afitc 2018 draft the right mix for the warfighter · app modernization refactor and optimize...
TRANSCRIPT
Ó Copyright 2017 Hewlett Packard Enterprise Development LP
The Right Mix for the WarfighterHybrid IT made Simple and Secure
Confidential – For Training Purposes Only
Von Gardiner – HPE DoD CTO/Public Sector CTOAug 2018
2
"The views expressed in this presentation are those of the author(s) and do not necessarily reflect the official policy or position of the U.S. Air Force, the
U.S. Department of Defense, or the U.S. Government."
Disclaimer
AGENDA– What? Digital Transformation: Cloud Migration and Hybrid IT
– Why? Drivers and Enablers for a Hybrid approach to IT
– When? Cloud First and Cloud Cliff
– How? The Right Mix and Right Model
– Creating a Roadmap with Cloud Technology Partners
– Solutions for Garrison / Disadvantaged / Disconnected environments
– Acquisition Strategies
– Management
– Stray Voltage: Why infrastructure matters…Security Baked in and Secure Supply Chain
– Conclusions and Call-to-Action
As a result of digital transformation: Hybrid IT will continue to get more hybrid and more complex
“I need to shift resources from ops to apps.” “Our costs are a surprise every month.”“I need it as fast as possible.”IT Ops CIO/MissionDevelopers/Users
Multiple tools
Multiple public and private clouds
38% of organizations plan
interconnectedness between cloud environments
74% of organizations plan to operate multi-cloud environments over
the next two years
43% of data will be processed at the
edge by 2019
Apps span multiple clouds and sites
Conquer complexity. Unleash speed.
Complex, highly distributed, siloed environments with no centralized management
IDC Directions 2017: IoT Forecast, 5G & Related Sessions, March 4, 2017
Success factors for managing hybrid IT, 451 Research, Mar 2017
451 Research, The VotE: Cloud Transformation Vendor Evaluations, Feb 2017
Building on our momentum to simplify Hybrid IT
HPE Software-Defined
Simplify on-premises
Turn infrastructure into software-
defined
HPE OneView900K+ licenses
Simplify VMenvironments
HPE SimpliVity4x market growth
Simplify multi-cloud
HPE Multi-Cloud Management
Composeworkloads
HPE Synergy1000+ customers
HPE ProLiant for Microsoft Azure Stack
Now shipping
Deliver Microsoft Azure Services on-premises
HPE OneSphere
Disadvantaged / Disconnected
Hybrid IT
6
Industry definition: Alternate definition:
Hybrid IT: An approach to enterprise computing in which an organization provides and manages some information technology (IT) resources and services in-house, but uses cloud-based resources and services for others.
Differentiator: Hybrid IT is an approach to enterprise computing in which an organization dynamically moves workloads from an infrastructure with one particular set of characteristics to another seamlessly in order to optimize security, outcomes, performance, cost, etc.
Drivers and Enablers for Hybrid IT Adoption
Drivers for Hybrid Adoption
8
Agility/
Enablers for Hybrid IT
– Workload Portability and Container Technology
– In-Memory Compute and Memory-Centric Architectures
– Software Defined “X”
– Artificial Intelligence, Machine Learning and Automation
– Cloud Economics
– Data Security, Product Security and Secure Supply Chain
9
Top IT Priorities for the Department of Defense• Improve Cybersecurity and Secure Supply Chain: Stop bolting on and start baking in
security, eliminate seams, reduce surface attack area, provide persistent monitoring at all levels
• Reduce IT spending and Improve accountability: pay only for what is used, pay-as-you-go/pay-as-you-grow; provide transparency of IT costs for budgeting and forecasting
• EITaaS, Consolidate Data Centers and Automate:
• Outsource Enterprise IT systems and services via COCO model; • Consolidate APCs; and • Leverage automation and simplify management; realign limited uniformed cyber forces to
higher-priority governmentally inherent positions…MDTs, etc…
• Agile: Institute an “agile” approach for fielding IT systems and delivering IT services; establish a DevOps environment to promote and accelerate agility, security and new capabilities
• Cloud/Hybrid Migration: Embrace Hybrid IT (Public Cloud, Private Cloud, On-prem, Off-prem, MilCloud, etc.) and avoid being locked into whatever is/was purchased
Common IT challenges across the Department of Defense
– Security
– Skilled manpower and training
– Acquisition process is not agile or responsive to IT needs
– Lack of adequate funding and/or wrong color of money
– Shifting from a CAPEX to OPEX approach for delivery of
IT systems and services
– Interoperability
– ITSM and ITAM
– Risk averse, slow to adopt new technologies and
approaches… paralysis through analysis
– Outdated regulations and policies
– RMF…the amount of risk are you willing to accept
Cloud First & Cloud CliffsPriorities, Mandates, Challenges and Solutions
Cloud Mandates, Approaches, Challenges and Solutions– Mandates in the Federal space:
– Federal Cloud First Policy– Federal Data Center Consolidation Initiative (FDCCI)– OSD mandate for “fourth estate” agencies to migrate data and applications to milCloud 2.0
– Approaches: Leverage Public Cloud to meet mandates and improve performance, scalability, lower IT costs and reduce manpower; or migrate to milCloud ASAP
– Challenges and concerns: Security, performance, control, agility, IT costs, legal and policy compliance, operational risk management– One size does not fit all and not all clouds are created equal … which can create cloud cliffs
– Solutions:– Hybrid IT…it’s all about finding the “right mix” of IT environments to meet workload and
operational needs– Leverage the ability to seamlessly move workloads and data among public and private clouds,
on-prem and off-prem– Having choices and/or options is a good thing; hyperconvergence and HPE’s composable
infrastructure are true game changers … we make Hybrid IT simple and secure
13
Hybrid IT: the balancing actFinding your “right mix” and “right model”
The “Right Mix” is not a static destination, but rather part of the dynamic Hybrid IT Journeyü As technology, requirements, threats and other variables change, so will the “Right Mix”
Hybrid IT is the new delivery model for the Digital EnterprisesIt is about “Your Right Mix” strategy
Public Cloud
Core
Righ
t mix
of o
n-an
d of
f-pre
mise
s IT
Right mix of core and composable infrastructure
Right mix of public and private cloud
Right mix of traditional &
cloud
Hybrid ITPrivate Cloud
Composable
Optimize consumption of External-driven innovation
Optimize delivery of Services-driven
innovation
Optimized for operational and cost
efficiency.
Optimized for agility and apps-driven innovation
HPE IT transformationHow HPE IT is evolving to a hybrid IT environment
16
decrease in data center floor space
Project goals
Lower average age of infrastructure to
Increase CPU utilization to 30%
4.5 yrs
35% reduction in annual CapEx
ShiftIT spend from fixed cost infrastructure to innovation
50%
Minimizeimpact to IT while implementing our strategy
True hybrid computeContinuous
innovation
FY 2014 FY 2015 FY 2016/17 FY 2018
Accelerate, expand
and enhance
Mature and
industry leading
• 85 large data centers, 400
small data centers … globally
• 7,000 apps - homegrown
• 20 days to deploy VM
• 45-60 days to deploy
physical server
• 10% CPU utilization
• 100% Waterfall
• Ops focused processes
Where we started
• 3 data centers
• 1,800 apps
• Repeatable executables and micro services
• Migrate apps to cloud• 30 minutes to deploy VM
• 3 days to deploy physical server
• 60% utilization in cloud
• 75-80% Agile
• App Dev teams have full options• Self-service portal with self
authentication
Where we are today
HPE IT transformation original objectives and actual results Our Right Mix defined, powered and optimized
7,000+ Apps 10% Non-core, mainframe & non-virtualized apps
10% Cloud native apps &
traditional apps migrated to cloud
60% Broker M/S Azure services through
common service portal
20% SaaS: HR, CRM,
ERP, Content Mgmt
7,000+ Apps
1,800+ Apps10% 10%
Non-core, mainframe & non-virtualized apps
10% 55% Cloud native apps &
traditional apps migrated to cloud
60% 5% Broker M/S Azure services through
common service portal
20% 30% SaaS: HR, CRM,
ERP, Content Mgmt
– Workload suitability
– Application readiness
– Cost concerns (public cloud)
– SLA, High availability
– Cloud “lock in” AWS and Azure
– Data security concerns
– Desire for controllable costs
Automate & virtualize
Private clouds
Managedclouds
Public clouds+ SaaS
Traditional IT
On-Premises Off-Premises
Traditional Cloud
Hybrid IT: Where are you running your workloads?The Right Mix and the Right Model
IT has choices to optimally place new and legacy workloads
19
Security & compliance
Control & governance
Data sovereignty
Latency
Architectural choice
Scalability
Variable expense
Simpler IT operation
Public CloudOn-Premises Solution
Developer-centric
Scalability
Variable expense
Simpler IT operation
Vendor Lock-in
The right mixHybrid IT
Workload placement considerations60+ areas of consideration
20
– Data Retention Requirements
– Cloud acceptance
– SLA / operational continuity
– Growth projections
– Industry trends / best practices
– Shadow IT
– Service providers
– 3P and vendor contracts
– Data protection requirements
– Network isolation requirements
– Audit standards requirements / log Retention
– Time to operations
– Mission criticality
– Governance
– User experience expectations
– User base location / geography
– Application continuity / forecast
Mission Financial Technical Functional
– Migration costs―one time
– Operating costs– Server to admin ratios
– Software licensing
– Development costs―applications– Current and future state
– Lift and evolve
– Maintenance costs– Facilities costs
– Life-cycle management costs
– Hosting costs
– Infrastructure– Time to value
– Repatriation of workloads
– Performance requirements: compute, network, storage
– High availability requirements Clustering stack
– Network requirements
– Virtualization
– Application tier
– Storage requirements – Storage distribution
– Application trends
– Utilization
– Load balancing
– Geography localization requirements
– Parallelism and scalability
– Distributed architecture– Application environments
(functional environments)
– Infrastructure services
– Monitoring and management
– Server inventory
– Dependency mapping
– Security requirements
– Infrastructure services
– Inter-application latency
– Assets
– Application routing and DNS
– Logging – Migration complexity
– Application review
Security
– Compliance requirements, regulations
– Security Accreditations
– Data Sensitivity and Compartmentalization
– Security standards, NIST, etc.
– DFARS and other regulations
– TAA Compliant
– Made/written in the USA
– Secure Supply Chain/Risk
Management
HPE helps organizations determine workload placement
21
Secu
rity
ComplianceData privacy
Adaptability
CostData sovereignty
Ease of use
Flexibility
Integration
IT maturity
CultureTi
me
to m
arke
t
Performance
Skill level
Data location
Risk
OpEx, CapEx
Application architecture
SLA
Spee
d
Agility
Most critical workload placement factors
‒ Security/Compliance‒ Application Performance‒ Total cost of ownership‒ Control‒ Workload dependencies
How Do I Migrate to the Cloud?Without a well-developed migration roadmap, how will you get there? And where is there??
Cloud Technology Partners…We Are Enterprise Cloud Experts
● The premier cloud services and software company for enterprises moving to cloud
● Trusted advisor helping companies confidently adopt cloud, IoT and big data solutions
● Support the broadest base of platforms and technologies
500+ Enterprise Engagements Across Platforms
✓ AWS Premier Consulting Partner
✓ Google Premier Consulting Partner
✓ Microsoft Azure Gold Partner
✓ Gartner Cool Cloud Vendor
● Migration Competency● Security Competency● IoT Competency ● DevOps Competency ● Financial Services Competency● NextGen Managed Services Partner
Our Capabilities & Competencies
End-to-End Solutions for Today’s Cloud Challenges
Cloud TransformationStrategy, Roadmap, TCO/ROI, People and Processes
Migration to CloudWhether applications or data centers, get there quickly & correctly
App ModernizationRefactor and optimize applications for the cloud
Cost ManagementPredict and manage cloud costs and efficiency
Internet of Things (IoT)End to end approach to IoTsolutions across clouds
Big Data & AnalyticsCloud-enable your data for scale, faster insights, and value
Cloud ComplianceEnsure compliance through automation of 1000+ IT controls
Cloud Native DigitalCustom solutions for the cloud with scale, security and speed
Cloud SecurityEnsure a secure and compliant environment.
Key Benefit #1: Defined Cloud Adoption Program
● Promotes fundamental change across your org
● Rapid Results – Minimum Viable Cloud (MVC)
● Automation ensures highly repeatable processes
PHASE 4: MIGRATE
PHASE 2:ASSESS & PLAN
PHASE 5:OPERATE
PHASE 1:WORKSHOP
PHASE 3: MVC BUILD
CAP provides the best technology, practices and learnings for enterprise-wide cloud adoption.
Follow a Prescriptive Approach to Enterprise Cloud
● Fosters success through collaboration
● Iterative agile framework and methodology
● Broad perspective addressing key stakeholder needs
Rehost Replatform Replace RetireRefactor
Key Benefit #2: CTP Methodology Accelerates Application Assessment ProcessGather and analyze data to determine the best endpoint for each application
Retain
Technical Data Business Data CMDB / CMS
CTP Solution Portfolio
How can we help you succeed in the Cloud?We have a comprehensive portfolio of offerings
from which to choose from
Strategy & Planning
Begin with the end in mind and build a roadmap for success.
● Workshops● Strategy Engagements● Assessments● Business Case / TCO● Experience Design● Architecture Design● Proof of Concept● Planning and Roadmap
Build & Deploy
Accelerate time to value with advanced technical execution.
● Minimum Viable Cloud● Migration & Enablement● Application
Transformation● Cloud Native Solutions● Internet of Things● Big Data & Analytics● Machine Learning● SDLC Transformation
Run & Optimize
Operate with efficiency and scale, and optimize for future success.
● Cloud Business Office● Continuous Compliance● Continuous Cost Controls● DevOps & CloudOps● Managed Digital Operations
ADVISORY PROFESSIONAL SERVICES OPERATIONS
How can I deliver my “right mix?”Flexible Capacity: Pay as you go or Pay as you grow
Key Findings of Research SurveySurvey of over 500 Enterprises
29
Source: 451 Research
Challenges with procuring & managing capacity
57% of enterprises stated complaints about slow performance were significant issue
50% of enterprises have suffered downtime as a result of poor capacity planning
59% average amount by which enterprises overprovision compute capacity
59% of enterprises wait 3 months or longer for new capacity
48% average amount by which enterprises over provision storage capacity
“As a Service” Resolves these Challenges
Why Choose?
Best of both worlds
‒ On-Premises infrastructure on a flexible and scalable basis
‒ TCO of a typical enterprise scenario on par with public cloud
‒ 29% less expensive than a self-managed private cloud
Business value of Flexible CapacityOver provisioning vs. pay for only what you use
30
What you buy today
What you actually need today
What you get with FC
BUFFER
Projected capacity for 12 months
Projected capacity at month 3
Projected capacity at month 6
BUFFER
Projected capacity at month 9
BUFFER
What you actually end up using
Excess capacity, wasted capital
expense
59% of enterprises wait 3 months or longer for new capacity 159% for compute and
48% for storage 1
Save on costs due to overprovisioningEnterprises overprovision on average by
31Time
$Traditional purchases (CAPEX)
Buffer
Compute needed and invoiced
1 451 Research November 2016
Flexible Capacity Savings
Flexible Capacity Savings
Capacity ahead of demandMaintain a safe buffer of capacity
50% experienced downtime due to capacity planning
57% received complaints of slow performance1
What about as a Service: Why should I care about procurement?
On-Prem Solutions: One size does not fit allUse the “right” solution(s)…when all you have is a hammer
HPE Synergy: World’s 1st Composable DC Platform
Composable Compute
Composable Fabric
Composer & Image Streamer
Composable Storage
Composable Frame
Scenario-1: Making Hybrid Infrastructure Simple and Secure with HPE Synergy
Key Use Case: Hybrid IT managing both Legacy Apps + New Services
Fast IT Use Cases:
1. Rapid provisioning/teardown of VM/Containers
2. Elastic clusters of Production Web/App/dB Servers
3. Seamless management of both VMs & Bare-metal
Image Streamers
Scenario-1: Making Hybrid Infrastructure Simple and Secure with HPE Synergy
Reduce IT costs and streamline operations
Improve agility andtime to production
Maximize uptime and prevent data loss
1. 73% TCO savings compared to
traditional IT infrastructure (Forrester Consulting)
2. 10:1 device reduction (Forrester Consulting)
3. Up to 49% TCO savings compared to Amazon Web Services (Evaluator Group)
1. 81% increase in time spent on new projects (IDC)
2. Rapid scaling to 1,000 VMs with
peak and predictable performance (ESG)
3. One hour to provision eight-node cluster (ESG)
1. 57% of customers reduced recovery time from days or hours to minutes (TechValidate)
2. 70% improvement in
backup/recovery and DR (IDC)
3. A majority of customers using SimpliVity data protection retired existing third-party backup and/or replication solutions (IDC)
Scenario-2: Making IT operations Simple and Secure with HPE SimpliVity
What can HPE SimpliVity hyperconvergence do for you?Federate for Connected or Disconnected…
Scenario-2: Making IT operations Simple and Secure with HPE SimpliVity
OR
HPE SimpliVity 380 or
HPE High-Density SimpliVity 2600
+ third-party backup for operational recovery
+ replication & disaster recovery automation
+ WAN optimization
HPE SimpliVity simplifies infrastructure management
App 3 App 4
DRAM
X86 CPU
vSphere
ALL DATA WRITTEN/REGISTERED TO VIRTUALIZATION PLATFORM
ONLY UNIQUE DATA WRITTEN TO SSD
DATA MANAGEMENT LAYER
PRESENTATION LAYER
DATA VIRTUALIZATION PLATFORM
SimpliVity’s Data Virtualization Platform
“The best IO is the one you don’t have to do.”
SSD
DATA MANAGEMENT LAYER
PRESENTATION LAYER
SSD
DRAM
X86 CPU
vSphereApp 4App 3
“The best IO is the one you don’t have to do.”
SimpliVity’s Data Virtualization Platform
The HPE SimpliVity Data Virtualization Platform
39
‒ Always-on compression and deduplication
‒ All data at inception, globally
‒ Offloaded to OmniStack Accelerator
‒ Guaranteed 90% capacity savings across primary storage and backup
Guaranteed Data Efficiency
‒ Full logical backups with near zero overhead
‒ Guaranteed 60-second restore of 1TB VM
‒ Granular RTOs and RPOs from hours to seconds
‒ Simple, affordable offsite DR
‒ RAIN + RAID protection of data
Built-in resiliency, backup, and disaster recovery
‒ Policy-based, VM-centric management
‒ No LUNS, shares, or volumes
‒ Right-click operations
‒ Native tool integration
‒ Single view of all data centers and ROBOs
Global VM-Centric Management and Mobility
For HPE and Channel Partner internal use only
Microsoft Azure StackPrivate | Hosted
Microsoft AzurePublic
Azure services in your datacenter
Unified app development
One Azure ecosystem
Developers
IT
* - some components will be in Preview at Azure Stack GA
Microsoft’s Hybrid Cloud PlatformPower of Azure in your On-Prem datacenter…protection against disconnected
Scenario-3: Making Hybrid Cloud Simple and Secure with HPE and Microsoft
HPE ProLiant for Microsoft Azure Stack
41
AGILITY
• Application portability
• Consistent development
• Time to value
QUALITY
• World’s best selling, most secure
• Global Enterprise class support
• Professional services
SIMPLICITY
• Infrastructure management with HPE OneView
• Pay-as-you-go/grow pricing
• Operations Analytics
Scenario-3: Making Hybrid Cloud Simple and Secure with HPE and Microsoft
Summary: We make Hybrid IT Simple and Secure
Hybrid Infrastructure Simple Hybrid Cloud SimpleIT Operations Simple
• Reduce Overprovisioning & CapEx
• Deploy at Cloud Speeds• Simplify operations• Improve operational agility
• Manage resources efficiently• Data Protection and Resiliency• Eliminate islands
• Seamless App Portability• Integrated Cloud Management• Consistent Dev/Ops experience
All hosted on the World’s Most Secure Industry Servers!
Now, how do I manage my “right mix?”Introducing HPE's new multi-cloud management platform to accelerate and simplify your digital transformation
Private clouds, Azure Stack, VMs,containers and bare metal
Simplifies your on-premises
Cloud28+
Simplifies all your public cloudsAWSAzure
Software as a service
Only HPE simplifies multi-cloud and on-premises environments
PicTraditional and cloud
Bare Metal, VMWare, OpenStack, Containers
HPE OneSphere overview
On-premises software-defined
infrastructure
Multi-cloud/Multi-site virtual resource pool
PicAzure
PicAWS
Cloud 28+
Traditional infrastructure
API Manual
• Orchestration and brokering
• Metering and cost analytics• Security and multi-tenancy• Lifecycle management
Catalog of tools and cloud servicesPic PicPic
Simplify on-premises• Speed resource vending• Automate infrastructure lifecycle management• Automate everything through APIs• Optimize on-premises utilization• Choose from consumption models to optimize costs
• Start up instantly via SaaS management• Build on-premises clouds and connect to public clouds in a
few clicks
• Immediately access to new public cloud services
• Streamline DevOps workflow• Access all clouds with a unified cloud resource pool• Get real-time insights on cost and utilization across clouds• Optimize workload deployment
Simplify multi-cloud
Gain insights faster to optimize costs and utilizationCIO / Mission dashboard
Avoid surprises at the end of the monthOptimize workload deployment
Understand ROI by customized views
Provides real-time insights of costs across all your clouds Delivers a common language for costs Presents usage and costs any way you want
Only HPE helps you realize an end-to-end multi-cloud solution
Cloud strategies and economics
Cloud governance and security
Application portfolio assessment
Advise
HPE OneSphereManaged cloud controls
Power
HPE OneSphere as a managed service
Pay-as-you-go consumption
Consume
HPE Gen 10 and Secure Supply ChainFocused Cyber Security & Cyber Resilience …because security is a must regardless of where your workloads run
Features Included with the World’s Most Secure Industry Servers
49
Build it In
Protect• Silicon Root of Trust• CNSA • Two Factor Authentication CAC• Prevent Firmware Attacks from OS• Secure Erase of NAND Data• Common Criteria & FIPS 140-2 Level1• UEFI Secure Boot • TPM 1.2 and 2.0• NIST 800-147b BIOS• PCI-DSS Compliance• Secure Supply Chain
Stop it Now
Detect• Firmware Runtime Validation• Chassis Intrusion Detection on
Most Servers• HPE Rack Cabinet Door Detector• Verified Boot Integrity Check• Trusted eXecution Technology• SIEM Tool Support• Audit Logs• Measured Boot
Recover it Fast
Recover• Secure Auto Recovery• Recover Operating Systems• Data Collection for Forensic
Evaluation• HPE PointNext recovery services
HPE Secure Compute TechnologyThe World’s Most Secure Industry Standard Servers
Silicon Root of Trust– Only HPE offers industry
standard servers with major firmware anchored directly into the silicon
– HPE can do this because we build custom iLO silicon and write our firmware code
– HPE has unique FW integration, competitors buy general purpose BMCs off the shelf without ability to tie the firmware to hardware
– HPE Secure Compute Technology protects millions of lines of FW code that run before the OS even boots
Runtime Validation– Periodic checking of
firmware verifying integrity of essential key firmware
– Verified good & malware free redundant firmware repository
– Detection of compromised code or tampering with essential key firmware
– Customer notification of detected compromised essential firmware code
Secure Recovery– Recovering essential
firmware to known good state after detection of compromised code
– Customer Options: a) to factory settings b) to last known good c) halt and wait
– Ability to recover other server settings like smart array raid levels
50
CNSA (Formerly Suite B)
– Commercial National Security Algorithms
– Typically used for handling the most confidential and secret information
– Uses the highest level of cryptography in the industry
– Only HPE offers this Mode of Security for Servers
Modes for HPE Secure Compute
– Closes off host interface to traffic
– Higher grade cryptography
– Requires authentication & encryption on SW running on host
– FIPS level cryptography on network interface
– Federal Information Processing Standards
– 140-2 Level One
– Increased Cryptography
– FIPS Validated
– Disables non-FIPS interfaces
– Commercial National Security Algorithms
– Highest level of security in the Industry
– Unmatched by any competitors
– Highest levels of cryptography (elliptic curve) on network interface
– Requires installation of CNSA grade certifications
– Includes all FIPS mode security protocols
Production Mode
CNSA Mode (formerly Suite B)
FIPS 140-2 Mode
High Security Mode
The World’s Most Secure Industry Standard Servers
– Secure on Network
– Trusts OS authentication
– Maximum interoperability with existing software
Supply Chain Risk Management Practices & Controls
52
Component Suppliers Direct HPE Relationship• Suppliers & Subs HPE Approved
• Approved Vendor List
• HPE SBC
• Supplier Code of Conduct Contracts
• Investigate Allegations of Breach
Factory Security Controls• Security Guards
• Employee Background Checks
• Lifestyle Polygraphs, etc…
• Electronic Badge Access Controls
• CCTV Monitoring
Physical Security • Alarms & Motion Detectors
• Restricted High Value Parts Access
• Gated Entry Points
• Segregated Secure Customer Cages
DFARS Compliance Proof Points• Trusted Suppliers for Sourcing• Approved Vendor List• Factory Malware Scanning• BOM Reputational Check• Advanced Counterfeit Detection & Xrays
• Continuous Process Improvement• C-TPAT III Certification• GIDEP Program for Notifications of Counterfeit• Risk Based Security Audits• Component Traceability• Proactive Anti-Counterfeit with Law Enforcement
Design Sourcing Build Fulfillment Distribution Sustainment & Operations Disposal
Prevent, Monitor, Detect, Analyze & Report Incidents of Confirmed Counterfeit & Malicious Taint
Conclusions and Call to Action
– Hybrid IT is not defined by on-prem/off-prem, but by the optimized environment / ecosystem hosting and running the workload(s)– DoD should not be in the Infrastructure Business – However, you should
care about the infrastructure and define requirements and salient characteristics to deliver operational capability, cyber security and mission assurance –DoD should adopt a COCO Consumption Model for delivering IT systems
and services, and fully embrace XaaS–Cyber security and secure supply chain are not optional…regardless of
the where your workloads run; acquisition policy and language mustchange to address these challenges
53
Thank you