DISA's CTO views Demo offerings

With an eye to security, the CTO of Defense Information Systems Agency reports on Demo 2002

DAWN MEYERRIECKS, CTO of Defense Information Systems Agency, attended the Demo 2002 conference in Phoenix from Feb. 11 through Feb. 12. She took the following notes.

At Demo 2002, obvious trends in industry direction were of particular interest: investments in wireless and related technologies, Web services, and enterprise integration services. Two major concerns I walked away with are the products/services ability to scale and security, because they are early in their product life cycles. The Department of Defense (DOD) doesn't do things by measure, so the ability to quickly scale if something works well locally is usually a major concern (and a major problem for new products, in our experience). Our experience also indicates that security is usually a "feature" added later in a product life cycle, which isn't acceptable in our current operational environment.

Some of the products identified for follow-up in wireless and related technologies, Web services, and enterprise integration services include the following.

1) Wireless and related technologies

The Boingo 802.11b wireless capability sounds like something the DOD might leverage straight across, as it would allow us to leverage commercial investments while still providing a protected infrastructure for our own use.

Mobile System Verification claims they can configure and test any size of network (be interesting to see how close any size comes to that of the DOD's) and any number of devices. The capability is tuneable; that is, you can target "5 9s'" reliability and availability or turn down the target and see what that implies about infrastructure.

Tira Wireless has developer guidance to support a multitiered certification process, so you know what you are buying -- in terms of supported devices, [human computer interface] consistency, etc. We probably need to understand what they're doing and how it might apply to the DOD's wireless space.

2) Web services

PushtoTest allows support to "swarm" test Web-based apps to scope out Internet loading and critical infrastructure performance points. In an enterprise the size of the DOD, we don't really have a good way to identify those points and we cross a number of boundaries (social and political) in even simple applications, so this has significant application in our space.

Collaboration services, generally, are of major importance to the DOD. A number of products were introduced in this space ... including Sonex, Cincro's Looking Glass, and Reality Fusion's TeamView.

Development tools, which ease programmer knowledge of details of programming in a distributed environment, include State Software, Epicentric Enterprise Portal, Anysoft, and Expressive Presto.

3) Enterprise integration services

Activience provides workflow management across multiple devices. This is a huge issue for the DOD and could integrate the Web services and wireless world for us.

The real concern for integrated management frameworks -- including Infravio and mFormation -- will be whether these products can integrate with existing ESM frameworks in which we already have substantial investment, such as Tivoli, Patrol, and OpenView. The DOD also needs to review for security concerns. We've had some of our worst security holes opened by management frameworks in the past.

ThinkDynamics Think Control moves capacity around to where it is required. We've been working with the SETI folks to address how to use idle CPU cycles for this very reason, so we have additional opportunities now.