IT Modernisation - etouches€¦ · IT Modernisation will fundamentally change the ... –Enterprise SMC ... AIRCOM (DE) NCIA (JWC (NO) (BE, NL, PO)

IT Modernisation

Dr Peter Lenk

Chief IT Modernisation Task Force

NATO UNCLASSIFIED 2 |

• IT Modernisation (ITM) Vision

• Implementation Details

• Status & Implementation Approach and

Schedule

• Conclusions

Agenda


VISION


IT Modernisation will fundamentally change the

way the NCI Agency provides IT services:

– Centralisation of Management

– Centralisation of IT Infrastructure

– Provision of services IAW Standard SLAs

• Defined quality levels

• Measureable

• Cost effective

IT Modernisation Vision


Current Situation

Wide Area Network

Shared Resources

Local Resources

Local People

Local Processes

Local Resources

Local People

Local Processes

Local Resources

Local People

Local Processes

Local Resources

Local People

Local Processes Networking / Processing / Storage / Core Services

People / Processes / Applications

To-Be Architecture


Vision: The End State

Three Views

Service

B

Service

A

Service

C

User View

One Single

Resource Pool

Ops Centre

Administrator View Physical View


• Operational effectiveness gains: – Increase the availability of IT services

– Enhance the Business Continuity (BC)

– Enhance Disaster Recovery (DR) posture

– Enhance the Information Security posture

– Increase operational agility & flexibility

– Universal access to services and data • Increase mobility and flexible working

– Metered usage - transparency of costs

– Standardisation • Levels of performance

• Training

• Efficiency gains: – Reduce the manpower required to provide & maintain services

– Better sustainability

– Reduce life-cycle costs

Operational Benefits


NCI Agency versus Industry Benchmark

(2012)

37.7%

7.0% 2.5%

29.8%

17.7%

1.9% 3.3%

FTEs

Building Maintenance

Power and Cooling

IT Hardware

IT Software

Connectivity

BC/DR

O&M costs are dominated by manpower

Assuming 10,000 sq.ft. US data centre

NCI Agency

Industry

(Gartner Benchmark)

3.4%

12.1%

3.7%

79.8%

0.1%

Buildings and facilites

Hardware

Energy

Personnel

Comms


Linkage to Manpower Savings

0

500

1000

1500

2000

2500

3000

3500

2016 2017 2018 2019

Agency Manpower Projection

Total CIV MIL

Wave I

Wave IV

Pla

nn

ing

Wave II

Wave III

Data Centre Framework, Integration, SMC (WP1)

2019 2014 2015 2016 2017 2018 2020 NATO UNCLASSIFIED 10 |

Implementation Depends on

Three Pillars

PEOPLE PROCESS TECHNOLOGY ICT is a people intensive

business. Finding, attracting,

developing and growing the

right talent pool within an

effective organizational

structure is key

Effective organizations

implement and refine business

process to ensure repeatable

operational behaviors. The

development, documentation,

training and implementation of

effective processes is a key

step in maturing the

organization

Technology continually offers

new opportunities to improve the

quality of service and support

we deliver to our clients. It is our

responsibility as the “innovator”

to bring new technology to

improve service to NATO

87% Savings 13% Savings

NCI

Agency


Operational Users

NCI Agency

IMPLEMENTATION DETAILS


> 1000 users

1000 <> 500 users

500 <> 200 users

< 200 users

Scope : Geographic


> 1000 users

1000 <> 500 users

500 <> 200 users

< 200 users

10 GbE

Internet GW


WAN

Consumer Network

DataCentre/Server

Room

Consumer Network

DataCentre/Server

Room

Consumer Network

DataCentre/Server

RoomClient Device

Client Device

Client Device

Site 1

Site 2

Site N

As-Is (Conceptual)

• 30+ data centres/server rooms

• 2500+ servers of over 100

different types, and becoming

obsolete

• Multiple operating systems and

multiple versions of each

• Application/project specific

resources

– server utilization rates

between 9% and 30 %

• Locally managed

• Three supported domains

– NU

– NR

– NS



To-Be (Conceptual)

• Standardised resources – Data Centres

– Local Computing Facilities

– Access Gateways

– Consumer Networks

– Client Devices

• Resource pooling

• Centrally managed

• Two supported domains – NU/NR

– NS

Supported domains

Protected Business Network

• Up to NR

• In support of

– majority of administrative

business processes;

– appropriate operational

processes; and

– processes requiring

interaction over the

Internet.

NATO Secret

Operational Network

• Up to NS

• In support of

– war fighting processes;

– processes requiring higher

level assurance; and

– military and political

communications.

IT modernisation will make provisions for two

networks on different security levels as indicated

below


• Shift of applications from the NATO Secret

Network to the PBN.

• 3 scenarios

– Application remain on NS

– Application moves to PBN

– Application on both networks (different instances)

• Contractor will be required to migrate both the

application and the data (data will be identified

by the purchaser).


Transition from NATO Secret ON to the Protected

Business Network (PBN)

Design Objectives

• Follows a services based approach

• Traceable requirements implementation

– Agency provides requirements, constraints

– Contractor proves through the design:

• how the ITM services are implemented and

• how the Purchaser requirements (section 14, SRS) are met

• In a top-down way (architecture design to detailed implementation design level)

• Support for ITM project life-cycle

Design


• 4 Service Design Packages: – Enterprise SMC

– IaaS

– Client Provisioning

– Core Enterprise Services (i.e. Exchange/Sharepoint)

• Service Design Package addresses: – Technical (related to section 14 requirements)

– Process and Organisation (related to section 10 requirements)

Design - Service Based Approach



Design – Service Based Approach

Core Enterprise

Services

Infrastructure as a Service (IaaS)

Client Provisioning

En

terp

rise S

MC

IaaS – Centralization/Consolidation

Core

D1/NORTHWOOD

D15/Norfolk

D10/Oeiras

D3/Ramstein

D4/Uedem

D6/Stavanger D5/Viborg

D7/Glons

D12/Lyon

D8/Poggio Renatico

D9/Retamares

D13/Athens

D16/Izmir

C1

C4

C3 C2

A48.F5

A34.F14-vrn

NATO HQ

Mons

D2 Brunssum

Lago Patria

Exchange Centralization

Consolidate

High Availability

Exchange Service

Other applicable

Applications:

- Sharepoint, etc.

- Others should be

developed with this in mind


IaaS – Centralization – non-Consolidation

Core

D1/NORTHWOOD

D15/Norfolk

D10/Oeiras

D3/Ramstein

D4/Uedem


D7/Glons

D12/Lyon

D8/Poggio Renatico

D9/Retamares

D13/Athens

D16/Izmir

C1

C4

C3 C2

A48.F5

A34.F14-vrn

NATO HQ

Mons

D2 Brunssum

Lago Patria

But NO consolidation

JOIIS

JOIIS

JOIIS

JOIIS

JOIIS

JOIIS

JOIIS

Multiple instances

Of Applications

JOIIS


IaaS – Non Centralization – Consolidation

Core

D1/NORTHWOOD

D15/Norfolk

D10/Oeiras

Castlegate D3/Ramstein

D4/Uedem


D7/Glons

D12/Lyon

D8/Poggio Renatico

D9/Retamares

D13/Athens

D16/Izmir

C1

C4

C3 C2

A48.F5

A34.F14-vrn

NATO HQ

Mons

D2 Brunssum

Lago Patria

Local Applications

L

e

g

a

c

y


• The implementation will require security

accreditation at enterprise and local site level.

• Security Accreditation efforts are lead by the

purchaser supported by the contractor.

• Security measures are based on the purchaser’s

risk assessment

• Security products need to on the approved

Product list (http://www.ia.nato.int/niapc)

Security Aspects


• Concept of Service Operations Centres

– Initial Service Operations centre in SHAPE (current

NCI Agency Service Delivery main location)

– Alternate location JFC Brunssum as it already hosts

the Alternate NCC and NCIRC

– Provision of the Service management tools for the

IaaS capability

– Framework for integration with communications and

Core and FAS management elements

– Includes enterprise Service Desk

Service Management

Service

Desk

Control Centre

(IT Operations)

Technical

Management

Contractor Support


• Proposed Service provisioning model is NATO

Owned – NATO Operated (NONO) with the

exception of outsourced print and scan services

(COCO)

• However the contractor will have life-cycle

support responsibility for the O&M elements (by

site for 5 years):

– 4th level support (HW/SW)

– Service Charges

– Sustainment training

Contractor support for

Life-Cycle Management


• Based on Total Cost of Ownership (Living

document – updated during the life-cycle)

• Breaks down into

– Cost of Procurement

– Cost of Implementation

– Cost of Support

– Cost of Operation (Manpower)

• Ceiling of 465 FTE’s

Life-Cycle Management

Contractor

NCI Agency


ITM Topology

ITM

NR NS

PIA

(NU)

NGO’s

Emergency

Services

Mission

Networks

(DCIS,FMN)

NS enclaves

NATIONS National Secret

One-Way

Secure Diode

Mail

Notification

Gateway(s)

IEG Scenario B

P102 Incr 2

Gateway(s) –

IEG Scenario C

P102 Incr 1

Internet

NU DMZ’s

NGCS - NCI

ANWI Agencies

Industry



NCI / ITM Overlap (draft)

STATUS & IMPLEMENTATION

APPROACH & SCHEDULE


Serial Title 0IS03090 Provide NATO Messaging Service

0IS03091 Infrastructure as a Service and IT

Consolidation

0IS03092 Extend, Upgrade and Adapt Fielded Baseline

0IS03093 Provide Unified Communication and

Collaboration Services

0IS03094 Provide Web Enabling Services

0IS03095 Provide Information Administration Services

0IS03096 PMIC

0IS03097 BiSC PMO

0IS03098 Geographical Information Services

0IS03099 Upgrade Enterprise Directory Service

0IS03100 Upgrade Information Portal Services

0IS03101 Upgrade Bi-SC AIS Service Management

and Control (SM&C) Capability

0IS03102 Information Exchange Services

CP 9C0150 Projects

Serial Title 0IS03090 Provide NATO Messaging Service

0IS03091 Infrastructure as a Service and IT

Consolidation

0IS03092 Extend, Upgrade and Adapt Fielded Baseline

0IS03093 Provide Unified Communication and

Collaboration Services

0IS03094 Provide Web Enabling Services

0IS03095 Provide Information Administration Services

0IS03096 PMIC

0IS03097 BiSC PMO

0IS03098 Geographical Information Services

0IS03099 Upgrade Enterprise Directory Service

0IS03100 Upgrade Information Portal Services

0IS03101 Upgrade Bi-SC AIS Service Management

and Control (SM&C) Capability

0IS03102 Information Exchange Services

ITM

AGS

Sigonella


• CP 9C0150:

– Submitted by ACT August 2011

– Endorsed by Military Committee January 2014

– Endorsed by RPPB 14 February 2014

– Authorised by the NAC 21 March 2014

We are nearing the end of the beginning

CP 9C0150 Authorisation


• TBCE submitted to the NOR on 18 June 2013

• NCI Agency submitted single TBCE for the

scope of ITM, covered in:

– Bi-SC Capability Package 9C0150- Core Information

Services for Command and Control

• P91 – Infrastructure as a Service and IT Consolidation

• P92 – Extend, Upgrade and Adapt Fielded Baseline

• P101 – Upgrade Bi-SC AIS Service Management and Control (SM&C) Capability

– One project from Alliance Ground Surveillance –

P191

• Extend BiSC AIS Services to the AGS Main Operating Base

Project Authorisation


• Incremental implementation approach by site

– Priority to establishment of Service Operations

Centre, Data Centres and Sites with urgent Hardware

replacement requirements

– Optimized implementation (Time/Cost)

• Centralisation of services in Data Centres

– Expect up to 80% centralisation of applications by the

end of wave 4.

ITM – Implementation approach:


Wave I

Wave IV

Pla

nn

ing

Wave II

Wave III

Implementation Road Map

Data Centre Framework

Integration

SMC (WP1)

Client Device Framework (WP2)

Strategic Consultant (WP5)

Sole Source NATO HQ (WP4)

NCIRC Adaption (WP6)

36

2019 2014 2015 2016 2017 2018 2020


• Undergone two screenings with the WGNTEs

• Estimated Investment Committee authorisation schedule: – Introduction – 3 April 2014

– First discussion – 8 April 2014

– 1st Stage authorisation – early May 2014

– WP1 2nd Stage authorisation – end June 2014

– WP1 IFB release – 1 July 2014

• Subject to timely IC authorisations, the NCI Agency hopes, for WP1 (WP2 slightly later): – Release IFB – by summer 2014; and

– Contract Award – by summer 2015.

Project Authorisation


Wave IV

Pla

nn

ing

Wave II

Wave III

Wave I

Implementation Plan

2019 2014 2015 2016 2017 2018 2020

EN:

JFCB (NL)

AIRCOM (DE)

JWC (NO)

JFTC (PL)

SN:

JALLC (PO)

CAOC U (DE)

CAOC T (ES)

DACC (IT)

DC:

NATO HQ (BE)

EN:

NSPA (LU)

NCIA (3)

(BE, NL, PO)

SN:

NSB (3)

(DE, IT, PL)

DCIM (10)

NSPA (3)

(IT, HU, FR)

EN:

NAEW (DE)

SN:

NAEW (4)

NSTO (2)

NDC (IT)

NSO (DE)

Security Operation Centre (SOC):

SHAPE (BE)

JFCB (NL)

Data Centres (DC):

SHAPE (BE)

JFCN (IT)

Enhanced Nodes (EN):

ACT (US)

MARCOM (UK)

LANDCOM (TU)

AGS (IT)

Standard Nodes (SN)


• Overall ITM Scope broken down into 5 work

packages

– WP1 – Implementation and migration of Back-end

Services (Approx 115M€)

– WP2 – Establish a Framework Contract for the Client

Devices (Approx 41M€)

– WP4 – Expansion of NHQ Data Centre for the

Enterprise

– WP5 – Provide Consultancy Support to NCI Agency.

– WP6 – Adapt NCIRC FOC

Alignment of the work packages with proposed procurements

ITM

Implementation work packages


• WP 1 - Implementation of Back-end Services

– WP1.1 – Implement Infrastructure and centralisation

of applications (Integrator Role)

– WP1.2 – Establish a Framework Contract with the

NCI Agency for DC and Nodes equipment

– WP1.3 – Service Management and Control (SMC)

tools and equipment

– WP1.4 – Implement Client provisioning services

– WP1.5 – Implement outsourced print and scan

services

Work Package 1


Wave I

Wave IV

P

lan

nin

g

Wave II

Wave III

Implementation Road Map

Data Centre Framework

Integration

SMC (WP1)

Client Device Framework (WP2)

Strategic Consultant (WP5)

Sole Source NATO HQ (WP4)

NCIRC Adaption (WP6)

41

2019 2014 2015 2016 2017 2018 2020


• Achieve Design Acceptance – EDC + 20 weeks

• Establish SOC & DC’s IOC – EDC + 50 weeks

• Wave I Sites completion – EDC + 78 weeks

NCI Agency welcomes reduced implementation

timeline proposals, but not extensions

Wave I – Work Package I –

Fixed Milestones


CONCLUSIONS


• We are looking for a Strong Partner to implement

ITM

– Someone who has implemented similar Projects before

• Similar scale, scope, multiple international sites

• For International, Defence, Government, and/or commercial

organisations with similar complexities

– Implementation experience needed in both:

• Corporation (Prime Contractor, & suppliers), and

• Key individuals (Project Mgr, Tech Lead, Test Dir, Migration Mgr)

– Strong Service Management & Control experience to

provide:

• An integrated system that can provide metering and reporting

linked to agreed SLAs/OLAs

• Implementation of ITIL processes

ITM Prime Contractor


• Strike right balance between CAPEX and OPEX

– This is a ‘spend to save’ activity

– Most of our OPEX costs are manpower related

• Abstract, pool and automate

– Create a ‘single pane of glass’

– Hide underlying complexity

– Provide flexibility and efficient management

• Migrate the application space

– Virtualise

– Migrate

– Centralise

• Work with imperfect information

4 Major Challenges to Industry


Questions?

[email protected]


Documents

IT Modernisation - etouches€¦ · IT Modernisation will fundamentally change the ... –Enterprise SMC ... AIRCOM (DE) NCIA (JWC (NO) (BE, NL, PO)