JOINT BASE LANGLEY-EUSTIS, Va. --
Air Combat Command’s A6 Cyberspace and Information Dominance Directorate has been steadily working on identifying ways to improve service members’ satisfaction with their individual computer performance and the Air Force Information Network.
When this focus began two years ago, it was originally called the Network User Experience Task Force, but it has evolved into what is now known as Readiness, Operations and Lethality Enabled by Information Technology (ROLE-IT).
The team includes cyber operators from 16th Air Force, experts from ACC’s Cyberspace Capabilities Center (CCC), Air Force acquisitions professionals and top policy makers at the Pentagon.
“The Air Force has known for a while, and we recognize the user experience is not what we need,” said Col. Kevin Kirsch, 690th Cyber Operations Group commander and key member of ROLE-IT. “This task force has unified the command of the many small groups dedicated to separate parts of improving the user experience, and it allows the experts to focus on attainable problem sets and shift their direct attention until the problem is either resolved or elevated to the correct level.”
That means the team can identify a priority improvement to focus on, bring teammates to present solutions, test, and implement as they see fit using a six-to-eight week sprint methodology, said Col. Steven Anderson, 688th Cyberspace Wing commander. This innovative concept must be nurtured, supported and given the flexibility to fail fast when needed, and empowered to implement change.
With that in mind, here are some ways the Air Force is anticipating the needs of tomorrow by adapting today’s current network infrastructure.
Zero Trust Network
ACC is testing a Zero Trust Network architecture moving away from a perimeter-based network defense to one where the individual user’s need for access to information is continuously verified.
For example, imagine an office building as the Air Force Information Network. The antiquated way of administering network security would be to lock the front and back doors, but everything inside the building is open to those who can pass the first security threshold. Applying a Zero Trust architecture strategy would mean once a user enters the building, they find every inside door locked, requiring an additional interaction to enter.
That additional interaction would be instantaneous and tied to the individual user’s need-to-know and authorizations granted to their account. This ensures the data is secured regardless of the network from which the Airman accesses the information.
“I’m passionate that Zero Trust Networks are the key for how we achieve cyberspace superiority in the 21st century against the nation states and the ‘cyber hacktivitis’ that are out there trying to deny our freedom of maneuvering from, and through cyberspace,” said Lt. Gen. Chris Weggeman, the ACC deputy commander. “Zero trust is not about a widget or a capability, it’s about a strategy.”
Enterprise IT as a Service
Enterprise IT as a Service (EITaas) is the plan to have commercial providers in the civilian industry who run global networks daily to partner with the Defense Department to provide an efficient network infrastructure. These companies have experience in what it takes to offer seamless support to users, and that level of experience can be translated to an improved user experience for Airmen.
Buckley Garrison, Colorado, and Offutt Air Force Base, Nebraska, are initial bases for this capability and have crossed over to a commercial network provider. If the viability assessment proves successful, an Air Force-wide switch will allow communications Airmen who are filling that role to pursue the other mission sets mentioned earlier.
“In its purest form, EITaaS will allow the Air Force to refocus cyber operations Airmen from managing our network systems on a daily basis to ensuring the Air Force core missions in, from, and through the cyber domain,” said Col. Marc Packler, the CCC commander. “The warfighter shouldn’t care who is providing that daily operations and maintenance – they just want the system to work.
“When an Airman complains that the network experience in the most advanced Air Force on Earth is worse than the home experience, we are impacting the ability to complete the mission,” he continued. “As data has become the new critical asset, and information warfare has changed the world we live in, the tools and systems we use to interact with that data become more critical. It is imperative that we enable warfighters to find and utilize those datasets for the weapon systems that have become critically reliant on them.”
The EITaaS program has built a robust methodology to continuously measure end user satisfaction not only with the network, but with IT overall, help desk, devices and other areas, said Maj. Barney Ales, from the EITaaS Integrated Program Office, Strategy and Planning. This methodology will allow the Air Force to measure the impact of the EITaaS services and understand which services provide the best value for the cost, ensuring the Air Force spends money where it makes the most sense.
Bring Your Own Approved Device
Bring Your Own Approved Device (BYOAD) is a voluntary program that allows Airmen to easily and securely access their network information and applications through a personal device. Software would be installed on the device to maintain the separation of personal and Air Force information and applications with the expressed disclaimer that the Airman’s personal information stored on the device would not be accessed nor collected by government applications.
“We want to ensure the warfighter can quickly and easily interact with any system or dataset that enables his mission,” Packler said about the ability to access information whenever and wherever in regards to COVID-19 teleworking. “During the initial response in March, the cross-organization leadership team assembled a list of lines of effort and policy changes that would enable the Air Force to continue its mission throughout the COVID-19 response. As the United States reacted to the pandemic, Air Force leadership continued to analyze response actions and make risk decisions in order to provide capability and connectivity to the warfighter.
“If it takes a home machine 30 seconds to boot-up, or mere seconds for a mobile device to unlock, then 12 minutes for an Air Force system to start is totally unacceptable,” he continued. “We have significantly reduced the login time for Air Force endpoints, but they still take significantly longer from cold start to system access than any personal device.”
Some areas of improvement do not require in-depth research to fix, and they are being implemented immediately.
With changes to the network and policy, the communications community has to re-evaluate the computer physical hardware, targeting the specifications, for minimum standards to operate efficiently, Kirsch said. The specs will most likely increase from what is required today and what is expected in the next few years. This means that units will no longer be able to purchase computers that cannot run well on the network.
Also, many bases’ virus scans were set to be conducted on Saturday afternoons to allow for the least amount of disruption to network users. The virus scans are a priority task for the machine and must be completed prior to accessing the network.
However, many of those systems were found to be offline during that timeframe, which meant that the virus scan would occur Monday morning as soon as the user powered up the machine. That delay has resulted in an overwhelming amount of negative feedback from those users.
“Users sometimes don’t know the exact reason that their computers or network don’t work correctly,” Kirsch said. “But when the feedback meets the team, they are able to track down exactly what is causing the issue and evaluate whether the problem can be removed.”
The data proved that more systems were powered on during Thursday afternoon, which implied that it would be more efficient if the scan ran then instead.
How You Can Help
The ROLE-IT team has listened to what’s important to users and are poised to fix what those users care about. Air Force wide surveys have identified some problem areas, but the team needs more help to provide an accurate reflection of what can be improved to aid Airmen.
Users should still continue to create help tickets to resolve their issues, as the volume and subject of those help tickets identify wide-spread negative experiences.
It’s important to note that the areas the ROLE-IT team will attempt to fix must meet a certain criteria: the problem must be noticeable by Airmen (having a large impact), scalable (the fix can be replicated at multiple bases) and measurable (data-driven evidence vs. anecdotal).
“Not everything fits under the umbrella,” Kirsch said, “but we’re taking advantage of having the operators at higher level positions to fix problems a little faster. We are not discouraging individual communications units from making it better for their bases, but the ROLE-IT has all of those communities (operators, acquisitions, and policymakers) represented to move everything along a little faster.”
Brig. Gen. Chad Raduege, the ACC A6 director, said senior Air Force leadership has identified a retention issue based on some of the negative experiences Airmen have with the network, at home and abroad. That makes it critical for communications leaders to continuously foster an environment where the network experience is seamless.
“I’m proud of the ROLE-IT efforts,” he said about rectifying that issue. “They’ve taken a look at a whole bunch of critical metrics, touchpoints and frustrations that our Airmen are having, and they’ve made some progress. We recognize in the future fight that we need to have connectivity at the tactical edge, whether that’s a large air expeditionary wing or a small two-ship/four-ship presentation.
“We need to have connectivity out there, and the network that we have today needs to get to that environment,” he said.