Wednesday, December 12, 2018

Hosting Environment Decision Criteria for AGC

Persistent Storage Cost. AGC needs to warehouse a large volume of imagery data for dissemination via applications such as the PKE web site and CMB. The entire archive must be available all the time; moving infrequently accessed data to lower tier storage (in terms of availability and/or retrieval time) may not be acceptable for the end user.

Geographic Distribution of Data. Users downloading data from AGC applications tend to do so in large chunks (i.e. bigger than a CD or DVD). The end user experience is improved if the hosting environment provides the capability to distribute data closest to users according to the geographic location they are accessing the service from, much like operating system providers or media distribution services mirror their content around the globe.

Independence. Applications that share common data sets need to stay with each other in the same hosting environment. Applications that are self-contained can go in any environment.

Confidentiality Categorization. Does the application receive, process, store, transmit or display controlled unclassified information (CUI)? If yes, an environment that is categorized {x,M,x} or Impact Level 4 is required. If the application or data meets the criteria for a National Security System (NSS) per NIST SP 800-59, then an Impact Level 5 environment is required.

On Demand Access. Applications that can be turned-off when not needed. Aside from workstations used to index CMB data, all of AGC's services need to be available 24/7.

Cloud-Specific Services. Does AGC have applications that can take advantage of a service unique to a specific cloud provider such as Amazon Redshift?

Scalability and Elasticity. Does AGC have workloads that can scale up/down based on the client load? To my knowledge, current applications are not designed to take advantage of this cloud capability; they are overprovisioned in order to be able to handle the maximum anticipated workload. Note the difference between scalability and elasticity is scaling is a one-way increase in resource allocation in response to usage demands; whereas, elasticity is increasing or descreasing capacity in response to user demands.

Virtualization. Does the application have to be hosted on bare metal hardware (this is a yes for MBPS, C2IE).

Data Egress. Is the application a dissemination or visualization type where a lot of data would be downloaded or streamed to the end user? This is a factor if the cloud provider charges for that (true in AWS, Azure, but I don't think so in milCloud). Examples are PKE web site, CMB, GeoGlobe.​
Multiple Classification Level Deployments. Is the application hosted in multiple classification environments (e.g. unclassified, S, and TS)? Having a common environment for each deployment may simplify design, implementation, and O&M. Does the CSO CSP have a DoD PA in each of the target environments (IL 4, 6, C2S)?


No comments:

Post a Comment