Re: Why the US Government has so many data centers

[Todd Crane <todd.crane () n5tech com>]

I was trying to resist the urge to chime in on this one, but this discussion has continued for much longer than I had 
anticipated... So here it goes

I spent 5 years in the Marines (out now) in which one of my MANY duties was to manage these "data centers" (a part of 
me just died as I used that word to describe these server rooms). I can't get into what exactly I did or with what 
systems on such a public forum, but I'm pretty sure that most of the servers I managed would be exempted from this 
paper/policy.

Anyways, I came across a lot of servers in my time, but I never came across one that I felt should've been located 
elsewhere. People have brought up the case of personal share drive, but what about the combat camera (think public 
relations) that has to store large quantities (100s of 1000s) of high resolution photos and retain them for years. 
Should I remove that COTS (commercial off the shelf) NAS underneath the Boss' desk and put in a data center 4 miles 
down the road, and force all that traffic down a network that was designed for light to moderate web browsing and email 
traffic just so I can check a box for some politician's reelection campaign ads on how they made the government "more 
efficient"

Better yet, what about the backhoe operator who didn't call before he dug, and cut my line to the datacenter? Now we 
cannot respond effectively to a natural disaster in the Asian Pacific or a bombing in the Middle East or a platoon that 
has come under fire and will die if they can't get air support, all because my watch officer can't even login to his 
machine since I can no longer have a backup domain controller on-site

These seem very far fetched to most civilian network operators, but to anybody who has maintained military systems, 
this is a very real scenario. As mentioned, I'm pretty sure my systems would be exempted, but most would not. When 
these systems are vital to national security and life & death situations, it can become a very real problem. I realize 
that this policy was intended for more run of the mill scenarios, but the military is almost always grouped in with 
everyone else anyways. 

Furthermore, I don't think most people realize the scale of these networks. NMCI, the network that the Navy and Marine 
Corps used (when I was in), had over 500,000 active users in the AD forest. When you have a network that size, you have 
to be intentional about every decision, and you should not leave it up to a political appointee who has trouble even 
checking their email. 

When you read how about much money the US military hemorrhages, just remember.... 
- The multi million dollar storage array combined with a complete network overhaul, and multiple redundant 100G+ DWDM 
links was "more efficient" than a couple of NAS that we picked up off of Amazon for maybe $300 sitting under a desk 
connected to the local switch. 
- Using an old machine that would otherwise be collecting dust to ensure that users can login to their computers 
despite conditions outside of our control is apparently akin to treason and should be dealt with accordingly.
</rant>


--Todd

Sent from my iPad

> On Mar 14, 2016, at 11:01 AM, George Metz <george.metz () gmail com> wrote:
>
> > On Mon, Mar 14, 2016 at 12:44 PM, Lee <ler762 () gmail com> wrote:
> >
> >
> > Yes, *sigh*, another what kind of people _do_ we have running the govt
> > story.  Altho, looking on the bright side, it could have been much
> > worse than a final summing up of "With the current closing having been
> > reported to have saved over $2.5 billion it is clear that inroads are
> > being made, but ... one has to wonder exactly how effective the
> > initiative will be at achieving a more effective and efficient use of
> > government monies in providing technology services."
> >
> > Best Regards,
> > Lee
>
> That's an inaccurate cost savings though most likely; it probably doesn't
> take into account the impacts of the consolidation on other items. As a
> personal example, we're in the middle of upgrading my site from an OC-3 to
> an OC-12, because we're running routinely at 95+% utilization on the OC-3
> with 4,000+ seats at the site. The reason we're running that high is
> because several years ago, they "consolidated" our file storage, so instead
> of file storage (and, actually, dot1x authentication though that's
> relatively minor) being local, everyone has to hit a datacenter some 500+
> miles away over that OC-3 every time they have to access a file share. And
> since they're supposed to save everything to their personal share drive
> instead of the actual machine they're sitting at, the results are
> predictable.
>
> So how much is it going to cost for the OC-12 over the OC-3 annually? Is
> that difference higher or lower than the cost to run a couple of storage
> servers on-site? I don't know the math personally, but I do know that if we
> had storage (and RADIUS auth and hell, even a shell server) on site, we
> wouldn't be needing to upgrade to an OC-12.