Ever notice how virtualization and cloud computing always seem to come up in the same federal breath? Also data center consolidation. They seem to exist in a kind of resonant triad. If you parse it out, it’s easy to see why. Virtualization is a ready-made way to effect data center consolidation, or even of cutting the size and cost of an existing data center through higher server utilization rates. Cloud also fits into the data center consolidation picture; just replace data centers with cloud services.
Aileen Black has noticed the connection between consolidation, cloud and virtualization. As head of VMWare’s public sector business, it’s her job to get federal agencies to buy VMWare’s virtualization platform. Perhaps not buy it directly, but approve it’s use. Black says 90 percent of VMWare’s sales are via resellers. Either way, she is a tireless champion of virtualization.
As Black sees it, virtualization is the “on-ramp” to cloud computing.
I agree. If you are buying capacity in a cloud, virtual machines will, all else being equal, use capacity more efficiently than the standard one-application-per-server approach. That’s sorta the point.
Whether you use the cloud as your backup or to host your production environment, you should negotiate pricing based on the number of VMs rather then the number of physical servers, consistent with service level agreements that ensure the cloud provider doesn’t get cute by stuffing too many VMs into a single server.
The backslope of high utilization is slower performance caused by disk swapping or crashes from over-committed memory.
Although cloud-first is a mandate, the policy hasn’t produced a wholesale rush to join the cloud generation. Agencies are going cloud, but just not fast and whole-hog. A survey commissioned by VMWare, and conducted by Meritalk has put some numbers on this phenomenon. One hundred sixty seven federal CIOs and IT managers responded.
The survey shows a somewhat reluctant group of federal tech managers. They know the virtues of cloud computing, with 64 percent reporting it will reduce costs and improve services. But 79 percent say they have not quite swung into the cloud-first column. Most plan on getting there within two years. And when they do, it won’t be with mission or enterprise applications, but rather with e-mail for the most part.
Why the slow adoption? No surprises — security, the budget needed to switch things over to the cloud, mystery about the FedRAMP process rank as top obstacles.
The reluctance to put mission applications in the cloud is understandable, but that doesn’t translate to reluctance to virtualize the machines running them. Black says lots of critical applications in federal agencies are virtualized. My research in following virtualization collaborates this for large enterprises in general. Virtualization is a mature technology with an ecosystem of third-party tools to support virtual system management, optimized backup and recovery, and capacity planning. And although it dominates, VMWare has competition. Microsoft, for example, also sells a suite of virtualization tools. For federal agencies, the leap of faith is not into virtualization but into the cloud.
Few federal agencies can match the National Security Agency for technology requirements. Insiders describe the NSA has totally cyber. Insiders such as the deputy director, John Inglis. Staff there basically lives in cyberspace, he said the other night at the FedSMC conference in Cambridge, Md. Unfortunately, but not unexpectedly, he couldn’t say much about about what the NSA actually does with all that technology. But I’ll wager there is a lot of digital data mining and analysis, much as the agency does signal analysis on analog traffic.
Every year the NSA spends billions — although here again the exact amount is classified. But NSA people aren’t shy about describing what it takes to do business with the agency. One of them is Mark Barnett, the director of NSA’s small business programs. He is regularly on the circuit. He boasts about NSA’s record of small business utilization. And in the same breath he describes how difficult it is to become an NSA contractor.
Part of the challenge is that contractors need top security clearance to work on a contract, but they can’t get a clearance without a contract. To overcome this catch 22, the agency runs a program called Provisional Industrial Security Approval, or PISA, under which up to five people in a small or disadvantaged business can obtain clearances for the purposes of business development. But there is only one chance for all the people to get their clearances. If one individual doesn’t pass, that’s the end of the road for the company. And no substitutions allowed, Barnett explained. Plus, NSA won’t accept a security clearance granted by another agency. If that’s not tough enough, Barnett said that clearances from NSA can’t be used to gain business development access at another agency unless meetings are attended by an NSA representative.
“We’re not all classified, just 98 percent,” Barnett quipped.
But, clearance aside, you can’t just walk up to the agency with a suitcase full of technology, according to Barnett. You have to be preapproved or recommended by someone pretty high up in the agency — program manager level or higher.
After clearing these hurtles, it can still be a long time — up to several years — before your company can expect to see anything resembling an order.
Yet for all that, Barnett said NSA awards 18 percent of contracts directly to small businesses. Adding in set-aside requirements for awards to large businesses, he said NSA would rank at the top of federal agencies for the number and percentage of acquisition dollars.
Occasionally, the NSA will reach out to a business with a particularly promising technology. Barnett said that poke won’t come from his office but from another group that scours the technology field literature looking for clues to real innovation.