The US Army has begun expanding a virtual desktop-as-a-service capability at the Pentagon that will move Army and Defense Department personnel away from thick-client desktop computers to zero-client monitor and keyboard user stations. When completed, the transition promises to improve security and management, cut operating costs, and reduce the time it takes to patch and update software.
The initiative began after the Army's Information Technology Agency (ITA) began evaluating the effectiveness of virtual desktop-as-a-service (DaaS) capabilities in the Defense Department, according to Tom Sasala, the agency's chief technology officer.
Initially intended to last only three months, the initial pilot program, which tested 200 classified and 200 unclassified stations, proved so successful that ITA officials decided to expand it, Sasala told us. The initial phase of the DaaS project went live in April 2013. Current expansion plans call for installing 2,000 unclassified and 2,000 classified DaaS stations in the Pentagon by the end of the 2014 fiscal year, including in the offices of the Joint Chiefs of Staff. Plans to expand the service throughout Army Headquarters remain uncertain, Sasala added, because funding hasn't yet been allocated.
[Former US Air Force CIO William T. Lord on the consequences of failing to modernize aging IT systems: Breaking The Cycle Of Legacy IT Investment.]
A key element of the program's design called for supporting multiple tenants centrally, using virtualization software, at a time when the Department of Defense had also begun consolidating its datacenters. Sasala believes the DaaS deployment is the first multi-tenant offering of its kind in the DOD.
The DaaS program replaces desktop computers with zero-client terminals, flat-screen monitors with an Ethernet connection to the Army network. The terminals have no operating system or resident software, making them very efficient to maintain while presenting no security vulnerabilities, according to Bill Rowan, vice president for DOD sales at VMware.
Moving all of the desktop software back to the server, Rowan explained, allows the Army to centralize desktop management while providing improved security and maintenance. VMware provides the virtualization software that allows the Army's servers to support multiple users with virtual desktops. "From a single server, I can provide users with [the equivalent of] 100 desktops," he said.
Virtualization provides another advantage, according to Sasala: The converged IT architecture greatly reduces operating costs and the need for administrative staff. Sasala noted that the Army's DaaS program requires only six system administrators, compared to the 100 support personnel needed to run a large legacy datacenter.
Virtualization and virtual desktops also makes it easier to manage desktops, utilizes software licenses more efficiently, and streamlines security patching. For example, the DOD virtual desktop loads a software patch automatically when the user logs out for the day. "It's a much cleaner way to go about handling that kind of change," Rowan pointed out.
Sasala noted that DaaS deployment had to overcome some challenges, most notably integrating the new systems with the Army's existing infrastructure and meeting the DOD's demanding security requirements.
Find out how a government program is putting cloud computing on the fast track to better security. Also in the Cloud Security issue of InformationWeek Government: Defense CIO Teri Takai on why FedRAMP helps everyone.