Defense Information Systems AgencyDefense Information Systems AgencyDISA_e0be573e-6abf-4d9d-90be-bc698f7dbb5eWe at DISA imagine and envision a world in which information is virtual and on demand with global reach. Information is protected by identitybased capabilities that allow users to connect, be identified, and access needed information in a trusted manner. It is a world in which United States military forces can deploy and connect no matter where they are located, pull information needed for their missions, and be given timely, accurate information on any threats they may face. It is a world with no seams between the sustaining base and the tactical edge so that operational agility is enabled. It is a world in which the United States military can freely exchange information routinely with coalition partners and others responsible for the security and defense of the United States. The technology employed is agile, adaptive, and capabilities-based. And, we imagine and envision a world in which our soldiers, sailors, airmen, and marines are equipped with capabilities and services that are state-of-the-art._6059f3e5-b9f3-4acf-a503-3c77c4d9e695_5cdbf184-78ca-11df-942e-95587a64ea2aSpeedDeliver IT capabilities and services faster_3749cd26-a243-452f-aaa5-763f79a544701We will become the joint acquisition agent of choice for enterprise information technology capabilities and services. We will adopt innovative ideas and processes to deliver capabilities and services that our forces are able to use with agility. We will increase the speed and flexibility of the requirements and acquisition processes used in delivering capabilities and services, and we will tailor oversight and governance to be commensurate with risk. Our goal is to close the gap between the availability of technologies and fielding them for warfighting advantage. DISA will follow the precepts of adopt-before-we-buy and buy-beforewe- create. If another organization has developed or acquired a capability or service that either fits or is close to fitting a need we have, we will adopt it. Where adoption opportunities are not available, we will turn to the private sector and acquire a capability or service that either fits or is close to fitting the need. The final choice is to create or build. We intend to avoid development and turn to others for solutions when we can. Speed of deployment is often more important than a perfect solution. We will pursue the adopt-before-we-buy and buy-before-we-create approach partly as a way of getting the 80-percent solution in the hands of the warfighter quickly. A fundamental element of our strategy is teamwork – teamwork with stakeholders, customers, and vendor partners. We will use a federated development and certification environment (FDCE), the “sandbox,” in which all can participate to foster innovation and collaboration and to introduce new capabilities and services into the GIG. We will ask developers, testers, and users to play in the “sandbox” by exposing candidate capabilities and services to warfighting, intelligence, and business users via the FDCE. We will incentivize vendors to do the same. Some candidates will take off; some will not. Success of the FDCE is dependent in part on the ability to do an early kill of those that do not. In any case, this richly collaborative approach will bring the best and brightest to the forefront and help us to speed the delivery of capabilities and services to warfighters.Innovative ApproachesEmploy innovative approaches to exploit the flexibility in the acquisition process._aba7a747-e526-419e-83cd-ecfd02bd1ffb1.1IT AcquisitionChange the way the DoD acquires IT to deliver capabilities and services at speeds commensurate with the Internet._1a4fba2d-9828-4e73-b207-785fe4eadbad1.2Governance and OversightTailor governance and oversight commensurate to the level of risk._c936d834-979e-42f6-8795-acbc450b4c9c1.3CompetitionAggressively exploit competition._0dca99cb-4713-4732-9cb0-3598c5d38cd41.4Performance-Based ApproachesUse performance-based approaches such as statements of objectives as a principal acquisition tool in lieu of detailed specifications._9cc3d908-ebd9-4a1c-a811-d4bb893891381.5Service Level AgreementsUse service level agreements to define performance expectations._3691449d-19fe-4afd-9916-20a5e7f5db921.6Pilots, Proofs of Concept, and ExperimentsUse the FDCE, pilots, proofs of concept, and experiments to determine if candidate capabilities and services are suitable, can scale, and can operate in appropriate security and operational environments._a6afd155-b008-40bd-9b98-41948c523c001.7Involvement in Sourcing DecisionsEnsure early and continuous involvement of Combatant Commands, Services, and Agencies and other communities of interest in sourcing decisions._d012be8d-bacb-48ed-acd2-57606292a46a1.8Bandwidth, Processing, Storage, and Web ServicesMaximize the use of on-demand delivery of bandwidth, processing, storage, and web services, leveraging commercially available offerings._fd79a9cb-0788-4952-ae72-ba7d230f760e1.9Industry PartnersDevelop innovative relationships with industry partners for strong performance-based solutions, speed, risk balance, and mission assurance._6389fc6d-72b4-4c90-b9e4-65153b7bf38d1.10Power to edgeExtend enterprise services to the edge_f0175efe-39ac-4726-ae78-4e9936cef5972Warfighters must have access to timely, relevant, and accurate information anywhere, anytime. Success depends on the right information being available and usable by commanders at the right time. Therefore, it is no longer sufficient for DoD components to provide segments of the network that are independently developed and managed if these conditions are to be met. DISA will synchronize and integrate efforts with our partners to bring coherence to the network and extend DISA-provided capabilities and services to the edge. This translates into the need for enterprise wide systems engineering, a common strategy and architecture, a single concept of operations for network operations, configuration control, and situational awareness that comprehensively spans the sustaining base to the tactical edge. The Enterprise Information Environment (EIE) provides standards, rules for data accuracy, the framework to place data on the network, and governance of information on the network. As the foundational element of the EIE, Net-Centric Enterprise Services (NCES) supports all mission areas and provides enterprise services to integrate the warfighter, business, and intelligence mission areas. The Department must transform spectrum management, transitioning legacy processes and capabilities to support net-centric operations and warfare. DoD’s spectrum access, when and where needed, is vital to the deployment, employment, and sustainment of a warfighting force anywhere in the world.Technical Procedures and StandardsPublish a set of technical procedures and standards to provide an enterprise wide design pattern for service and capability developers to ensure interoperability of independently developed IT capabilities._aeae5c6d-6b10-4ff7-8ca4-3d35a7ea8fd12.1.1SOA Center of ExcellenceEstablish a center of excellence for service oriented architecture (SOA) to lead SOA implementation in DoD._5bc6bab6-1255-46e8-8587-90195aa8f46d2.1.2SOA/Web Services MigrationMigrate proprietary application interfaces and legacy information technology architectures to a SOA foundation, based on open webservices standards including loosely coupled core enterprise services._df9cf0a4-4086-45be-b62c-d8287a2ccd4f2.1.3New Capability and Service MetricsDevelop criteria with clear metrics for accepting new capabilities and services identified in the FDCE onto the network._403fcc43-4c77-463c-bc94-4a72fbd0779a2.1.4Directory Service and Interoperability StandardsImplement a joint enterprise directory service and produce interoperability standards for enterprise directory data and metadata._5bd9f4c7-835f-4e3b-939a-b01c6c730f512.1.5Naming Conventions, Schemas, Interface Specifications, Tools, and Interoperability and Performance StandardsEnable the DoD data strategy by publishing naming conventions, schemas, interface specifications, tools, and interoperability and performance standards._408f11bd-08c3-49e7-9f0b-a78110c8a1b42.1.6DoD Data StrategyEnsure that all appropriate DISA internal systems are compliant with the DoD data strategy._208d0bbe-8a64-4470-9b5f-7909f1586e3c2.1.7Internal Technical Procedures and StandardsPublish an extension of the EIE technical procedures and standards for DISA’s internal systems._50eb96b2-f304-4b87-962f-5275d4d7b1312.1.8SOA GovernanceDevelop the DISA SOA governance approach._b500bc24-1c79-4e00-99d0-bdcc72e25d842.1.9Situational AwarenessDeliver global capabilities and services to extend situational awareness and control of information across the sustaining base to the tactical edge._611deb07-6d4c-434f-bae3-6637c9e1353c2.2.1Information Dissemination ManagementEstablish policies and processes for information dissemination management (IDM) describing where and how data, capabilities, and services will be provisioned, stored, and managed on the network._37417ac6-b264-481e-8678-759c054feaf12.2.2Information Requirements and Content StagingDevelop a process to achieve the capability to model information requirements in support of deploying warfighting forces and to execute content staging forward to support them._695d6a0b-5c9e-48e8-a56b-b277a70a90c22.2.3GIG OversightProvide continuous oversight of the GIG’s evolution._edf404b9-b9e4-4e22-a29b-c18016bc01602.3.1Technical BaselineMaintain a GIG enterprise wide technical baseline._b52787a0-4357-4316-9c05-7debb93a08c02.3.2Enterprise AnalysisEstablish enterprise wide analysis capabilities._6cd47866-4894-4ee0-b6e3-8d5ef049e3122.3.3Compliance ManagementEstablish a GIG compliance management program._bcfd270a-66ed-4dd6-b6e6-308422fee36d2.3.4StandardsEstablish and publish standards._a5645132-480d-4b98-bd67-ec930c7270542.3.5DESMSP and DSMAUpdate the DoD Electromagnetic Spectrum Management Strategic Plan and develop the Defense Spectrum Management Architecture (DSMA) to guide the Department toward net-centric spectrum management._3ea2469c-3fa5-4128-85d3-ff0e481e62e82.4.1DSMA and GESISDevelop a roadmap to achieve integration of the DSMA and the Global Electromagnetic Spectrum Information System into planning and execution._428b522d-1f0a-4e22-8bbf-7db3c70024cb2.4.2Dynamic Spectrum AccessIn coordination with NATO and other bodies, develop strategies to introduce dynamic spectrum access technologies and techniques, nationally and internationally._b4116f52-2537-48ae-82f4-26c5dc4575c32.4.3Technology Investigation and IntegrationDevelop enterprise wide capabilities to consistently investigate and integrate spectrum-efficient technologies into DoD systems._7ac45ec7-adf1-49c4-b7d7-cbcbdba4375f2.4.4Management ProcessesDevelop efficient spectrum management processes using advanced technologies and techniques._fdb0f588-c589-456c-8cdf-529df092364a2.4.5IP Network and ServicesMigrate from circuit-based technology to a converged IP network and services environment in accordance with the GIG Convergence Master Plan._4f9257a8-1dd5-4128-8380-bf79f54f185c2.5.1QOS and Delivery AssuranceImplement quality of service and assured delivery capability for network and real time services and applications, with parameters that ensure proper end-to-end operations._cbf30ec5-8115-4d2d-b50e-4b3961739c682.5.2Communications NetworkEvolve to a single virtual DoD terrestrial and satellite communications network providing capabilities and services from the sustaining base to the tactical edge._49e90d02-c8e7-4d85-87c1-153f9a1fc87a2.5.3SATCOM ServicesProvide responsive, agile, and cost effective commercial SATCOM services._bdcff5a2-e367-4077-b309-41b2572c828b2.5.4Wireless StrategyContinue development of the DoD wireless strategy._29e566df-0ddc-4b77-a88c-0e02f20ac4542.5.5Virtual ProvisioningEstablish processes and an online mechanism for customers to directly provision a virtual operating environment on demand within minutes to meet ad hoc, real time warfighter needs._1fa8b8cd-7e17-4b41-bb2b-62679f81bd5e2.6.1Dynamic ScalingEstablish a capability for applications to dynamically scale computing resources up and down on demand to meet traffic loads._b79dad50-d791-4bc9-bce7-a7af506e138b2.6.2Globally Accessible StorageProvide an enterprise level storage capability globally accessible to all DoD applications._baa62f04-5751-404a-835c-34e8139a74a12.6.3GCN Vocabulary and StandardsDevelop a common vocabulary and performance standards to describe a range of GIG Computing Nodes (GCNs) that can be used tactically._bfe7d5a0-0a84-4a5a-bf0d-2a338cfd22bf2.6.4Operational excellenceAccelerate operational effectiveness and efficiency_369f02ff-8ad9-422c-a875-79add291071e3The GIG is centrally operated, managed, and controlled in support of net-centric operations and warfare by the Joint Task Force-Global Network Operations (JTF-GNO). DISA is responsible for operating and sustaining the Defense Information Systems Network (DISN), the enterprise computing centers, enterprise services, and command and control capabilities and services. Providing efficient and effective capabilities and services requires excellence in customer relationships and the agility required to adjust to dynamic requirements. We will partner with our customers and evaluate ourselves in terms of their success. We will simplify the business model for cost recovery of all DISA services. We will dramatically increase communication with our user community through improved web and web-services access and services status, and we will provide our customers with a feedback mechanism. DISA’s enterprise computing centers will be dramatically different in the future. Today, they are principally hosting environments for combat support applications in which customers pay for services either through rates or full cost recovery. While this model will continue, DISA’s computing centers will also provide capabilities for rapid, just-in-time scaling of processing and storage to meet unanticipated needs for web services and other warfighting demands. Therefore, the enterprise computing centers must evolve technically and operationally and with business models that support the evolution. We will structure NetOps capabilities to maximize operational effectiveness. We will implement enhancements to facilitate efficient provisioning, management, and cost recovery.NetOps ArchitectureContinue development of the DoD NetOps architecture that includes standards, policies, and processes._4dea1252-a868-46c6-8930-634114ec75c93.1.1Integration of Telecommunications and Computing Service ManagementDevelop NetOps concepts to integrate telecommunications and computing service management to ensure timely access to and efficient use of information needed for mission execution, and optimize the NetOps centers to include continuity of operations to gain efficiencies._8a4f67ed-c372-439b-b0dd-abb5878e8c253.1.2GIG Management AutomationAutomate the management and control of DISA elements of the GIG using machine-to-machine concepts and technology to reduce human intervention, improve availability and security, and reduce costs._dac006f0-8ea7-495e-b1ac-062b6d4e97763.1.3On-Demand Provisioning Processes and ProceduresImplement processes and procedures to support provisioning capabilities and services on demand._464431ad-14ff-41fb-8214-6f573d10e1293.1.4Operational StandardizationStandardize operations of DoD Teleports, Standard Tactical Entry Points, and other SATCOM gateways to ensure optimum management, use, and cost effectiveness._f879b8cb-10b8-4927-9af3-8f62f5b2b9dd3.1.5Gateway StandardizationStandardize the operation of gateways between the GIG and the Internet – to include DoD Internet Access Points (IAP) and Demilitarized Zones (DMZs) – which enable protected and controlled access between the DoD and its partners._4cf96238-7e2d-4e47-86e6-8d2537bff40a3.1.6Service Level ManagementEstablish the definitions, standards, and processes for service level management of DISA-provided capabilities and services._ff91c850-5372-4a56-803e-7c08a1a2f6133.1.7NetOps CriteriaDevelop criteria for DoD NetOps which address education, training, and certification of the workforce._13a9d62f-4767-438e-9362-f3165e3784f03.1.8MSPP and MPLSTransition from Asynchronous Transfer Mode (ATM) based services to Multi-service Provisioning Platform (MSPP) for physical circuits and Multi-Protocol Label Switching (MPLS) for the virtual circuit equivalent._290879b9-5c83-447a-aed8-dcf89e2a87fc3.2.1Refreshment and ExpansionEnsure the DISN is appropriately refreshed and expanded to provide improved security and to meet capacity demands._b0ff3a1f-7ae4-47c4-8357-7f940b80983b3.2.2Virtual or Grid ComputingMove toward the concept of virtual or grid computing in which applications will utilize available computing capacity irrespective of geographic location._bd4c9885-4047-40a0-b859-38849e885ed83.3.1Storage Provisioning and ManagementExpand to provisioning and management of enterprise level storage capability ensuring data accuracy, integrity, and assurance._a00c6a96-4b56-432d-abae-6a24bb2ce8473.3.2Sharing and defending informationEnable sharing of information while staunchly protecting it_f9391e2a-4d7b-4169-82ce-1bff4029771e4A warfighter’s ability to leverage the right information at the right time is the difference between mission success and mission failure. We will provide state-of-the-art capabilities and services that enable sharing of information through an assured, accessible net-centric environment. These capabilities and services will enhance planning and execution of joint military and coalition operations in a responsive, agile, and cost effective manner. We will enable transition from a culture of need-toknow to one of need-to-share, while ensuring that the Department can still keep a secret when necessary. New sharing relationships will be built virtually and instantly. We will aggressively develop and implement measures to manage and defend the GIG to ensure warfighting forces, including partners and allies, can deploy and connect globally, and share timely, trusted, and accurate information needed for their missions. We will design, implement, operate, and sustain the GIG for maximum mission assurance in the face of kinetic or cyber attack. We will propose policy and implement instructions for security certification and accreditation supporting the fast paced, often ad hoc, on demand nature of net-centric operations and warfare. We must be able to add capabilities and services to the network at Internet speed.Net-Centric Collaborative Information EnvironmentDeliver the Department’s C2, combat service support, business, and intelligence capabilities using a net-centric, collaborative information environment._78769641-8fb5-456b-869d-a1747d5007a84.1.1Technical Procedures and StandardsPublish an extension of the EIE set of technical procedures and standards for the C2 and combat service support, business, and intelligence communities._fa4b646e-97a2-456b-95a7-299c0f625ffe4.1.2Standard Information Sharing CapabilitiesProvide standard coalition information sharing capabilities by combining the CENTRIXS, Griffin, and REL DMZ efforts and integrating them whenever possible with C2 and combat service support capabilities._a884343c-cbd6-4a1b-992c-4c8c79bf04534.1.3Cyber IDsDeploy cyber identity credentials throughout the GIG for safer and broader sharing._da3c8cfc-bdc6-4518-9439-b79e45f82ffb4.1.4PKI AssessmentContinually assess the Public Key Infrastructure architecture for effectiveness._9e9396a0-55fd-404e-a3a8-ac75047df4c34.1.5NIPRNet and SIPRNetRedesign the NIPRNet and SIPRNet, including certain shared components (e.g., the domain name system), to dramatically enhance security and improve sharing._606c2b39-bf82-4259-b3cc-352bcdacacbd4.2.1GatewaysDevelop and operate strengthened gateways between DoD and the Internet and between DoD, other United States networks, and coalition networks._f29af586-735f-420b-9aa5-628ee5dabb294.2.2Publicly Visible and Partner-Facing Applications and ServicesWith the Services and Agencies, plan and execute the movement of all publicly visible and partner-facing applications and services into DMZs to improve sharing and security._4699a354-3bcd-47b8-9a25-af6bb1ce06074.2.3Security ConfigurationIn coordination with other federal agencies and industry, provide security configuration guides, checklists, gold disks, and other standards to properly configure and manage applications, devices, and enclaves._9920540e-f1a3-4908-bcaf-33c8151fe0b74.2.4Defense, Attack Sensing, and Situational Awareness Tools and CapabilitiesPlan for, acquire, and deploy enterprise wide tools and capabilities that improve defense, attack sensing and reaction, and situational awareness._05e3743c-10a9-421e-9c00-550f95e16ee74.2.5Design Evaluation and TestingDevelop and use a standard IA design evaluation and testing process for capabilities and services as part of the FDCE process._16ef2156-b935-4f0b-9331-757bc9aa5f2a4.3.1C&ADevelop policies and procedures for certification of organizations trusted and empowered to provide DoD certification and accreditation (C&A) of capabilities and services to be placed on the network._c3d1826e-323b-4892-9788-77305b5bf38c4.3.2Standards ComplianceDevelop and implement processes and procedures to ensure each capability and service placed on the network meets DoD data sharing, reliability, performance, and security standards._30410cf6-9cf9-4327-9347-ff706fd8e7e44.3.3Intrusions and AttacksDevelop and implement a DoD-wide intrusion and attack detection and diagnosis plan across all aspects of the delivery of capabilities and services._831edd25-1d16-41ca-8572-c769b3e537114.4.1Insider ThreatDevelop a DoD-wide strategy for, and deterrence of, the insider threat._43323d76-7af4-446b-8453-892742d4c5344.4.2Best valueCustomers know and understand the value of DISA capabilities and services_747ad3fc-21ec-4f0e-9983-64e6888f23415We will excel in our stewardship of taxpayer dollars through integrity, full and open financial disclosure, fiscal discipline, and professional competency. Success in these areas will lead to well-informed and accelerated investment decisions throughout DISA. We will attain a clean audit opinion. Full financial disclosure is a cornerstone for attaining the highest standards of performance. With underlying comprehensive fiscal oversight, we are committed to lead and excel in the mutually supportive areas of cost visibility (open books), financial accountability, and fiscal discipline. We will clearly link DISA-provided capabilities and services with their costs. This will allow customers and stakeholders to clearly see full value from every dollar in DISA-provided capabilities and services.BudgetsDevelop budgets that are compelling, defensible, consistent, and clearly aligned to support DoD priorities._45d7aa4a-2f43-431d-9d63-2715856dcb845.1.1Investment PlanDevelop a metrics-based investment plan for use in the programming and budget processes that will allow practical evolution of capabilities and services over time._ba28d1a4-3f86-4768-a6cd-320dd7b0bc535.1.2Performance Metrics and ForecastsImprove metrics that forecast areas of potential weakness and track actual performance across the breadth of financial activities._62fd1a1a-3d77-4f4f-a075-c98fdcc1db625.1.3SimplificationProvide a simplified approach for customers to conduct financial business and share information with DISA._972328f0-7284-4d1d-929f-4c8b18bba8325.1.4Financial AccountingCollaborate with OSD, the Defense Finance and Accounting Service, and others to implement a new financial accounting system and improved policies and processes._8cf18c2e-db21-4e16-91c1-fce95596f0bb5.2.1TransparencyEnsure our internal processes are transparent so customers and stakeholders will understand our costs._519a40eb-e387-4f1f-bdda-a038c1c6750a5.2.2Cost RecoveryPropose and explain cost recovery for DISA-provided capabilities and services such that our customers understand and accept their bills._4f6ad6e6-4d08-4743-98c3-a805243ac1005.2.3Service MetricsDevelop and track service metrics jointly with customers that reflect what is needed for their mission accomplishment._93f3e973-fb08-490b-96b4-9dbb2daf05735.2.4Investment-Based MetricsEstablish investment-based metrics that track use and cost of bandwidth, processing, and storage._1e5e85c2-d09f-4e61-bee5-8b2a7b3a23075.3.1Costing MechanismsUse clear and understandable costing mechanisms to establish fair and reasonable costs to customers, estimate costs effectively, deliver internal support services efficiently, and make informed resource allocation decisions._0108d479-5d86-4646-8a77-b96e825d24895.3.2Cost DriversDefine and measure cost drivers and manage those drivers to favorably affect the cost and content of our capabilities and services._a5836dee-4648-4a1f-842e-665f80c933bc5.3.3Cost-Based Policies, Procedures, and PracticesImplement policies, procedures, and practices to ensure we are costbased._4c7cf9ae-a359-40ec-ab1b-fa911abb2cce5.3.42010-02-08http://www.disa.mil/strategy/strategy_book.pdfOwenAmburOwen.Ambur@verizon.net