Air Force Takes First Step Toward Commercial Internet Services

ARLINGTON, VA: A Chinese proverb says that a journey of a thousand miles starts with a first step, and last month the Air Force took such a step when an airman for the first time connected to the Internet via a commercial network, in this case one provided by AT&T.

That accomplishment at Buckley AFB in Colorado is expected to eventually lead to the wholesale replacement of the Air Force’s slow, cumbersome, and ineffectual unclassified network for email and Internet-based applications with a modern, commercially procured one with improved speed, security, and functionality. 

“The Air Force is not happy with the performance of the Air Force network,” said Col. Bobby King from the Command, Control, Communications, Intelligence and Networks (C3I&N) program office, speaking Dec. 12 at AFCEA NOVA’s Air Force IT Day conference. Putting a point on his intended understatement, he quoted Air Force Chief of Staff Gen. David Goldfein as saying: “IT is crushing our airmen’s spirit.”

According to King, results of polls taken at eight bases where the Air Force is conducting experiments to identify the best ways it can “consume” commercial IT services (read below for more on that) showed that about 42 percent of Air Force personnel polled said the existing service network did not help them complete their mission. That’s a grade that deserves an F, said King, who is the senior materiel leader in C3I&N’s Enterprise Information Technology and Cyber Infrastructure Division.

“It’s a national security imperative to fix the Air Force network,” he said. “And when I say the Air Force network I don’t mean just the network. [I mean] all the IT services that support and connect airmen.”

The reason why so many senior officers say that the Air Force network is broken is a matter of numbers. More than 230 Air Force organizations can make changes on the network, according to King, and 41 separate groups acquire, integrate, and operate IT systems. There are 80+ Authority To Operate boundaries sprinkled throughout the network, which refers to individual organizations that have the power to authorize, implement, and monitor security controls. All those numbers lead to massive duplication of effort, poor configuration across the enterprise, and a terrible user experience. 

It’s the network’s bad user experience, better known in the private sector as customer experience and even more recognizable by its acronym CX, that leads to Goldfein’s soul-crushing scenario. It’s easy to see why. CX is how users perceive their interactions with the networks through websites, mobile and web applications, call/help center contacts, and virtually every touchpoint. 

Today’s most successful companies, like Apple, Google and Amazon, have created clean customer experiences that define their brands and separate them from competitors. People now expect elegant, simple, and fast experiences with companies, and no longer put up with clunky interactions. If it takes an airman 30 or more seconds to get to email because of all the internal firewalls that need to be traversed, or if an application that was used yesterday can’t be accessed today because a server was swapped out and the configuration changed, then working on the network becomes just an exercise in frustration. 

“We’re so focused on security we forget that airmen are not going to use what we provide because it’s so locked down with security that it’s unusable,” said King. “We have to balance security with end user experience. We’ve been so focused on security we’ve forgotten about what airmen are experiencing. 

At the same time, the Air Force network has been neglected through years of underinvestment. “It’s time to invest some dollars in our IT infrastructure so we can ensure that our airmen are connected the way they need to be connected to win the next war,” said King, adding that new infrastructure is needed to build the digital foundation that all future capabilities like artificial intelligence and quantum computing will ride upon. “That’s why I say this is a national security imperative.”

Building the Air Force’s Digital Infrastructure

To address all of the above, the Air Force over the last 14 months has started spending a significant amount of money on contracts that bring commercial, enterprise-wide IT services — such as Microsoft Office 365 commonly found in private-sector companies — into the military. The Air Force is funding the work through several Other Transactions Authority (OTA) contracts.

OTAs typically bypass traditional bureaucratic hurdles in the contracting process and have become the contracting vehicle de jour for rapidly prototyping information technology related technologies. A November report from the Government Accountability Office found that “obligations made on prototype other transactions nearly tripled from $1.4 billion to $3.7 billion” between 2016 and 2018. According to the GAO: “This contracting approach can help DOD attract companies that do not typically do business with DOD—such as commercial science and technology firms.”

In September 2018, the Air Force Life Cycle Management Center (AFLCMC), Hanscom AFB in Massachusetts, awarded AT&T and Microsoft three-year contracts worth $87 million and $34 million respectively for risk reduction experiments related to providing so-called Network as a Service (NaaS) capabilities.

(Commercial “as-a-service” offerings from software companies have proliferated across industry as they are designed to work specifically with a cloud computing solution. They are commonly abbreviated “aaS” with a noun preceding it, for example: Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).)  

The Air Force contract for NaaS is part of its larger Enterprise Information Technology as a Service (EITaaS) initiative. EITaaS is more simply referred to as Enterprise as a Service (EaaS) by the private sector. It typically entails pay-as-you-go IT services offered on cloud computing platforms that can be accessed on a worldwide basis. Many enterprise IT services are usually in the areas of business and process management. 

EITaaS was a common theme throughout many of the Air Force IT Day sessions. 

“Yes, Enterprise IT as a Service, OMG, please come faster,” said Kessel Run Commander Col. Enrique Oti to a laugh from the audience. “We need to get to an EITaaS future (rather than relying on dedicated circuits) if we want to be able to compete in contested and denied cyberspace.” 

Kessel Run is the Air Force’s premier software development laboratory in Boston.

For the AT&T-Microsoft effort, the objective is the deployment and operation of a secure and reliable network using commercially proven products and services. This network will enable access to both classified and unclassified data and applications from Air Force facilities, as well as from mobile and remote locations. It includes base area networks, wide area networks and voice networks.

The milestone at Buckley AFB last week where an airman connected to the Internet via AT&T’s network falls under this contract. 

“They can now reach the Internet from Buckley via the AT&T network; that’s huge,” said King. “It’s an enclave, by the way; the whole world is not on this network. It’s an enclave that’s part of the AT&T network.”

Buckley AFB is assigned to Air Force Space Command — now morphing into the Space Force — and counts about 92,000 active duty, National Guard, reserve and retired personnel. Now that the first airmen are using the AT&T network there, AFLCMC has received approval to extend Network as a Service capabilities to 10 percent of Buckley’s population, according to King. 

In addition to Buckley, similar NaaS work is being implemented at seven other Air Force installations: Hurlburt Field, FL; Cannon AFB, NM; Maxwell AFB, Alabama; Offutt AFB, NB, Joint Base Elmendorf Richardson, AK; Pope Field, NC; Spangdahlem AB, Germany. 

“These NaaS experiments will allow us to see what the commercial industry can do for us in terms of bringing the network performance we expect, while maintaining the network security we need, at a price we can afford,” said Brig. Gen. Michael Schmidt, program executive officer for Command, Control, Communications, Intelligence and Networks at Hanscom, in an Air Force news story.  

AFLCMC’s second Network as a Service line of effort under EITaaS will bring end-user services to those same eight bases under a $73 million, 3-year contract awarded to Unisys in February. Also referred to as a “risk reduction effort” by the Air Force, it will transition those same base facilities to a commercially provided, as-a-service approach for information technology service management, enterprise service desk, and end-user device management.

“The strategic intent is two-fold,” said Air Force Deputy Chief Information Officer William Marion, in another Air Force article. “First, improve the IT user experience and mission effectiveness of our airmen; and second, to focus less on running commodity IT services and more on our core competencies in the cyber warfighting domain.”

AFLCMC’s third OTA under its EITaaS effort is a $66 million contract awarded to Accenture Federal Services this past June. This “compute and store” risk-reduction experiment, also to be conducted at the same facilities as the other two contracts, will provide hosting solutions for on-premises applications (those installed on Air Force computer hard drives) and those in the cloud. It will further provide airmen with compute and store abilities at the base level when connection to the Internet cloud is unavailable. 

Going forward, the Air Force would like to begin scaling EITaaS to the rest of the Air Force. “The Air Force won’t be pushing buttons anymore; it will be our commercial industry partners doing that,” said King.

To figure out exactly how to do that, the service plans to begin issuing Requests for Information (RFIs) to industry beginning in the first quarter of 2020.