupled with greenfield VMware hyperconverged software defined data centers enable DOD to immediately achieve tactical edge goals.
In addition to existing DOD tactical edge capabilities, VMware also offers DOD ready VMware Cloud Foundation-based tactical hybrid cloud capabilities from all leading hardware manufacturers such as Dell, HPE, and Cisco.
Leading cloud service providers such as Amazon Web Services and Oracle also offer VMware-based tactical edge solutions, namely VMware Cloud for Amazon Outpost and Oracle Private Cloud Appliance X8.
VMware’s partnership with NVIDIA can also be leveraged to perform AI/ML operations on-mission with virtualized hardware accelerators or GPUs. When more processing power is required, tactical units transmit observational data through SD-WAN encrypted tunnels and SASE security gateways to one or more public CSP’s. Once the data is securely transmitted, the hyperscale capabilities of public clouds can be leveraged to rapidly mine data and create impactful warfighting intelligence. The produced intelligence products can be pulled down to on-premises DoD data and operations centers at CONUS/OCONUS base locations for Data Decrees and management, and then transmitted back to the tactical edge units or Mission Partners.
In all cases, these VMware-based tactical edge solutions are fully compatible with each hyper-scaler cloud’s VMware based virtualized computing, network, and storage capabilities. Thus, establishing a hybrid cloud from hyperscaler to tactical edge couldn’t be easier. For additional coverage of Tactical edge solutions for JWCC, see “Learn the fastest route to AI/ML capabilities at the tactical edge” at the following URL: https://blogs.vmware.com/industry-solutions/2021/09/15/learn-the-fastest-route-to-ai-ml-capabilities-at-the-tactical-edge/
5. Security from Cloud to Edge – VMware is a long-standing cybersecurity partner with DoD and is often on the forefront of accreditation and authorization efforts. JWCC can leverage VMware’s intrinsic security and zero trust capabilities to create a defense in depth strategy for the cloud. Intrinsic security is a fundamentally different approach to cyber security. It is a strategy for leveraging the infrastructure and control plane to provide consistent and ubiquitous cyber security, across any cloud, app, or device. Other security vendors utilize products, tools, or bundles that are loosely coupled to the infrastructure as an afterthought. VMware intrinsic security is built-in, which reduces add-on products, agents, and complexity. This decreases the chances of misconfiguration and vulnerabilities. It is also unified across the security, IT, and operations teams to improve visibility and identify threats. Unified security policies follow the application wherever it goes, whether it is on-prem or in a public cloud. Finally, Zero Trust-enabling security leverages the infrastructure for real-time context and control points, to help JWCC better detect and respond to threats.
In conclusion, VMware adds significant capabilities to accelerate the adoption of JWCC across the DoD. We ease migration by eliminating the need to refactor applications. We facilitate inter-cloud movement of workloads and cross-cloud architectures to maximize access to best of breed commercial cloud services. We allow complete applications (network, computing and storage) to be migrated along with security policies and accredited configurations to ease the certification and accreditation burden on JWCC and the application owner. We enable a fully compatible tactical edge and hybrid cloud capability to all major CSPs. Finally, we provide Zero Trust-enabling security throughout our software offerings to meet the unique requirements of the DoD.
If you are a VMware partner, Cloud Service Provider, or DoD customer and would like to know more about how VMware can support JWCC and the tactical edge, contact us at firstname.lastname@example.org. VMware product specialists, architects, and engineers are available to meet with your team to have a deep dive technology discussion or whiteboarding session. Similarly, VMware Pursuit and Capture team members are available to discuss teaming agreements or bid arrangements upon request. We look forward to working with your team.