DISA Shapes the DoD Cloud with STAX
The Defense Information Systems Agency (DISA) offers Secure Technology Application eXecution (STAX), a new DISA Enterprise Platform as a Service (PaaS) cloud computing solution, to the Department of Defense (DoD).
STAX provides quick and secure development, testing, and hosting of Java, Microsoft .NET Web applications, and Web services capabilities in the cloud.
Modeled after commercial cloud service providers, STAX is DoD’s first fully accredited and secure community cloud service for the DoD enterprise. The community cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises.
STAX is a key enabler of the DoD Cloud Computing Strategy for acquiring and operating the most innovative, efficient, and agile information technology (IT) in support of the department’s missions. With STAX, DISA provides computing, storage, and network infrastructure with middleware software for application code execution from a secure facility under a single pricing model with full path to production life cycle services.
“The shift from traditional IT management to cloud computing is critical to the future of DoD programs, projects, and organizations due to its scalability, data availability, and reduction in internal costs,” said Alan Lewis, DISA’s program executive officer for enterprise services.
The STAX cloud computing solution speeds the path to production and the delivery of Web applications and Web services and simplifies information assurance (IA) related to the mission partner’s application code. A process called certificate of assertion (CoA) implements streamlined certification and accreditation for mission partners developing and implementing code on STAX. The CoA takes most of the burden off mission partners by transferring many of the responsibilities of managing an IT infrastructure to DISA, while providing the mission partner with tools and resources necessary to help develop their Java and .NET applications and to quickly deploy them to production.
“The CoA is truly a groundbreaking process. This will allow services the capability to deploy applications that support the warfighter in a significantly reduced time. We have seen applications deploy their Web applications in 30 days, as compared to the normal 6- to 9-month accreditation process,” said Kimberly Schneider, STAX program manager.
With STAX, mission partners get: (1) security, (2) low costs, (3) good management, (4) a faster path to production, and (5) both scalability and elasticity.
First, no commercial cloud offering possesses the security characteristics that STAX does, which is full accreditation and compliance with DoD security and IA processes.
Second, STAX employs a “pay-as-you-go” pricing model in conjunction with a small subscription fee, meaning that mission partners pay only for what they use and will not overpay for portions of the service that they are not using. Because STAX provides the infrastructure components, networking, computing, and storage, the mission partner does not have to worry about overhead or other operating costs associated with managing those internally. DoD mission partners acquire and manage their STAX instance via a self-service website that supports DoD procurement/funding methods.
Third, DISA manages the entire infrastructure, including its security features and its support services. Along with reducing internal costs, DISA management of the infrastructure reduces the risk associated with labor-intensive, error-prone engineering tasks.
Continuity of operations (COOP) is automatically included in the production environment. COOP ensures that departments and agencies of the federal government are able to continue the operation of their essential functions under a broad range of circumstances including all-hazard emergencies, natural disasters, man-made threats, technological threats, and national security emergencies.
Fourth, through numerous developer-support tools integrated with DISA’s enterprise services and CoA, the STAX capability provides mission partners with a rapid path to production for their Web applications and Web services.
“What once took months or weeks to get into production can now take days to hours,” said Schneider.
Fifth, STAX can easily scale computing infrastructure resources to meet the mission partner’s application usage requirements and any need to change capacity. It can handle load changes, and mission partners can increase or decrease their instance sizes to better fit their application usage.
DISA‘s 2013-2018 Strategic Plan not only defines the agency’s mission, vision, strategic goals, and key objectives for the next five years, but sets a clear path for the direction of DoD cloud services.
“DISA is a combat support agency, and our number one priority is enabling information superiority for the warfighter,” said Air Force Lt Gen Ronnie D. Hawkins Jr., DISA director, in the Director’s Intent portion of the Strategic Plan. “We know we cannot obtain information superiority on our own, but we are proud of the capabilities we bring forward to enable the DoD to reach their goals.”
The needs for a scalable IT infrastructure, access to data and information on demand, and a secure infrastructure for the warfighters are just a few reasons why DoD is placing a larger emphasis on cloud computing, and, with the release of STAX, DISA is helping DoD to meet these needs.
“DISA is excited about what STAX brings to the table and how it helps DoD and our nation’s warfighters,” said John Bollinger, STAX product manager.
For more information on STAX or to inquire about how STAX could benefit you, contact the STAX team or visit the STAX page on DISA.mil. STAX’s Community Forge.mil page is a resource that contains the STAX Briefcase and the STAX informational packet.
Posted March 14, 2013