240 likes | 432 Vues
NETPDTC Hosting Support for AIM Tools Peg David, NETPDTC N621, Tech PM Roy Hoyt, NETC N74 Functional PM/Resource Sponsor Bruce Bare, NETC N62 AIM Team: Tiffany Dombrowski, AIM PM / Ron Zinnato / Jamie Stewart. 3 Apr 12. Overview.
E N D
NETPDTC Hosting Support for AIM Tools Peg David, NETPDTC N621, Tech PMRoy Hoyt, NETC N74 Functional PM/Resource SponsorBruce Bare, NETC N62AIM Team: Tiffany Dombrowski, AIM PM/ Ron Zinnato / Jamie Stewart 3 Apr 12
Overview • Central Site AIM I/AIM II implementation for all NETC Centers plus non-NETC communities • CPM Rel 5.0 hosting at NETPDTC • Implementation Issues
AIM Central Site Hosting at NETPDTC • NETC N74, N6, and NETPDTC have a plan and schedule to migrate most AIM content andprocessingto NETPDTC Citrix Metaframe-based servers thru end FY12 • Benefits Include: • Simultaneous access by geographically dispersed Center and contractor personnel for collaborative development and maintenance • Support for future centralized enterprise data mining for reuse, repurpose, and reference (R3) • Significantly faster access to software updates • Potential for automated workflow
AIM Central Site Implementation • Points of contact: • NETC N74: Leslie Desenburg • NETPDTC: Peg David/Virginia Lovett/Chris Stark/Charlie Odom (Metaframe Sys Admin) • AIM team: Ron Zinnato/Steve Wicinski/Jim Ferrall • Implementation resources including planning document templates and narrated help videos available on AIM information Web page: • AIM Central Site Hosting at NETPDTC
Schedule and Center POCs * TBD Date - CNATT/CSFE Migration to AIM 5.0
Center Transition Planning • Kick-Off Meeting with each Center POCs • Centers review/assist draft Transition Plan, roles and responsibilities, POAM, Test Plan, Q/A’s • Identify data transfer method; data quantity • Review and understand ESS/CITRIX Account Creation Process – Form, SAAR, Center IAM role • Review templates, lessons learned, forms, user guides – all found at: • http://aim.aimereon.com/aim/AIM-Central-Site-Hosting-at-NETPDTC.ashx
AIM Central Site – eDMZ standup • Current NETPDTC central site migrating to eDMZ; benefits AIM as whole when Application migrates to NOLA eDMZ • Centers/data on central site will migrate inside the eDMZ • Functional Test Plans will be done; code freeze, Production Release Reviews prior to go-live • ‘ESS’ CITRIX accounts transition to ‘NTSS’ CITRIX accounts; no new form required; Centers will validate their users/info on spreadsheet ; PM office to maintain SAAR repository • Remaining Centers if any have not transitioned by go-live – will transition directly into eDMZ w/ NTSS accounts
AIM eDMZ Milestone Timeline 3 Jul - Complete NETPDTC IA Doc Build and review 05 Oct Complete ODAA Review and Receive ATO 04 Jun - Complete Server builds/all Scans and STIGS 19 Mar - Start Server Builds 25 July NETC IA Review Server Builds and Security Test (19 Mar – 04 Jun) Note: IATT will be 11 Apr – 04 Jun NETPDTC IA Doc Build/Review 05 Jun – 3 Jul (22 Work days) NETC IA Review 05 – 25 Jul (15 Work Days) Operational/Functional Test and Prod Readiness Review 05 Jul – 15 September • Effort includes new server builds: • Average builds/STIGS/SCANS - 50 days • 2 SQL DB Servers for SQL DB clusters (Physical); 4 ESX Host Upgrades for VMWARE Farm; 1 CPM Web Interface Server (Virtual); 5 AIM Citrix Servers (Virtual) • Interim Authority to Test (IATT) period 16 May – 10 AUG
AIM I RLO Performance Issue • Identified potential login issue - CPU utilization – consensus: does not represent performance issue • Identified disconnect issue with EDE update by AIM I ‘super’ user – saturating system, breaking after 4.5 hours; conducting stress test with realistic data this week • Affects traditional AIM I and ‘may’ affect LO module; debugging code being added, duplicate process(es), see impacts – isolate coding and/or configuration issues • Testing to see if applicable to CSCS AIM I processes; test with both Columbia-hosted production version of CPM & re-pointing via .ini file to NETPDTC CPM test instance • NETPDTC: deploy Windows Server 2003 R2 x64 (64-bit) Enterprise Edition to legacy and eDMZ servers; allows additional CPUs and memory to be added as needed; handle more load per server • Establish performance baseline; compare/contrast baseline configuration with identified mitigations for current environment and planned eDMZ
AIM Certification and Accreditation • NETC/ODAA treating Central AIM as ‘new’ System standing up inside eDMZ • As such, Interim Authority to Test (IATT) granted for 16 May – 10 Aug 2012 • eDMZ has dependency on CSA Accreditation Plan; ATO imminent Apr timeframe • As IATT test period draws to close, C&A package, STIGs, SCANs, mitigations, POAMs are updated, and any other deltas added – for ODAA submission for full ATO approval
Implementation Issue: NOFORN NNPI • Affects primarily non-SWS undersea community – NAVSEA 07TR, SLC, SLC learning sites • Stringent data handling controls for unclassified No Foreign Dissemination Navy Nuclear Power Information, mandated by NAVSEA 08 • NETC/NETPDTC standing up SLC enclave on TRANET_C (NAS PCOLA) to host: ref matl, e-library, IETMs, NNPI content, course curriculum info, AIM content, NNPI/NOFORN, used by SLC DETs • How does this fit into AIM program from enterprise view? • Requirement to host AIM Application on TRANET_C? For SLC / others? • Is TRANET_C interim option until NOLA data center migration? • SSC New Orleans (NOLA) currently certified for NOFORN data
CPM Hosting at NETPDTC • NETC N74/N6 and NETPDTC in process of migrating production version of CPM to NETPDTC • NETPDTC installed test instance of CPM Rel 5.0 on new server; conducted formal GAT as arranged by AIM SSO • Full IA Certification & Accreditation process underway by NETPDTC/AIM team; IATT in hand may allow .com ports to open during eDMZ test period; full IATO/ATO allows .com access • CeTARS Web service, AIM enterprise data environment Web service, and PPP Repository integrated into CPM on NETPDTC server • Production CPM remains hosted by AIMEREON until ODAA grants IATO/ATO for NETPDTC hosted eDMZ
CPM Hosting at NETPDTC(cont’d) • Benefits Include: • Enterprise production hosting and support vs. current contractor environment with limited server configuration and bandwidth • Leverages NETC domain sys admin, database management, and information assurance expertise at NETPDTC • Co-located with rest of NETC enterprise IT applications and off-site COOP support • Secure access from both .mil and .com domains
CPM Hosting POCs • NETC N74: Leslie Desenburg • NETPDTC: Peg David / Virginia Lovett / Bob Rayburn (Web Apps BH/CPM assist) • AIM team: Ron Zinnato / Steve Wicinski / Jamie Stewart / Jim Ferrall
Non-NETC Implementation • 1 Oct 11 - SSP TRIDENT AIM I Central Site instance transitioned from NAWCTSD to NETPDTC – fully operational - AIM I and LO Module production work • NAVSEA 07TR AIM I Central Site instance TBD per decision on support for NOFORN NNPI data • Other interested communities: • Navy Medicine • NAVSPECWARCEN (hosted by NAVSOC) • NAVRES • DANTES • Regional Maintenance Centers – Norfolk / San Diego
Implementation Issue: Privilege Levels • 5 levels implemented in AIM II per CNATT request • 3 levels implemented in AIM I per SSP request • CPM-style role/privilege structure in queue for discussion development for AIM I/AIM II based on CNATT working group ACR and new software task order • All user communities need to review current business process and adapt for Central Site environment • Many lessons learned from CNATT AIM II and SWS AIM I implementation including request for 6th level in AIM II to support limited contractor visibility into AIM production instance
Implementation Issue:‘ancillary data’ • Prospective users have requested NETPDTC establish an ‘ancillary data’ (i.e., not really AIM stuff) storage area in conjunction with their AIM I/II Central Site instances • Need better definition of how ‘ancillary storage’ will be used and NETC N6/N7 approval of business process and IT infrastructure loading • Also may be impacted by resolution of Information Assurance Category 1 issue mitigation for Metaframe systems
Implementation Issue – Initial Discussions: Jobs Server approach • A number of processes in AIM I/II take a long time to complete: e.g., Trainee Guide print preview, large course export, large course import • Current NETPDTC implementation requires Central Site user to remain logged into Citrix session with CAC inserted in local workstation until process completed • Jobs Server concept developed by NETPDTC and AIM teams would permit user to begin long-running process, transfer process to Jobs Server, end Metaframe session, and then log back into Metaframe later to retrieve product of long-running process completed on Jobs Server