Saturday, July 24, 2010

Will NGEN Be 99.999% Reliable?

NGEN has been conceived as the backbone network for supporting the Navy’s Information Dominance Corps (IDC). IDC networks will be transmitting sensor-to-shooter communications, globally. Therefore NGEN will have to operate with 99.999% reliability.  This means zero unavailability to connect sources of information (such as keyboards from personal computers or tracking data) to network hosted databases.  All of that will have to be accomplished with a latency time that is at least comparable to Google’ end-to-end responses which are measured in microseconds.

Will NGEN achieve the IDC its ultimate uptime and latency objectives?  It may not be headed in this direction with the most recent metrics included in an extension of the NMCI contract. The original contract with EDS called for the following Service Level Agreement (SLA) uptimes such as:

Critical services with an average >99.7% service level, which is 26-hours/year of downtime per client device.
E-mail would be delivered, on the average, 99% of time with at least 4 minutes of delay for 88 hours/year per client device.

The extent to which NGEN has adopted NMCI SLAs in the new contract extension is not known. The tracking of actual failure statistics was recently abandoned in favor of sampling user satisfaction ratings of questionable utility as a statistically verifiable indicator.

To keep track of compliance with uptime SLAs can be done automatically as a byproduct of information assurance. A counter can keep track of the availability of each of the 400,000 computers on NMCI in order to support critical services where over ten million hours/year are not available to the Navy and the MC.

Setting annual averages for IDC service levels is misleading. What matters is uptime availability of the individual devices that the personnel use whenever needed. Averages hide large variability. At any time there will be numerous client devices that will be out of commission, regardless whether that is due a failure of a desktop, a server or a communication channel. Unless NGEN tracks the availability of each individual client device, in real time, along with a situational awareness of local conditions any contractual compliance report is not only without value but will also give commanders a false sense of the trustworthiness. IDC warriors will always have second thoughts to the possibility that NGEN may not be completely reliable and may call for contingency actions.

The only solution that has merit for the IDC is to implement NGEN as a totally dependable network. There is no way of accomplishing this objective except by deploying massive amounts of redundancy everywhere.

Instead of expensive desktops NGEN should depend on an excess population of thin clients plus replaceable smart phones for all communications. These devices are location agnostic and can work anywhere.

Instead of fixed connections to dedicated servers NGEN should depend on a pool of virtual devices that can relocate workloads automatically and instantly.
The above arrangement is not a backup, but a fail-over design. The fail-over takes place in seconds and is completely automatic,

Instead of depending on fixed network connections NGEN should depend on virtual networks that set up connections to data centers through multiple paths.

SUMMARY

NGEN should be constructed as an inter-connected and completely redundant network that is for all practical purposes failure free. The economics of proceeding in this manner is attractive. Savings in labor will more than offset the costs of added technologies.

 The greatest gain comes from the capacity to support IDC missions where the reliability of NGEN communications will be now a part of warfare operations.

No comments:

Post a Comment

For comments please e-mail paul@strassmann.com