Army's desktop-as-a-service plan gains cred at Pentagon, but lack of funding could delay full implementation.
Internet Of Things: 8 Cost-Cutting Ideas For Government
(Click image for larger view and slideshow.)
The US Army has begun expanding a virtual desktop-as-a-service capability at the Pentagon that will move Army and Defense Department personnel away from thick-client desktop computers to zero-client monitor and keyboard user stations. When completed, the transition promises to improve security and management, cut operating costs, and reduce the time it takes to patch and update software.
The initiative began after the Army's Information Technology Agency (ITA) began evaluating the effectiveness of virtual desktop-as-a-service (DaaS) capabilities in the Defense Department, according to Tom Sasala, the agency's chief technology officer.
Initially intended to last only three months, the initial pilot program, which tested 200 classified and 200 unclassified stations, proved so successful that ITA officials decided to expand it, Sasala told us. The initial phase of the DaaS project went live in April 2013. Current expansion plans call for installing 2,000 unclassified and 2,000 classified DaaS stations in the Pentagon by the end of the 2014 fiscal year, including in the offices of the Joint Chiefs of Staff. Plans to expand the service throughout Army Headquarters remain uncertain, Sasala added, because funding hasn't yet been allocated.
A key element of the program's design called for supporting multiple tenants centrally, using virtualization software, at a time when the Department of Defense had also begun consolidating its datacenters. Sasala believes the DaaS deployment is the first multi-tenant offering of its kind in the DOD.
Photo courtesy of Army Information Technology Agency
The DaaS program replaces desktop computers with zero-client terminals, flat-screen monitors with an Ethernet connection to the Army network. The terminals have no operating system or resident software, making them very efficient to maintain while presenting no security vulnerabilities, according to Bill Rowan, vice president for DOD sales at VMware.
Moving all of the desktop software back to the server, Rowan explained, allows the Army to centralize desktop management while providing improved security and maintenance. VMware provides the virtualization software that allows the Army's servers to support multiple users with virtual desktops. "From a single server, I can provide users with [the equivalent of] 100 desktops," he said.
Virtualization provides another advantage, according to Sasala: The converged IT architecture greatly reduces operating costs and the need for administrative staff. Sasala noted that the Army's DaaS program requires only six system administrators, compared to the 100 support personnel needed to run a large legacy datacenter.
Virtualization and virtual desktops also makes it easier to manage desktops, utilizes software licenses more efficiently, and streamlines security patching. For example, the DOD virtual desktop loads a software patch automatically when the user logs out for the day. "It's a much cleaner way to go about handling that kind of change," Rowan pointed out.
Sasala noted that DaaS deployment had to overcome some challenges, most notably integrating the new systems with the Army's existing infrastructure and meeting the DOD's demanding security requirements.
Find out how a government program is putting cloud computing on the fast track to better security. Also in the Cloud Security issue of InformationWeek Government: Defense CIO Teri Takai on why FedRAMP helps everyone.
Henry Kenyon is a contributing writer to InformationWeek Government. He has covered Government IT and Defense markets since 1999 for a variety of publications including Government Computer News, Federal Computer Week, AFCEA's Signal Magazine and AOL Government. View Full Bio
InformationWeek Tech Digest August 03, 2015The networking industry agrees that software-defined networking is the way of the future. So where are all the deployments? We take a look at where SDN is being deployed and what's getting in the way of deployments.