Dr' John A' Gauss - PowerPoint PPT Presentation

1 / 20

About This Presentation

Title:

Dr' John A' Gauss

Description:

Dr' John A' Gauss – PowerPoint PPT presentation

Number of Views:26

Avg rating:3.0/5.0

Slides: 21

Provided by: vacog

Category:

more less

Transcript and Presenter's Notes

Title: Dr' John A' Gauss

1
Department of Veterans AffairsCIO Conference

Dr. John A. Gauss
Assistant Secretary for Information and
Technology
February 25, 2002

2
Why Are We Here?

To continue the forum to foster improved
department-wide communications across all
elements of the VA IT community

To update the departments Information Technology
strategy for the future and obtain feedback
To understand critical issues facing IT people in
the field
To reconcile differences between the strategy and
the critical issues
To develop action plans to achieve the strategy
and reconcile the differences

Achieve a One-VA IT Team
3
Seven Strategic Thrusts

Implement a One-VA Enterprise Architecture

Implement a One-VA data network
Secure the One-VA enterprise against Cyber attack
Establish a disciplined, non-bureaucratic IT
project management structure
Establish effective metrics to measure
performance
Implement an effective Command Control, COOP
and COG infrastructure
Implement a strategy for evolution of the IT
workforce

Number One Priority Secure the Enterprise
Against Cyber Attack In the Context of the
Enterprise Architecture
4
Number One PrioritySecuring the Enterprise

Vulnerabilities exist that can disrupt our
ability to execute our mission (e.g., Code Red
Worm)

Critical infrastructure protection is a must
given current events (e.g., my E-Mail of 12 Feb
2002)
To effectively secure the enterprise, we must
Do it in connection with the Enterprise
Architecture
Know the data network that we are protecting
Be able to isolate ourselves from the Internet
and other external networks when necessary
Have an effective, real time, operational Command
and Control (C2) process for operating the Cyber
security infrastructure

Cyber Security Threats are Real We Must Attack
This Problem With a Sense of Urgency
5
VA Enterprise Architecture Framework
6
VA Enterprise Architecture Framework

The Zachman Framework defines 36 engineering
disciplines or primitives

When completed prior to manufacturing a
product, you have
Minimum rework, scrap and waste
Maximum reuse
Maximum interoperability
The 36 cells of the Zachman Framework will be
defined for the One-VA To Be Enterprise
Architecture
Evolution of the One-VA EA will be
Top down for new IT projects, and
Bottom up for modernizing elements of the
infrastructure
The EA will evolve as business rules and
technology change

7
VA Enterprise ArchitectureNotional Sequencing
Plan
2001 2002 2003
2004 2005
2006
Syst A Syst B Syst C
L E G A C I E S
Syst D Syst E Syst F Syst G Syst H Syst
1 Syst 2 Syst 3 Syst 4 Syst 5
U N D E R D E V
Syst 6 Syst 7 Syst 8
8
VA Enterprise ArchitectureFunctional To Be
Technical Architecture
Network infrastructure protection (denial of
service)
Intrusion detection
Secure protocols (authentication and privacy)
Active monitoring
Boundary protection
9
One-VA To Be EAPhysical Infrastructure
VA Major Facilities
VA Remote Facilities
N Regional Data Processing Centers VBA - 3? VHA
- 6? NCA - 1? VACO 1?
1 Information Technology Integration
Center Product Acceptance Testing Electronic
S/W Distribution
3? Corporate Data Processing Centers Electronical
ly Vaulted Data Distributed Processing (Supports
COOP)
2 Network/Security Operating Centers Collocated
10
One-VA To Be EAPhysical Infrastructure
Other Networks
3?
6?
3?
VA Major Facilities
Cyber Security DMZ
VA Remote Facilities
N Regional Data Processing Centers VBA - 3? VHA
- 6? NCA - 1? VACO 1?
1 Information Technology Integration
Center Product Acceptance Testing Electronic
S/W Distribution
3? Corporate Data Processing Centers Electronical
ly Vaulted Data Distributed Processing (Supports
COOP)
2 Network/Security Operating Centers Collocated
11
One-VA To Be EANetwork Infrastructure

One-VA Wide Area Network (WAN)
Backbone protocol IP delivered to the WAN from
VA major points of presence (POP)
Remote locations will be backhauled to the major
POP
100-millisecond maximum round trip delay
.01 maximum packet error rate
.9996 minimum availability (down 17 min/month)

ONE VA Network, Transmission, Switching, NOC, and
Cyber Security Services (Performance Based, Not
Circuit Based)
12
One-VA To Be EAData Processing Centers

Corporate data processing centers (Corporate
assets)
Mainframe processing
Corporate data and application servers
Fully mirrored COOP recovery capability
External network connection points
Regional data processing centers (Administration
assets)
Server farms for mid-tier and desktop services
Remote electronic management of desktop software
External network connection points

3?
6?
ONE VA Network, Transmission, Switching, NOC, and
Cyber Security Services (Performance Based, Not
Circuit Based)
3?
13
One-VA To Be EAIntegration Center

Information Technology Integration Center
Integration
Testing
Acceptance
Certification
Configuration management
Application distribution
Alternate NOC/SOC
Other

ONE VA Network, Transmission, Switching, NOC, and
Cyber Security Services (Performance Based, Not
Circuit Based)
14
One-VA To Be EANetwork/Security Op Centers

Network Operating Center
24x7 monitoring and management of
IP Core routers
Transmission layer of the infrastructure
Security Operations Center
24x7 facility environmental sensor monitoring
24x7 security situation monitoring response
24x7 command control support

ONE VA Network, Transmission, Switching, NOC, and
Cyber Security Services (Performance Based, Not
Circuit Based)
15
One-VA To Be EACyber Security DMZs

DMZ at each Mega Center, Regional Center, NOC/SOC
and the Integration Center
Robust external fire-walled gateways to the
Internet, extranets and other networks
Customer/supplier facing applications and
services
Remote Access Services (RAS)
Intrusion detection
Protocol and content filtering
VPNs for privacy and integrity services
Content scanning
Load balancing
Only authorized area(s) to connectto external
networks

16
Integrated Process FlowFor New VA IT Projects
P L A N N I N G
F U N D I N G
Step 0 Define One Page Mission Statement
Step 2 Concept Development Develop 300B Exhibit
Step 3 System Definition Prototype and System
Design
Step 4 System Life Cycle Development and Testing
Step 5 Production and Deployment
Step 1 Concept Definition Develop Abbreviated
CIP
Address Row One of the Framework Plus T2
Master Schedule N2 Business Logistics System N3
Distributed Systems Architecture
Revalidate Row One of the Framework Plus Address
Row 2 of the Framework Plus Initiate Row 3 of
the Framework
Complete Row 3 of the Framework Plus Complete
Row 4 of the Framework
Complete Row 5 of the Framework Plus Complete
Row 6 of the Framework
Zachman Enterprise Architecture Framework Cells
17
Integrated Process FlowFor Rebaselined VA IT
Projects
P L A N N I N G
F U N D I N G
Step 0 Define One Page Mission Statement
Step 2 Concept Development Develop 300B Exhibit
Step 3 System Definition Prototype and System
Design
Step 4 System Life Cycle Development and Testing
Step 5 Production and Deployment
Address Row One of the Framework Plus T2
Master Schedule N2 Business Logistics System N3
Distributed Systems Architecture
Revalidate Row One of the Framework Plus Address
Row 2 of the Framework Plus Initiate Row 3 of
the Framework
Complete Row 3 of the Framework Plus Complete
Row 4 of the Framework
Complete Row 5 of the Framework Plus Complete
Row 6 of the Framework
Zachman Enterprise Architecture Framework Cells
18
Evolution of the IT Workforce

What do we need to do to meet the IT workforce
requirements for 2005?
IT workforce to manage/acquire/oversee systems
IT workforce to develop systems
IT workforce to operate maintain systems

Do we need different current skill sets, grade
levels and numbers of people to support the
implementation of our To Be Enterprise
Architecture Physical Infrastructure?

We need a Strategy Implementation Plan to
get us from where we are to where we need to be

19
Performance Metrics