Navy touts benefits of enterprise architecture for big IP nets

* Q&A with NMCI technical director

When it comes to understanding the challenges of running massive IP networks, nobody knows better than the U.S. Navy. The Navy Marine Corps Internet (NMCI) provides a converged IP network that supports 700,000 users. Only the Internet itself is larger!

I had the opportunity to interview Col. Robert Baker, technical director of NMCI, about how the Navy uses an enterprise architecture strategy to manage NMCI. Here’s what Baker had to say:

Q: How do you define enterprise architecture?

A: Enterprise architecture has a lot of different meanings. The Defense Department has its own architectural framework. That's the first thing we think of when we think of enterprise architecture. That framework tells us what’s needed and what are the systems and what are the technologies in those systems. With NCMI, we are completely standardized. We just provide the infrastructure that the applications ride on. Other people in the Department of the Navy are responsible for consolidation of the servers. NMCI is a consolidated network. It’s a very large network. It’s segmented into more than one domain, but it’s a single integrated intranet. Those circuits carry all different types of traffic, including data, voice and video.

Q: How are you applying enterprise architecture with NMCI?

A: We have a road map. One of the pieces of enterprise architecture that you have to have is a road map. It details what technologies we are going to and when. We go to companies like Microsoft, Cisco, Network Appliance, Dell and Intel and find out the product strategies they have. We try to marry all of those variables together to figure out when we should be trying to insert an operating system or a processor. For example, we just went to Exchange 2003 across the board. We’re also Office 2003. When we did that, we found that some of these applications take a lot more memory than others so we had to get everybody to the minimum recommended memory.

Q: What other concrete things does enterprise architecture provide NMCI?

A: It helps with capacity planning. We look at capacity and utilization across every aspect of the network. We try to understand what our pain points are and how we need to enhance capacity. Maybe instead of adding bandwidth on circuits, we can try to optimize the WAN a little better. One of the biggest things we’re looking at right now is optimization of the WAN instead of adding an OC-3 here or an OC-12 there, which is expensive. We are trying to do better proxying and better caching.

Q: What do you see as the biggest benefits of enterprise architecture?

A: You get the ability to standardize your configurations. You can understand your environment a lot better. And you can improve security. We just made the entire NMCI capable of [public-key infrastructure] logon.

Q: How does having enterprise architecture improve network security?

A: When a mandate comes down to patch a system or do a password reset or other defensive things, it’s a lot easier to meet those mandates because we understand our configurations. Most places have to implement these mandates on a site-by-site basis, but we can implement enterprisewide. When Microsoft has a vulnerability, we can patch across our entire enterprise right away. That’s a huge security benefit. We also keep most of our traffic inside NMCI. It’s never exposed to the Internet. Whereas when smaller enterprises communicate with each other, they are often going over the Internet.

Q: Does enterprise architecture save money?

A: Somebody would have to do a business case to prove that out. Gartner would tell you that you get a cost benefit, but it’s more of a cost avoidance than a true savings. It’s a cost avoidance because you don’t have to send people out with CDs to all your sites to patch a vulnerability. Those people are working for you anyway. The question is how long it takes them to do the patch. Maybe you eliminate overtime. You can’t really call it a savings.

Q: How well do you think NMCI does enterprise architecture compared to everyone else?

A: I don’t think we're doing it any better or any worse, but we're doing it on a much bigger scale.

Q: How long has NMCI used enterprise architecture planning?

A: From the beginning. We awarded the NMCI contract to EDS on October 6, 2000. We started out with an architecture, but it has taken several years to get to that. We started out with hundreds of enclaves in the Department of the Navy. Only in the last couple of years have we had a true enterprise network. Now we have 450,000 seats at 400 sites with 700,000 users. There was enterprise architecture going on, but it wasn't always at that magnitude.

Q: How has your enterprise architecture changed over the years?

A: It hasn’t. We're sticking with the Defense Department framework. We're working with our prime vendor, which is EDS, to ensure we stay current with the technology and that we don’t create configuration complexities that cause problems.

Q: What enhancements do you have planned for fiscal 2007?

A: We’ve already started a beta with Microsoft Vista operating system, and we're beginning to deploy Vista with our tech refresh cycle. So that will be a major thrust in '07. We’re also going to bring our storage network up to date. We're going to refresh 33% of our storage network in '07.

Q: What new technologies are you most excited about for NMCI?

A: Virtualization of both applications and storage. A lot of the applications that use NMCI are going to Oracle 10g. We want to give the ability to do grid computing. The grid computing will be done by the computers that are riding on our infrastructure.

Q: What about IPv6?

A: We are putting together an implementation strategy for IPv6 that should allow us to meet the Office of Management and Budget and Defense Department mandates. That’s a big thrust of our enterprise architecture structure. Having an enterprise architecture helps us with IPv6 because we understand what all of our components are. We understand which ones are IPv6 capable and which are not.

Q: Any other thoughts about enterprise architecture?

A: Enterprise architecture is a living thing. It changes frequently. It’s event driven, and it’s time driven. The events usually involve big vendors doing something. Having an enterprise architecture takes some of the uncertainty out of things and makes managing a large network more predictable.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:

Copyright © 2006 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)