The headquarters of the Defense Information Systems Agency. 

Sep 16 2021

The Growth of milCloud 2.0 Demands a New Monitoring Approach

The Defense Department should move beyond a traditional, siloed approach to network monitoring in favor of a more omniscient view of its infrastructure.

The addition of Amazon Web Services and VMware to the Defense Department’s milCloud 2.0 contract will make it easier for agencies to transition applications and services to the cloud.

However, the acceleration of this effort may bring its own challenges. MilCloud is a substantial operation, with more than 1,200 virtual servers as of early 2021. The addition of AWS and VMware will allow agencies to add to this number, making an already complex service even more challenging to manage.

How can agencies ensure all their applications, regardless of where they reside, will work seamlessly, securely and reliably across the DOD’s massive network footprint? This can only be achieved by moving beyond a traditional, siloed approach to network monitoring in favor of complete observability across all aspects of the DOD infrastructure.

Observability Across milCloud Is Essential to Performance and Security

Instead of looking at storage, computing and networking as separate entities, administrators must have an omnipresent view of how each of these components work together, inside and outside the network perimeter and across databases, servers and applications.

Only then will they be able to understand every interaction, connection point and data transfer, ensuring the stability, reliability and security of their cloud services.

This approach will become increasingly important as more teams begin using more and different cloud services, each with its own requirements and security protocols. The more applications and platforms added to milCloud, the more potential failure points will be introduced into the system.

This highly complex and interconnected environment could be rife with security flaws, performance issues and more, unless every component is closely observed in a unified manner as opposed to the siloed approach of the past.

EXPLORE: How might the Army’s cloud capabilities evolve?

The Benefits of an Omnipresent Approach for milCloud

Agencies that can achieve this level of omniscience will experience several benefits, including the following.

Secure and frictionless collaboration. Agencies will create a more secure environment without impeding collaboration between individuals and teams. Administrators will be better positioned to detect potential vulnerabilities or anomalies that could result from all manner of collaboration, including the sharing of information across agencies and remote work environments.

Beyond security, administrators will be able to quickly discern whether applications are performing up to standards. For example, a web conferencing application may be secure, but if it takes 30 seconds to redraw images or share screens between users, it’s an inhibitor to effective collaboration. Managers can see how the issue is impacting collaborators, investigate the root cause of the disruption and quickly take action to improve performance.

Fast and accurate anomaly detection. The ability to analyze and visualize log data for anomaly detection was noted as a key priority of the White House’s recent cybersecurity executive order. Agencies must closely monitor potential threats and provide the Department of Homeland Security with access to data that could be relevant to threat and vulnerability analysis.

Again, observability across the entire spectrum of services is important. An anomaly could present itself in a database, an application or somewhere within the network itself. Agencies must be able to analyze log data quickly and easily — including events that occurred, the time of the occurrence and other factors — across the entire ecosystem. Only then can they effectively determine the extent of any potential anomaly and the threat it may or may not pose.

Smarter threat response, fewer alerts. Artificial intelligence can be beneficial in these cases. By leveraging AI and machine learning, agencies can automate their observations, allowing technology to scan the ecosystem and sift through massive amounts of disparate data, automatically remediating threats as they appear without creating havoc among users.

Administrators can also program the system to alert them to problems they need to address, alleviating “alert fatigue.” A smarter, automated system allows administrators to become more efficient and target their efforts at issues that pose the greatest threats to both security and productivity.

RELATED: What are the benefits of a cloud security posture assessment?

milCloud Requires a New Strategy

The growth of milCloud and other large-scale public sector cloud programs underscores the need for a new strategy for monitoring assets on government networks. It’s no longer sufficient to monitor these assets individually.

As they become more connected — and as the network perimeter expands — it will be increasingly important to observe the way assets perform both individually and collectively.

It will also be critical to keep close tabs on their unique security requirements and postures, as a single flaw could cause a ripple effect of adverse effects on an agency’s entire ecosystem.

That’s a risk the DOD simply can’t afford to take now that milCloud has once again gained momentum.

PHOTO BY KEVIN HEADTKE/DISA