DOD to build virtual Pentagon





Comment Click here to comment on this article

Related story links In the wake of terror IT replacement gear streams into Pentagon DOD recovers tech systems

Newsletters You might also be interested in these FCW newsletters: Daily To learn more, click here.

The Defense Department is developing plans for a "virtual Pentagon" that would enable its officials to continue to work even in the event of a large-scale attack on the Pentagon similar to the one Sept. 11, senior military information technology officials said last week. The plans, also referred to as the "distributed Pentagon," are a significant redesign of DOD's IT contingency plans, which proved to be inadequate when terrorists crashed a commercial aircraft into the building. The attacks on the Pentagon and on the World Trade Center have given other agencies pause as well, as the once unthinkable has made them rethink plans they may never have expected to use. Sept. 11 "was a wake-up call [where people said], 'Oh, that could happen to my data,' " said Margaret Myers, DOD's acting deputy chief information officer. Among other problems, DOD realized its computing environment had numerous single points of failure  applications or databases that, if taken out, could not be recovered, and critical network links that, if down, could not be worked around. The Army lost a significant amount of budget data, Myers said. The Navy, which lost about 70 percent of its Pentagon office space in the attack, lost some data, but had its backup data stored off-site. DOD's contingency plans made before the Year 2000 date change provided some valuable information, but did not go far enough, Myers said. "It helped in knowing where the critical paths were, and that was useful information," she said. But it did not address the issue of contingencies if the paths were destroyed altogether, she said. The virtual Pentagon would create redundancies, with backup sites located away from the Pentagon. The primary and redundant systems would share a network, so critical information could be continually backed up. But the redundant systems would have their own network connections. If the primary network were destroyed, Pentagon officials could bring up this shadow network and continue working without disruption. The virtual Pentagon fits into DOD's larger plans to develop a network-centric environment, in which personnel have rapid access to the information they need, wherever they are. There will be few, if any, single points of vulnerability in a network-centric environment, DOD Chief Information Officer John Stenbit said in an Oct. 29 presentation at the Milcom conference in Vienna, Va. DOD was sensitive to contingency planning and the need for a virtual Pentagon before Sept. 11, but "unfortunately sometimes you need a catastrophic event" to get the proper funding and other requirements through, said Robert Nabors, senior vice president for enterprise solutions at Electronic Data Systems Corp. Nabors, who was head of the Army's Communications-Electronics Command at Fort Monmouth, N.J., until he retired last month, was involved in the design of the Pentagon's IT modernization in 1994 and its deployment four years later. The effort will be costly because there are "big servers and big databases in the Pentagon that need to be replicated somewhere else [along with] the transmission lines to link them together.... But we're willing to pay now," he said. Lt. Gen. Harry Raduege Jr., director of the Defense Information Systems Agency, said DISA already had backup emergency centers outside the Pentagon, through which "we were able to continue with operations." Raduege said his agency will continue to maintain and evolve its backup systems and is working closely with the Army, which is responsible for rebuilding the Pentagon. But DISA was better prepared than other agencies. The Secret Service lost its New York City office in the World Trade Center on Sept. 11, but it was not the agency's first lesson in terrorism and backup and recovery  it also lost an office in the 1995 Oklahoma City bombing, said Stephen Colo, deputy assistant director and CIO. What Sept. 11 taught the agency is that risk mitigation is essential. Without funding to implement the contingency plans, they are useless. "You have to expend the funds to reduce the risk," Colo said. But the Secret Service hadn't received the money to back up its New York City office computers, so when the World Trade Center towers collapsed, the files and information that were stored there disappeared. This let an unknown number of criminals being tracked by the Secret Service go free, because the files for the investigations were completely lost. Timothy Atkin, vice president and director of SRA International Inc.'s critical infrastructure protection program, said civilian and defense agencies are paying closer attention to their contingency plans following Sept. 11. But that's only part of the solution. Since the attacks, many agencies have realized that their IT contingency plans, generally developed by the CIO's office, are separate from the agency's continuity of operations plans, which focus on people and mission-essential functions. "One of the things they discovered is the importance of these things being integrated," Atkin said. The Sept. 11 attacks were a learning experience for most agencies, even if they were not directly affected, according to officials speaking at a breakfast hosted last week by the Northern Virginia Technology Council. The Treasury Department learned that it needs more than one backup-and-recovery plan, especially for large departments. After the attacks, everyone was calling into the same backup site, and that location could not adequately handle the requests, said Deputy CIO Mayi Canales. At the Department of Health and Human Services, telecommunications is a prime concern. On Sept. 11, with wireless networks in the Washington, D.C., area virtually gridlocked, HHS found that the only way to communicate was through Research in Motion Ltd.'s BlackBerry and Palm Inc. handheld computing devices, said Deputy CIO Brian Burns. HHS is now making sure the redundancy and tools are in place to make communication possible everywhere, including via wireless devices, he said. The Commerce Department, meanwhile, is focusing more on the survivability of the services it provides, said Karen Hogan, acting deputy CIO. The department was making a push to centralize and consolidate its IT systems, but is now rethinking that strategy. Commerce also may add an immediate backup for the National Weather Service.



