The Army National Guard has so far shifted some key systems such as Defense Enterprise Email and on-premises shared drives to cloud-based platforms like Office 365, SharePoint Online and OneDrive. It also replaced its clunky virtual desktop setups with Azure Virtual Desktop — about 70,000 soldiers are using the AVD system to date.
The migration of devices to Entra ID and Intune, however, is far from complete: Only about 13% of devices have been successfully migrated. The Guard aims to complete the migration by the end of fiscal 2025.
The deadline for the effort is set by the Army under its Unified Network Plan, which is the Army’s strategy to get down to a single unified network by 2027. Col. David Welteroth, the Army National Guard’s chief information officer, said the states have already expressed concerns about their ability to keep up with the pace of migration to meet the imposed deadline.
“I recognize it’s a challenge. Some of the challenges we’re seeing are dependencies for some of those applications with identities for on-prem users. The Army has a solution for that: Azure App Proxy. We’re working on those individual system owner requests to migrate away from on-prem Active Directory for their applications to Azure App Proxy in coordination with the [Army Network Enterprise Technology Command,]” said Welteroth. “I think as we get more understanding from the states on what that process takes and they share lessons learned amongst themselves, we’ll be able to accelerate.”
Additionally, the Army National Guard no longer deploys software to end-user devices through its own infrastructure; software fielding is handled centrally by NETCOM via the Company Portal.
Welteroth said the Guard needs to make sure all the applications the soldiers need to do their jobs is available on the centralized platform.
“NETCOM is doing a great job of processing requests, getting those through change boards and getting them fielded. As that progresses, that will increase our ability to accelerate the effort, and I’m confident we can get there by the end of fiscal 2025,” said Welteroth.
The Army National Guard’s cloud migration efforts, however, are shaped by its unique dual-status role as both state and federal reserve force — unlike active-duty Army units, the Guard addresses the distinct needs of states and territories.
At the state level, the Guard tends to develop custom applications to address specific needs that Army enterprise applications do not fulfill. For instance, states need systems to process state active duty orders and pay soldiers while they are on state active duty.
“That functionality simply is not in Army enterprise applications,” said Welteroth.
States also need a way to track Federal Emergency Management Agency-related expenditures for domestic operations to facilitate reimbursement.
All these unique use cases across states and territories resulting in a large number of locally hosted solutions that are in various stages of modernization.
The Army National Guard is now trying to get a clearer picture of all the different applications used by states and territories.
“Frankly, we lack visibility of all those applications that exist. [We want] to go through a rationalization process in order to decrease the number of applications, because there are certainly redundancies out there,” said Welteroth.
Welteroth said the Guard will work with the Army’s cyber teams to figure out the best hosting environments for those applications, whether that’s on-premises or in the cloud.
Avoiding redundancy
The Army National Guard initiated a project called Guard Cloud Services to create a dedicated Army National Guard enclave in Azure — the idea was to provide common cloud services for applications migrating to this enclave specifically for the Guard.
Welteroth said the project was ultimately canceled since the Enterprise Cloud Management Agency already offers similar services through the broader cArmy initiative.
“The lesson learned there is because we spent money on it, and that money, I think, would have been better used to assist application owners in modernizing to get to the cloud, rather than standing up something that was completely redundant to what ECMA is doing,” said Welteroth. “The lesson there for me is ensure that you know what’s available, and ensure that you’re not creating redundant services that someone else is already offering, because it turned out to be potentially detracting from the effort to migrate to the cloud because people are waiting for Army National Guard G-6 to build this environment that ultimately we ended up canceling because of the redundancies.”
Army National Guard’s IT priorities
Besides migrating all end-user devices to Entra ID and Intune, Welteroth, who assumed the duties of the Army National Guard’s CIO in November, said one of the big tasks for the Guard in fiscal 2025 is incorporating Comply-to-Connect, a framework designed to boost the Defense Department’s cybersecurity posture.
“Everything’s coming at the end of fiscal 2025. We have to be through all the steps of Comply-to-Connect. We’re making great progress there, but we still have a long way to go,” said Welteroth.
And as the Army is rolling out its Global Secure Network program, which will provide soldiers access to classified networks regardless of location, the Guard’s goal is to make sure it’s included in the requirements and that its units are among the first to adopt these new capabilities.
Copyright
© 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
