END-POINT SECURITY The DOD Endpoint Security Solutions (ESS) is an integrated set of capabilities that work together to detect, deter, protect, and report on cyber threats across all DOD networks. Endpoint security is a DOD-wide effort that leverages the collaborative capabilities of the National Security Agency, military services, DOD Cyber Range, Red Team support, and continuous market research through DOD components and the MITRE Corporation. Diana T. Phan Chief, Cyber Defense Division What is on the horizon for ESS? The DOD Chief Information Officer (CIO) tasked DISA with modernizing the endpoint security ecosystem in the DOD CIO capability planning guidance for fiscal year 2019-2023. DOD components will transition from the Host Based Security System to ESS, achieving full operational capability by fiscal year 2021. Transition begins with the deployment of Windows 10 Secure Host Baseline (SHB) and the addition of application whitelisting capability for Windows workstations in fiscal 2016. DOD components will coordinate with DOD CIO and DISA to execute the transition to ESS based on architectural analysis; building on automated asset and vulnerability management tools, and the anticipated deployment of Windows 10; and maximizing the use of enterprise license agreements. DISA will procure and operationalize the new enterprise capabilities (e.g., application whitelisting, containment, endpoint detection, and response solutions) on behalf of the department. How will ESS deliver innovative solutions? The DISA Endpoint Program Management Office will execute DOD CIO guidance, which instructs the adoption of more cloud technologies, and fill the capability gaps identified by Unclassified-but- Sensitive Internet Protocol Router Network (NIPRNet) Secret Internet Protocol Router Network (SIPRNet) Cyber Security Architecture Review (NSCSAR). DISA will assess Microsoft Windows Defender security capabilities native to the Windows 10 or Windows Server 2016 operating systems, and utilize the Microsoft Azure cloud with advanced threat analytics. We recommend adoption of these capabilities, if it is determined they meet documented requirements. In fiscal 2018, we intend to conduct pilot testing of application containment, endpoint detection and response, and anti-malware capabilities, with tentative plans to procure solutions in fiscal 2019. The decision to procure will be based on pilot test results, as well as DOD CIO funding approval. How will ESS make things better for mission partners? The modernization initiatives are intended to: - Facilitate manageability and sustainability of endpoint security through the adoption of cybersecurity technologies that are inherent to and compatible with the Windows operating system platforms, and which do not require constant upgrade with each new iteration of the DOD SHB. This will ease implementation of the DOD CIO-mandated SHB. - Improve protection by adopting tools that have cloud management and analytic endpoint protection, and remove the need for recurring content update highly important for tactical and disadvantaged networks. - Fill capability gaps that will prevent known and unknown attacks from succeeding, and eliminate advanced persistent threat.
DEFENSE ENTERPRISE OFFICE SOLUTION An overview of DEOS. DISA, supporting the DOD Enterprise Collaboration and Productivity Strategy (ECaPS), plans to acquire and implement a secure, seamlessly integrated, commercial cloud-based Software as a Service (SaaS) as a replacement for legacy, enterprise information technology (IT) services. DEOS is a procurement in support of the DOD ECaPS strategy that will consume the existing DOD Unified Capabilities efforts and encompass a more comprehensive set of services, such as voice, video, collaboration, email, content management, records management, and an office productivity suite in support of the department s strategy for a Joint Information Environment (JIE). The Defense Enterprise Office Solution (DEOS) will leverage cutting-edge technology to improve automation of daily business functions; increase productivity and efficiency; and offer users new methods of collaborating and sharing information, both within the enterprise and with other federal partners. Kristen M. Brown Program Manager, Defense Enterprise Office Solution DEOS commercial SaaS offerings will provide DOD with common enterprise applications and services for joint use across the department, standardize baselines, and enable cross-department collaboration at any local base/post/camp/station, to include deployed and afloat organizations. DEOS SaaS is intended to be deployed on the Unclassified-but-Sensitive Internet Protocol Router Network (NIPRNet); the Secret Internet Protocol Router Network (SIPRNet); and denied-disconnected, intermittent, limited bandwidth (D-DIL) environments. Why is DEOS important? In recent years, agencies across the federal government have embraced cloud computing architectures and solutions to provide services to constituents, and reduce the need for large-scale, traditional IT infrastructure investments. DEOS will provide DOD users with seamless, transparent office automation and collaboration services that transform data into actionable information, while ensuring dependable mission execution. How will DEOS make things better for mission partners? DEOS users will experience cutting-edge technology and improved automation of daily business functions. DEOS will provide current SaaS features (i.e., email, chat, collaboration, etc.), which will increase productivity and efficiencies, and provide users new ways to collaborate and share information. As the DOD workforce evolves to include a generation which does not rely solely on email capabilities, newer collaboration tools and enterprise services may supersede them. The ability for DOD to provide the entire workforce with a broader suite of collaboration capabilities will bring greater opportunity to productively communicate, collaborate, and serve our mission partners.
SYSTEMS ENGINEERING, TECHNOLOGY & INNOVATION Systems Engineering, Technology and Innovation (SETI) is a new multiple-award task order contract vehicle for the Department of Defense. It is based on innovation as a priority to solve the complex information technology (IT) engineering and developmental requirements for DISA and our mission partners. SETI will consolidate and streamline critical engineering expertise to research, design, develop, implement, integrate, and optimize DOD IT capabilities, systems, and solutions. Christopher R. Riley Program Manager, Systems Engineering, Technology & Innovation How will SETI help DOD innovate? SETI has been designed to drive innovation from the ground up. Innovation will be rooted in our contractors, processes, and stakeholders. SETI will have a unique pre-qualified group of nontraditional contractors with a proven innovative corporate culture. They will have all the internal mechanisms necessary to develop innovative solutions and enhance the way warfighters interact with technology. SETI s acquisition and procurement practices must evolve to meet the next generation of IT engineering requirements. New ways to incentivize innovation and enable government stakeholders to more effectively manage the programs for which they are responsible, are essential. The SETI program office will connect innovators on the government side with mission partner counterparts, to create a pseudo-matrixed organization of personnel who understand the importance of innovation in the world of smart government. This will result in an integrated product team-like project management office with expertise and focus on improving the status quo in finance, contracting, program management, and engineering. Why is SETI important? SETI was built to be successful for many years to come. Our focus areas include DISA s current innovation interests, with the capability to evolve in support of emerging technologies that develop over the next decade. How will SETI make things better for mission partners? SETI is not just a one-way push communication capability for requirement owners. The SETI exchange forum will be a two-way collaboration mechanism. Our contractors will have copious opportunities to present the government with new ideas on how to solve big, small, and potentially unknown capability gaps. Likewise, the government will utilize a new collaboration forum to present their unique problem statements to our contractors, to effectively, creatively, and innovatively solve tomorrow s requirements before they become problems.
SMALL BUSINESS DISA: Office of Small Business Program. The mission of DISA s Office of Small Business Programs is to serve as the principle advocate and primary advisor to the DISA director, senior leaders, workforce, and industry on all aspects of the small business program, to ensure the continuous growth of the small business industrial base supporting information technology (IT) products and services for our global warfighter. DISA s partnerships with industry, academia, and our mission partners are critical to forecasting emerging technologies and their value to DOD, supporting informed technology investment decisions that will strengthen the enterprise and improve the enterprise service capabilities we deliver. Sharon L. Jones Director, Office of Small Business Programs The federal government has demonstrated commitment to the success of small business through prime contract awards to small businesses, including those in socio-economic categories. The federal small business program policy is to provide maximum practicable opportunities in its acquisitions to small business; service-disabled veteran-owned small business; HUBZone small business; small disadvantaged business; and women-owned small business entities. What is on the horizon for the Office of Small Business Program? The Office of Small Business Programs continually strives to influence a culture of maximum utilization of small business for innovative IT solutions. Upcoming program initiatives include: Active engagement through strategic small business events and training sessions, highlighting small business capabilities that support mission requirements. Increasing the commitment to small business utilization through the small business subcontracting program, including small business participation and subcontracting plans. Implementing strategies that significantly emphasize a small business first approach within the acquisition and contracting process. How will the Office of Small Business Program deliver innovative solutions? DISA actively supports and will regularly use small businesses that: Deliver innovative solutions and provide access to evolving generational philosophies that align emerging technologies with mission requirements, to strengthen cyberspace defense and enhance the global information infrastructure. Create efficient integration of mature solutions, while influencing research and technology initiatives that address critical gaps and capability shortfalls. Ensure the viability of technological solutions that meet future requirements of mission endeavors. Drive the speed of technology and know-how to move at the speed of DISA s ambition, based on rapid changes within the marketplace.
CLOUD PORTFOLIO How will your program innovate or deliver innovative solutions? milcloud 2.0 will provide robust and resilient infrastructure services to mission partners for a variety of highly protected workloads. The integrated solution includes utility billing, real-time elasticity, and a web-based provisioning and business process management portal. Implementation of milcloud establishes a commercial Infrastructure as a Service (IaaS) environment. This concept will provide customers the cost benefit of moving away from fees based on purchased capacity to a model that will allow them to solely pay for their actual usage. John E. Hale Chief, DISA Cloud Portfolio Secure Cloud Computing Architecture (SCCA s) security services will expand the adoption and growth of on and off premise cloud services among mission partners. By offering department mandated security services in an enterprise fashion, SCCA offers a scalable and cost effective approach for cloud access and management services. Why are cloud services important? DISA s cloud services lay the groundwork for the DOD to move it s computing and storage needs to the various cloud efforts underway. By facilitating off premise commercial cloud, as well as providing on premise commercial cloud capabilities, we are ensuring our mission partners can meet their mission needs as the workforce continues to demand more from existing capabilities. How will cloud services deliver innovative solutions? DISA s cloud services allow DOD mission partners to come to one authoritative source for implementing and operating in a cloud environment. As the demand increases and budgets shrink, DISA provides cost-effective solutions for mission partner computing and storage needs.
DISA STOREFRONT DISA storefront (DSF) is an electronic means to order DISA telecommunication products and services. The intent is to create a single, one-stop shop for all DISA services [and] to provide more intuitive ordering processes with easy to understand order descriptions, price alternatives, and comparison in real time. Harold L. Herrick Program Manager, DISA Storefront An overview of DSF. DISA storefront is a public facing, web based order entry portal designed to provide the enterprise service ordering capabilities for all DISA service offerings. The approved DISA Requirements Management Process (DRMP) designates DSF as the single point of entry for access to DISA services. DSF is hosted in the DISA St. Louis data center on the Unclassified-but-Sensitive Internet Protocol Router Network. All DISA mission partners can access DSF from outside the.mil domain, including federal and foreign mission partners. DSF currently supports 87 telecommunication services, more than 13,000 registered users, and more than 300,000 active service orders. DSF interfaces with the DISA operations support, financial management, and contracting systems, as well as mission partner systems. DSF replaced the legacy DISA Direct Order Entry (DDOE) system in January 2017. How will DSF innovate or deliver innovative solutions? DSF will provide innovative solutions though process automation, data consolidation, and expanded system integration in a single portal, enhancing customer relationship management and outreach efforts, while improving responsiveness to mission partners emerging requirements. DSF s expanded system integration with billing, contracting, and fulfillment systems provides mission partners with capability to track ordering and service fulfillment status; monitor contract awards and expiration; review and revalidate service requirements; and monitor business metrics for better situational awareness of order volume and cost. Lastly, DSF uses software defined networking (SDN) capabilities to automate provisioning and activation of network services. The layer 2 and layer 3 virtual private networking (VPN) service SDN pilot is the first critical step toward empowering mission partners with the ability to actively manage virtual services, while facilitating the migration from legacy time division multiplexing-based services and leveraging DISA s internet protocol (IP) structure. How will DSF make things better for mission partners? DSF makes things better for internal and external mission partners by providing a one-stop shop for ordering DISA services through an automated management portal. Integrating the DISA service catalog and automating service ordering capabilities into a single portal aligns with the one-stop shop concept applied by top commercial retail sites. Automating the service ordering process for services eliminates manual document processing and the use of a middleman. This provides the transparency mission partners require to track requirements through order submission, approval, and fulfillment. Web forms with smart logic streamlines order submission through templating capabilities and automated data population by leveraging user profile information and external sources. The automated workflow ensures all orders are routed to the correct office for approval or action throughout the fulfillment process. Mission partners will no longer question whether they have the correct order form or format, which organization or point of contact is required for order submission, or visibility of where their order is in the fulfillment process. Lastly, service ordering consolidation provides mission partners with the capability to monitor contract awards and expirations; review and revalidate service requirements; and monitor business metrics for better situational awareness of order volume and costs.
GLOBAL COMMAND & CONTROL SYSTEM - JOINT ENTERPRISE An overview of GCCS-JE. Global Command and Control System Joint Enterprise is a modernization to the current Global Command and Control System Joint platform, which has been in existence for over 20 years. The updated version delivers an enterprise mobile cloud solution operated in a classified web browser. What is on the horizon for GCCS-JE? We are planning to award capability developments within the Systems Engineering, Technology, and Innovation (SETI) contract, scheduled for the third quarter of fiscal year 2018. The Global Command and Control System Joint Enterprise (GCCS-JE) provides premier command and control capabilities that are secure, interoperable, and meet current and future warfighter requirements, while delivering optimal return on investment for the Department of Defense. LTC Patrick M. Major Program Manager, Global Command & Control System - Joint Enterprise How will GCCS-JE deliver innovative solutions? The Joint Enterprise delivers mobile platforms over the cloud via classified web browser. This gives Joint Task Force and combatant commanders the ability to access classified mobile devices through the cloud, using the DISA enterprise. Why is GCCS-JE important? This program will improve the technical features of the legacy platform and save operations and maintenance funds, while improving the cybersecurity posture with critical timely updates. How will GCCS-JE make things better for mission partners? Joint Enterprise offers the mission partner a mobile solution, enabling receipt of alerts outside the traditional joint operations centers, for increased situational awareness.
MOBILITY How will Mobility innovate in the future? For classified mobility programs, we are using the standards of commercial solutions for classified (CSfC) to bring classified mobile solutions to our customers at competitive prices. Modern commercial devices give platforms and processing power, which serve as a basis to build capable secure solutions. Additionally, CSfC solutions can be brought to market in a fraction of the time than GOTS devices. Mobility has replaced government off-the-shelf (GOTS) solutions that originally cost seven times more than our current offerings. Defense enterprise mobility leading the DOD mobile workforce evolution. DISA is leading DOD efforts to create a highly mobile workforce equipped with secure access to enterprise capabilities anywhere, at any time, for greater mission effectiveness. Jacob Marcellus Chief, Mobility Division Why is Mobility important? Mobility is important because the world s information systems are increasingly being accessed via mobile devices. Mobile devices inherently give access to data almost anywhere at any time. If DOD does not give its customers the ability to use mobile form factors, we will be at a disadvantage. How will Mobility make things better for mission partners? The goal of DISA mobility is to be the provider of choice for all DOD mobility needs; providing premier mobile enterprise capabilities that are secure, interoperable, and responsive to current and future warfighter needs. Most mission partners do not work a typical eight-hour day. Our solutions give customers the ability to be effective where and when they need to be.