presented by

161103-N-YW024-029 PEARL HARBOR (Nov. 3, 2016)
Guided missile destroyer USS Spruance (DDG 111) arrives at Joint Base Pearl Harbor-Hickam for the final port visit in during the Pacific Surface Action Group Western Pacific deployment. Spruance together with USS Decatur operate under Destroyer Squadron 31 were recently underway conducting routine patrols in the South China. (U.S. Navy photo by Petty Officer 2nd Class Katarzyna Kobiljak)

As the Defense Department begins to mobilize for the Great Power competition against Russia and China, it’s working to secure, modernize, and automate networking infrastructure used by U.S. naval forces and other military branches operating in the Pacific and elsewhere. Through the use of secure multi-cloud/hybrid cloud environments that serve as both a means of collaboration and a bulwark against threats to sensitive data and intellectual property, this initiative and others will expand DoD’s need for bandwidth and capacity in this challenging threat environment.

Vish Nandlall, Vice President of Technology Strategy and Ecosystems, Dell Technologies

In this Breaking Defense Spotlight Q&A, we talk with Vish Nandlall, Vice President of Technology Strategy and Ecosystems at Dell Technologies, about how the U.S. Navy and other military services in the Indo-Pacific Area of Responsibility (AOR) are modernizing networks and data operations with cloud computing, artificial intelligence, 5G, and “security as a microservice” in order to improve collaboration and user experience.

Breaking Defense: Describe the state of U.S. military networking in the Pacific today.

Nandlall: It’s important to step back when we talk about communications systems. Military forces are typically equipped with technologies that are both fairly novel and more industrialized, which means they’re at different points in their life cycle. Our desire is that industrialized technologies reduce for deviation. That means we want to create an environment where we can accept new, novel technologies, experiment with them using operational units, gain direct soldier and leadership feedback, and be able to obtain an overmatch situation.

If you wait too long during the development cycle of technologies, you’re going to miss out on potentially novel capabilities relative to adversaries in a particular battlespace or AOR. You need novel technologies to give you the advantage of making quick and agile operational decisions.

Because of the tension that exists between novel and industrialized technologies, a given communications network will typically bias to one side or the other. What we’re finding, coming back to your question about the state of U.S. military networks, is that it tends to bias more towards the industrialized side. It biases toward acquisition and technology development processes instead of meeting the needs of technology driven troops through informed Capability Sets. When we think about modernization, those capability sets need to include hybrid cloud and 5G, to name two, that are going to help drive a set of resources that deliver better situational awareness.

Breaking Defense: Given that argument, what are the technology considerations the Defense Department should be making?

Nandlall: First, we need to upgrade in a manner that’s less disruptive than currently planned. We can’t follow a stage-gate and outage-type situations for technology development. As we’re transitioning between technologies, we need to move to more modern, continuous-integration, continuous-deployment methodologies. We also need to be vigilant about interoperability across technologies and platforms. With a modular plug-and-play methodology, systems that are more deprecated or provide less of an advantage can be swapped out for ones that are more interoperable. And along those lines, another key consideration is the ability to interoperate in a cyber-secure manner where we are able to operate under bilateral agreements and within coalition environments that may not necessarily be as trusted as a home-secure infrastructure.

To that point, we need to answer questions like: ‘How do we develop those quick response capabilities?’ and ‘How do we get more agile acquisition of technology so that we’re delivering the best into the hands of the warfighter?’ I think that being able to move beyond Six Sigma-driven processes to more modern, agile and lean processes is critical to be able to achieve that.

Breaking Defense: And that would be methodologies like DevSecOps and capabilities like software-defined networking.

Nandlall: Absolutely. If you rewind the clock to a year ago, people would have said that software-defined networking was still immature technology. Today it’s state of the art and getting a lot traction, especially in many commercial sectors as an MPLS (multi-protocol label switching) replacement. I think that it’s rapidly gotten to the point where it’s sufficiently secure for DevSecOps and other military applications.

 

Breaking Defense: How will introducing cloud computing improve the way the Navy and other forces in the Pacific complete their missions. Does introducing cloud make things more secure? Does it let you introduce new technologies in an iterative fashion? Does it have a better customer experience than exists now?

Nandlall: Cloud clearly changes the game. There are many applications that provide battlespace awareness and a common operating picture on the status of troops, vehicles, weapons, supplies, and missions—all of which can then be tailored to a particular user’s access privileges. These are examples of the types of capabilities that can be rendered through cloud environments.

To your point, can we get to the right level of security for these cloud applications? An area of concern as we migrate different services and applications to the cloud is understanding that we have to apply a different set of security principles to the cloud than we do to typical types of appliance-based architectures. When you’re in a particular area that’s surrounded by four walls, your security perimeter typically mirrors the perimeter of those four walls. When you’re in the cloud, the security perimeters can be everywhere.

And so we need to move towards something that’s more on the order of Zero Trust where we have layers of security down to the individual resource and application. We need to spend more time trying to understand what’s under the hood and how workloads are going to be placed in the cloud. We need to ensure that we can have integrity of applications and can, in fact, control and restrict which applications are running in which cloud instances. We want to be able to bind specific platforms and virtual machines to applications so that we can create affinities given certain performance requirements. We also want to be able to ensure that we have controls over how many resources an application can consume, especially, for instance, if a cloud environment extends all the way to the edge in a constrained environment. All of these things are being built into many of the cloud operating principles that we’re seeing today.

Breaking Defense: How will these new cloud computing capabilities interact and be augmented by technologies and capabilities like artificial intelligence 5G, security as a microservice, data, and customer experience.

Nandlall: As we look at these technologies, what we’re doing is creating a far more distributed topology. If you’re in an area like the Indo-Pacific region, for instance, that distributed topology might include a number of tactical clouds that are connected to central clouds that could be interconnected through a Satcom link all the way back to home base. Or they might be connected through multiple, interim hubs through various countries that eventually lead to a large consolidated data center where I’m persisting all my data. Because that topology is all over the place, we need to have mechanisms that provide protection of sensitive data and regulatory compliance that tags where the data is located. We need to have some level of segregation, as well as recovery mechanisms.

This operating model for data governance is fundamental in terms of how we’re going to secure this warfighting enterprise. This entire system must be thought through and orchestrated. It also needs to look like a unique fabric. And as I said earlier, all of these different protections will have to be present and orchestrated when you look under the hood. That’s some of the technical depth that needs to be considered as you move forward and modernize these systems.