Oracle Challenges Pentagon's $10 Billion Cloud Computing Contract

Oracle has filed an official complaint with the U.S. government over plans to award the Pentagon's lucrative cloud contract to a single vendor. Rebecca Hill writes via The Register: The Joint Enterprise Defense Infrastructure (JEDI) contract, which has a massive scope, covering different levels of secrecy and classification across all branches of the military, will run for a maximum of 10 years and is worth a potential $10 billion. In spite of this pressure from vendors and the tech lobby -- as well as concerns from Congress -- the US Department of Defense (DoD) refused to budge, and launched a request for proposals (RFP) at the end of last month. Oracle is less than impressed with the Pentagon's failure to back down, and this week filed a bid protest to congressional watchdog the Government Accountability Office asking for the RFP to be amended.

In the protest, the database goliath sets out its arguments against a single vendor award -- broadly that it could damage innovation, competition, and security. Reading between the lines, it doesn't want either of Amazon or Microsoft or Google to get the whole pie to itself, and thus endanger Oracle's cosiness with Uncle Sam. Summing up its position in a statement to The Register, Oracle said that JEDI "virtually assures DoD will be locked into legacy cloud for a decade or more" at a time when cloud technology is changing at an unprecedented pace.

Oracle might actually have a point here.

[sg_oneill]

I fundamentally dislike Oracle. Its an exploitative company that functions purely on ensnaring companies into deals that are far too costly then using legal shenanigans to stop them to leave.

BUT, they are right here. Giving the whole contract , all ten billion of it, to a single contractor (And lets be clear here, its either AWS or Azure. Google are capable, but they dont have the govt mojo to compete in this space) is straight up monopoly building, and it creates a single point of vunerability to the DODs systems. By splitting things up over multiple providers, it enhances competition, and divides up responsibility in a way better suited to national security.

And after all, they could still write "NO ORACLES ALLOWED" in it, right. (Well probably not, but hey)

Re:Oracle might actually have a point here.

[someone1234]

Oracle's only problem is that they are not that single contractor.

Re:Oracle might actually have a point here.

[Bert64]

Agreed, although Oracle wouldn't be complaining if they were the ones getting the contract and they actively encourage customers to get locked in to their products so it's extremely hypocritical of them.

There are several frameworks allowing use of multiple cloud providers and easy migration between them.

Re:Oracle might actually have a point here.

yes. oracle isn't wrong, but it also isn't the only thing to look at.

yes. locking down to ONE vendor for TEN YEARS for something that evolves as fast as "the cloud" is stupid.

HOWEVER. stability in platform is mission critical for DoD...

AND using oracle for ANYTHING is stupid as fuck.

so, cry all they want, they aren't gonna get a dime out of this contract. what would happen, even if oracle 'won' a revised bid process is that the DoD would split it between two of amazon, google and microsoft, and leave oracle high and dry anyway, as a big 'fuck you' to oracle and ellison for whining about it in the first place. don't piss off the government agencies, they can be petty little bitches.

Re: Oracle might actually have a point here.

[alvinrod]

This is it right here. Full stop.

I have never seen Oracle complain when they were the single party awarded a contract, and there are plenty of times where this has happened. Perhaps the best that could be said of them is that they realize how many times they have screwed over the other side in such contracts and that this is a bad idea, but I suspect the real reason is that they are pissed that they do not get to be the ones to screw over the government this time. They just hate the player, not the game.

Re:Oracle might actually have a point here.

In case you aren't aware, there is no such thing as a 10 year contract when it comes to the government. Because spending has to be re-authorized every year by Congress, all contracts are 1 year in length with an option to renew each year. Any corporation that does business with the government is aware of this. So each year it is theoretically possible for a different lobbyist firm or a different Congress to switch the contract. So even if the DoD does pick a single vendor for the engagement initially they will likely setup such that moving to another is possible if necessary.

Re:Oracle might actually have a point here.

By splitting things up over multiple providers, it enhances competition, and divides up responsibility in a way better suited to national security.

It also stands a good chance of giving you a fragmented pile of shit which is neither usable nor secure as you cobble together stuff from several different vendors that don't work together.

The DoD isn't worried about competition, they're worried about having a functioning system with one vendor who is responsible for it.

I can see why they don't want this parted out into a bunch of little bits which may or may not work individually, let alone together.

Forcing them to break it into smaller chunks stands a very good chance of them ending up with an incredibly expensive and complex set of systems which don't do what they want. Because, let's face it, multiple system vendors all hawking their own shit is not going to produce what they're looking for.

I've never seen a multi-vendor implementation actually work, and they all just blame one another.

Re: Oracle might actually have a point here.

[Junta]

This is true, but that makes this all the more significant of a proof point of the value of competition. In a competitive landscape, there's going to be *someone* to call someone else on their shenanigans, even if it another usually bad actor.

Re: Oracle might actually have a point here.

Iâ(TM)d imagine itâ(TM)s hard enough securing DoD cloud workloads in Azure or AWS. Now imagine securing DoD workloads that span both. Iâ(TM)d want a single vendor as well.

Re: Oracle might actually have a point here.

[Harlequin80]

If you go single supplier you can get use their respective PaaS offerings easily. If you go multiprovider you end you either splitting your operations into one pile or the other to get paas or you end up going least common denom and end up shitty Iaas everywhere.

The choice, as others have said, will be aws or azure. Both allow an on-prem stack as well so you can control the physical as well as virtual.

Id really rather never touch an oracle db ever again if i can.

Re:Oracle might actually have a point here.

[unbound55]

In fairness, Oracle's other problem is that many federal agencies are fed up with the massive costs Oracle keeps pushing on them. Oracle hasn't been doing well this year, and the top executives are starting to panic. Maybe Oracle would do better if they actually innovated their products instead of innovating price increases of their products.

Re:Oracle might actually have a point here.

I don't think the system would really work broken among multiple cloud vendors, so Oracle is really just trying to force them off the cloud and to keep them using their own systems.

Re:Oracle might actually have a point here.

Honestly, anymore 1 year contracts would be nice. We get three year contracts with what they call "incremental funding". Basically you sign a contract that will last three years, it has a maximum funding amount, but they only actually approve the funding on a quarter to quarter, or in some cases, month to month basis. And they can decrease that funding down to nearly 0 at any of those funding approvals. The approval increments are not fixed. Right now we've got 3 months worth of funding, but for a while they were going month to month because of budgetary concerns on their end.

Re:Oracle might actually have a point here.

[luis_a_espinal]

I fundamentally dislike Oracle. Its an exploitative company that functions purely on ensnaring companies into deals that are far too costly then using legal shenanigans to stop them to leave.

BUT, they are right here. Giving the whole contract , all ten billion of it, to a single contractor (And lets be clear here, its either AWS or Azure. Google are capable, but they dont have the govt mojo to compete in this space) is straight up monopoly building, and it creates a single point of vunerability to the DODs systems. By splitting things up over multiple providers, it enhances competition, and divides up responsibility in a way better suited to national security.

And after all, they could still write "NO ORACLES ALLOWED" in it, right. (Well probably not, but hey)

I'm on the fence here. I do think Oracle is in the right (Obi Wan's "from a certain point of view.") Such a 10B monopoly cannot be allowed to happen.

OTH, the benefit of having one cloud provider is seamless integration and scaling. If there are multiple contractors, then that will entail multiple providers, multiple cloud technologies, etc.

So the entire benefit of going to the cloud goes *poof*. If you (the generic "you") go to the cloud, you want to pick one provider, know the prons and cons and make it work. Otherwise, just don't - build your own facility.

Having worked at a defense contractor once, I have no high hopes that the government (or defense contractors) will come up with an efficient abstraction on top of multiple providers.

This is truly an interesting and challenging junction that goes beyond mere technicalities.

Re:Oracle might actually have a point here.

In case you aren't aware, there is no such thing as a 10 year contract when it comes to the government. Because spending has to be re-authorized every year by Congress, all contracts are 1 year in length with an option to renew each year.

Not true at all. There are lots of "colors of money" in government.
OMA, (commonly known as OpEx) is the most common fund source, but not always the largest.
OPA (CapEx), can have a term from 2 to 5 years (sometimes 7) is a massive chunk of the budget and typically used for R&D, construction projects, multi-year strategic acquisitions.
And then there's the Indefinite Delivery, Indefinite Quantity (IDIQ) contracts which this will likely be. 10 years is not uncommon for an IDIQ, which is more of a negotiated catalog of products and services at a fairly set price. Difference between IDIQ and the others is that the budget is not pre-allocated- it's paid at the time an individual product is "bought", from an allocated funding source.
Here's the logic: Three-Letter Agency has an IT budget. The head of the TLA signs an order that they will move to the cloud. TLA's CIO can no longer buy a server from Cisco, Dell, HP, whatever... and instead is forced to instantiate that service in the Contract Cloud Provider. TLA pays the Cloud Provider from their IT budget only for what they're using. Doesn't matter what color of money it is.

Re: Oracle might actually have a point here.

Oracle hasnt kept up with advancing tech. Compare their development rate of offerings with SAP and Microsoft, or any other of the usual suspects, and they look entirely stagnant. As their products underperform and dont scale with new analytics applications, they are destined for failure without a change in leadership to spur much needed innovation. The best example is that they are using lawyers in lieu of engineers.

Re:Oracle might actually have a point here.

[datavirtue]

So sick of people "deciding on a cloud provider." People just don't get it. Being cloud ready means possessing the ability to move to any of them at any time. If you have to decide on a cloud provider you should just stay on-prem until you can put on your big boy pants.

Psst...spinning up VMs in the cloud and running your shitty software on them is in no way an advantage or a cost savings...and it certainly doesn't mean you are "in the cloud." Dumb fucks.

If you are not 12-factor and abstracted from the infrastructure you are not cloud ready--you are locked in.

Re:Oracle might actually have a point here.

[MachineShedFred]

Just because their position happens to be right, doesn't mean they actually are right. Remember that they are coming to this position because THEY are not the single-source bidder. If they were the ones on the contract, they would be fighting with everything they have to keep it single-source, because the lock-in they decry in this case is their business model in every other case.

Fuck Oracle. Someone else getting this contract actually IS competition for them, and might force them to learn how to actually compete based on merit, rather than having managers and procurement departments in their pocket.

Re: Oracle might actually have a point here.

Remember when Oracle stated that only the best suited should get the job done and only one company should survive.

Re: Oracle might actually have a point here.

Everything time it swallowed another company.

Re:Oracle might actually have a point here.

Correct, I used to work in military logistics and can say that the Oracle support (in other words sales) representative was strategically placed inside the military complex and would not allow any non-Oracle products into the inner sanctum. Oracle convinced the military to force a software vendor to replace a postgresql solution (installed on local machines) with an Oracle solution because of 'Oracle's stellar support.' This meant that a small software product that needed to be installed on thousands of local machines needed to have an Oracle license bundled (thats a lot of $). This is all about keeping the Oracle money making machine going. Oracle is milking the government ... it's been awhile since I have seen a non-government firm choose Oracle as a solution to their problem. Without the government Oracle is dead.

Re:Oracle might actually have a point here.

41 USC 3903 Multiyear contracts

(a) Definition.-In this section, a multiyear contract is a contract for the purchase of property or services for more than one, but not more than 5, program years

5 years is max.

(c) Termination Clause.-A multiyear contract entered into under the authority of this section shall include a clause that provides that the contract shall be terminated if funds are not made available for the continuation of the contract in a fiscal year covered by the contract. Funds available for paying termination costs shall remain available for that purpose until the costs associated with termination of the contract are paid.

All contracts have a termination clause to cover no more funding and since Congress is required to pass a budget every year, any contract can be ended at any time.

Re:Oracle might actually have a point here.

[DickBreath]

I don't have a problem with the government spreading the contract among multiple vendor companies.

As long as none of them are Oracle.

Re:Oracle might actually have a point here.

[fahrbot-bot]

Ya, but $10 billion would only buy the Government about 50 Oracle licenses?

Re:Oracle might actually have a point here.

[jdschulteis]

I'm on the fence here. I do think Oracle is in the right (Obi Wan's "from a certain point of view.") Such a 10B monopoly cannot be allowed to happen.

AWS and Azure each do over $20B a year (and growing), adding $1B a year more to either one will not create a monopoly.

Re:Oracle might actually have a point here.

[Tough+Love]

So sick of people "deciding on a cloud provider." People just don't get it. Being cloud ready means possessing the ability to move to any of them at any time. If you have to decide on a cloud provider you should just stay on-prem until you can put on your big boy pants.

If defense can benefit from "the cloud" for non-sensitive infrastructure then exactly as you say, they should put their effort into defining a spec with detailed QoS and each vendor that wishes to get a piece of the defense cloud pie has to meet the spec, and keep meeting it. But what is this idiocy about classified material in the cloud? It will go horribly wrong. It will. It will. It will.

Re:Oracle might actually have a point here.

[luis_a_espinal]

I'm on the fence here. I do think Oracle is in the right (Obi Wan's "from a certain point of view.") Such a 10B monopoly cannot be allowed to happen.

AWS and Azure each do over $20B a year (and growing), adding $1B a year more to either one will not create a monopoly.

I am talking about a cloud infrastructure monopoly when serving and creating a private, sec-cleared cloud infrastructure for the DoD. Once you (the generic "you") get an exclusive contract to create it all, that is, in effect, a monopoly in that space.

Oracle seems to be right (can we say that?)

This is the first news about Oracle doing something that I think might not be evil that I have seen. Am I missing something, or did our government screwed up enough here that Oracle actually wants to fix something?

I guess is goes to show that sometimes evil can use the truth, not just its lies.

Re:Oracle seems to be right (can we say that?)

[ShanghaiBill]

This is the first news about Oracle doing something that I think might not be evil that I have seen.

Being right is not the same as being good. Oracle is right, but for reasons of pure self-interest. They got a late start in cloud services, lack scale, and are still sucking hind tit, so they have no hope of getting a big winner-takes-all contract. If they can force the DoD to break it up, they have a good chance of getting some portion today, and even more in coming years.

Re: Oracle seems to be right (can we say that?)

Oracle is still evil, and demonstrably wrong. At each level of classification, these apps use a SSO. Splitting them between vendors opens a huge vulnerability and triples the downtime. That's one of the huge draws to gojng from several hundred data centers managed independently and incompetently to a geographically distributed cluster managed competently

Objectives

[jimtheowl]

From the RFP link:

"Objectives:
Acquire a worldwide, highly available, exponentially elastic, secure, resilient cloud computing and storage environment that seamlessly extends from the homefront to the tactical edge." ..

Maybe it was the 'exponential elasticity', or perhaps the DOD felt like Oracle didn't "extend to the tactical edge" enough.

Re:Objectives

[gtall]

I suddenly feel like I want to puke me guts out reading those Objectives.

My prediction is that DoD will go with Azure so they can have Powerpoint Parties and wallow in meaningless slides...but now backed by The Cloud, which MS will convince them will solve their every problem.

Question the Pentagon's use of the cloud

We need to drill deeper than simply reporting on Oracle's protest, and the politics behind it.

An independent body of security experts should study the Pentagon's use of the cloud in the first place. Simply by moving to cloud computing, the Pentagon is revealing that they underestimate the cyber espionage capabilities of enemy states, and as in the case of Islamic State or Al Qaeda, stateless enemies.

The same independent body should also study vulnerabilities inherent in military use of the cloud. In an all out war, the enemy first tries to neutralize the command and control infrastructure of their enemy (us). Simply by using the cloud, we are offering the enemy a single neck to chop off, connecting the brain to the body. A secure military force requires so much redundancy, that the enemy has too many necks to chop off to be a feasible strategy.

Re:Question the Pentagon's use of the cloud

The neck they chop isn't the one that matters in that case. The military has its own networks. Your youtube will be disrupted, that is true and opens avenues for propaganda that are now being explored.

Re:Question the Pentagon's use of the cloud

Simply by moving to cloud computing, the Pentagon is revealing that they underestimate the cyber espionage capabilities of enemy states,

Or, more likely, that some AC on /. doesn't know as much as the Pentagon about this "cyber espionage" thing.

Re:Question the Pentagon's use of the cloud

Simply by using the cloud, we are offering the enemy a single neck to chop off

Your grasp of the subject matter is woefully inadequate. Stop before someone gets injured.

Re:Question the Pentagon's use of the cloud

[Junta]

Broadly speaking, it's a valid concern that we are eager to put all our eggs into as few baskets as possible, and those baskets will have a lot of mono culture in them.

An adversary discovers a way to access some key part of the power infrastructure of a brand Amazon uses and knows of a vulnerability that can deal persistent damage? Poof things could grind to a halt inflicting significant economic damage, and using an attack of a nature that has thus far not justified forceful retaliation in scenarios where it has happened.

Even assuming that from a networking and computer security things were perfect, we still have the reality that a military adversary coordinating an attack on 2 dozen sites could cripple our online infrastructure.

Our love of making these too big to fail companies not only has regrettable economic repercussions, but leaves our online ecosystem way too fragile.

Re: Question the Pentagon's use of the cloud

[Harlequin80]

How is this modded up?

Re:Question the Pentagon's use of the cloud

Simply by moving to cloud computing, the Pentagon is revealing that they underestimate the cyber espionage capabilities of enemy states, and as in the case of Islamic State or Al Qaeda, stateless enemies. ... In an all out war,

US military operates globally even during peace time. Even if this particular contract was purely about an office network, the cloud technology is increasingly planned to be used even in the operational networks on the field. The flexibility is needed because the modern information systems are finally due to be integrated with the actual operations and have to conform to the way US military is operating and is equipped. The war-time needs of the US National Guard and many national defense forces around the world are naturally different.

Two sides to that

[raymorris]

I suspect the benefit to splitting things up may be obvious enough that I don't need to state it. On the other hand, over the years I've put a lot of thought into why companies use these clouds, and particularly AWS.

Years ago I developed a small private cloud using a lot of technology I designed and architected myself, with coding help from my employees and a contractor for the UI. It was mostly about storage, and some really nifty ways of managing virtual machines, but the main cost was storage. Multiple people asked me why we didn't use AWS for storage, so even after I had already looked into AWS I double checked a couple more times. What I found was that their storage was MUCH more expensive than some very solid, very flexible storage built from standard open source Linux storage components (cLVM, etc) and some 16-bay Supermicro chassis. AWS was super expensive for storage, and for virtual machines. So why are so many companies using them so much? Years later, I think I have a couple of answers.

There are a few reasons, but one is the level of integration of advanced things like auto-scale groups. Even getting just a load balancer working PROPERLY and configuring a static cluster of web servers is tricky normally. More often than not, the server clusters I see people deploy aren't actually clusters at all. They are a screwed up hybrid of a true cluster and a bunch of independent mirrors, which breaks things. AWS gives you a solid cluster in a few clicks. You can the easily save your entire cluster setup to your git repo as a Cloud Formation template.

The big clouds aren't the best way to get storage, they aren't the best way to run virtual machines, they aren't the best way to run databases. The magic is the integration - with a few clicks you have all the right DNS entries pointed to your new cluster of web servers, which talk to your DB cluster through the Lamda functions, all backed by the magic storage in a seamless way. With a beautiful API for programming it all. That's where the value is, how Amazon brings all these different things together seamlessly.

Breaking your operations up across a bunch of cloud providers meana giving up this seamless integration, duplicating whole data centers to another physical location with a few clicks, and haing everything still work.

If you're not going to take advantage of how everything is put together, you may as well save a few bucks and have a rack full of Supermicro gear on premises.

Re:Two sides to that

The reality is public cloud is easy, relatively reliable, and despite your assertion, it is usually significantly cheaper than on-premises, I noticed you didn't include rack space, building power, air con, maintenance, staff etc to run the hardware when you mentioned your comparison, when you do unless you are incredibly efficient it is nearly impossible to match AWS or Azure prices.

Re:Two sides to that

It depends on economy of scale. For a small company you are probably correct. As a larger, global company with multiple datacenters around the world we have done the cost comparison multiple times (about once a year for 5 years) and on-prem/private cloud was cheaper every time.

Re:Two sides to that

a major issue I ran into moving off of aws back into a "private cloud" since the head sysadmin didn't want to give up his chiefdom, was provisioning new hardware and getting it setup to expand the VM cluster. Or whole department essentially got downsized as he held a new project that may have kept us relevant in the business hostage so he could get a huge budget to build more hardware which would then take a month to get ordered from HP, then setup and tested, etc. where I could have done the whole thing myself in a couple of days on AWS.

Re: Two sides to that

I do.

Re:Two sides to that

Well, you pay for convenience. Don't expect to have things convenient and cheap at the same time nowadays.

Re:Two sides to that

[PixetaledPikachu]

The reality is public cloud is easy, relatively reliable, and despite your assertion, it is usually significantly cheaper than on-premises, I noticed you didn't include rack space, building power, air con, maintenance, staff etc to run the hardware when you mentioned your comparison, when you do unless you are incredibly efficient it is nearly impossible to match AWS or Azure prices.

On top of that you've got to deal with infrastructure lifecycle, dealing with EOSL appliances, refreshing your infrastructure and phasing out the old ones, upgrading hypervisors, and proposing budget for those things to managements who don't understand that infrastructure lifecycle is a never ending process, who don't understand unless you sync their business projects the year before so that we can invest in hardware before hand, hardware delivery would take 4 to 6 weeks With cloud, assuming it's applicable, you just need to make sure that the business people factor in the cloud opex into each of their projects.

Re:Two sides to that

[luis_a_espinal]

It depends on economy of scale. For a small company you are probably correct. As a larger, global company with multiple datacenters around the world we have done the cost comparison multiple times (about once a year for 5 years) and on-prem/private cloud was cheaper every time.

That's been my experience as well. I know for a fact and experience that large, global companies like NTT, ECB or CBS have hundreds of thousands of systems (computers, routers, gateways, etc) in-premise, their nature and business rationale being such taking them to the cloud makes no sense (financially and operationally.)

For some ops, it totally makes sense to go to the cloud.

For others, it totally makes sense *NOT TO*.

Re:Two sides to that

[datavirtue]

Agreed. Most IT shops spend a lot of time dealing with things that add zero value. The cloud services introduce a much better opportunity cost in that your people can focus on design of infrastructure and applications instead of maintenance of infrastructure. Maintenance is a cost, design is an opportunity and one that is a lot more flexible in the cloud since you are not tied to a major capital purchase that is next to impossible to change tomorrow.

Re:Two sides to that

Very solid, huh? S3 is "Designed to provide 99.999999999% durability and 99.99% availability of objects over a given year."

That is why it costs more.

Re:Two sides to that

No no no... his single box solution is better then any managed solution. I'm sure it's just as resilient to failure as well. (It's based on open sores)

Re:Two sides to that

[Tough+Love]

Why do you not question the idiocy of entrusting classified assets to a public cloud?

Oracle is weveel.

[harvey+the+nerd]

JEDI banishes the Dark Overlord.,,

Re:Oracle is weveel.

JEDI banishes the Dark Overlord.,,

More like JEDI is dancing with every Dark Overlord it can find...

Oracle always seeks lock-in

Oracle's offerings do not play well with others.

They know that their intentionally gimped, poorly-documented, and everchanging APIs is their "foot in the door." All Oracle need is a beachhead. Over time they get to gobble up everything due to "incompatibility" or the client must choose to no longer use Oracle's predatory software but still pay under contract.

Either way Oracle wins and the client loses.

No thanks Oracle

[eclectro]

Bad memories die hard, and your solutions trainwrecked Oregon's healthcare website when other states were able to accomplish more for far less and in a far more timely manner.

Good thing I'm not in congress, I'd find any way I could to prevent you from bidding on a contract that was critical for our national defense.

Just get lost already, and let the companies that know what they're doing get the job done.

Re:No thanks Oracle

Probably was doomed to being with but oracle had no incentive to see it suceed once they were awarded all that money... could be a calculated risk actually build it all up for a ton of money let it fail , just to ensure that more work has to be done on the problem at least by next election.

Oh the irony...

"In the protest, the database goliath sets out its arguments against a single vendor award -- broadly that it could damage innovation, competition, and security."

This coming from a company that does everything in its power to lock in clients and then extorts them outrageous fees.

Monopoly-building indeed

Given Microsoft's ownage of government infrastructure with Orifice, LookOut!/Excrap and Active Destructory, there's a real threat in handing even more government IT infrastructure to Microsoft.

Re:Monopoly-building indeed

Are you old enough to post unaccompanied?

I don't trust any of them

[Tough+Love]

I don't trust any of them, do you? Just to be clear: Microsoft getting the whole defence contract would be a disaster. Apple getting the whole defence contract would be a disaster. Oracle getting the whole defence contract would be a disaster. Google getting the whole defence contract would be a disaster. Amazon getting the whole defence contract would be a disaster. Listed in order from most disastrous to... still disastrous? What the hell.

What I want to know is, what is the size of the kickback? To whom will it be paid? In what form? Who has already promised to pay it? To be continued.

Re:I don't trust any of them

Poor IBM. They're not even getting a mention.

Re:I don't trust any of them

[dwywit]

Splitting things between different contractors is just going to end up with people pointing fingers at each other.

"It's not out fault, talk to {other provider}"

At least with a single provider you can pin them down.

Re:I don't trust any of them

If that is an ordered list how the fuck don't you have Oracle as number one for the most disastrous followed closely by google? Both make the rest look secure, cheap and efficient.

Re:I don't trust any of them

This. How about we, I don't know, not put anything of our defense infrastructure onto hyped up cloud computing platforms? Yeah, economies of scale, quack quack, whatever--you still have the problem of private companies using whatever low cost employees in offshore places that they can get away with (I don't give a damn what their marketing and PR says, they WILL cheat) plus the fact that people in business have to make a profit and when that profit comes from recurring revenue the model is lock you in then raise the rates. Does nobody see this coming?

Even the usual suspects in the IT consulting world have recognized that "cloud computing" doesn't really save money and in fact can cost a great deal more in a lot of circumstances. Sure it has specific benefits in specific situations like DR, but past that, let's fact it--most workloads do not require auto scaling, don't have the ability to turn infrastructure on and off, and basically can't take advantages of the things about cloud computing that actually save money. A statically provisioned server made to modern application specs staying up 24/7 WILL cost you a great deal more than buying the damned server in the first place, and that's what most workloads look like. I don't give a crap about how much press Docker or other mini machines look like, that's what most workloads look like because that's what most overpriced vendor crapware requires. SQL databases and such serverless services are nice, but you're not going to be connecting a badly architected bloated vendor desktop app that hasn't been overhauled in decades to one without severe latency penalties, meaning you're not going to do it. Same with cloud file storage. The US government is being extremely stupid here.

Re:I don't trust any of them

[DarkOx]

I am not so sure. There are lots of problems with moving military applications to the cloud. I don't think those can be understated. However one of the biggest problems our government has today is there are to many players in literally every activity it performs. Two men can keep a secret when one of them is dead! Not having this go to all one vendor means multiple parties will have access to the hardware that has tokens and authentication information. Multiple parties will be in a position to observe and gather sigint etc. Frankly Every single one of those parties is already to big and to international IMHO to be able to partner with the DOD in something like this! That said I am with the DOD on this one multiple party would be worse in terms of being able to monitor and control data.

Re:I don't trust any of them

[Junta]

Exactly my concern...

It's one thing if the argument is 'you need to award several smaller *independent* providers', so that a total failure of one vendor is isolated and you can keep going, great I wholeheartedly agree.

It's another if the argument is (and I think this is Oracle's hope) 'you need to compose the solution of many providers at different layers', so that a total failure of any of them is guaranteed to knock everything out.

Re:I don't trust any of them

[gtall]

I doubt there is a kickback, it is too open to the GAO and auditing. The DoD is finishing up their first ever audit, that will now become fodder for GAO oversight as it will now be an ongoing audit exercise.

The problem with not going with a mono culture is that congress critters will then use DoD as a punching bag for declaring that it is wasting money attempting to get all the cats herded together. And the extra money it would take to herd those cats will be significant.

Balanced against that is the security issues with a mono-culture. However, Congress doesn't get security, and certainly the current alleged Administration does not either. DoD does but it is a vast enterprise and securing the entire thing as a question isn't, to reuse Pauli's phrase, not even wrong.

Re:I don't trust any of them

I reviewed a proposal with an IBM partner and among other things offensive to the government, IBM would not share the details of their Incident Response Plan. There were other issues, but if I can't read a copy of your plan I can't ensure it meets my needs.

Re:I don't trust any of them

So during the Obama administration the OMB CIO said all government agencies had to go cloud first. This is still aftershocks of that. Most people feel like the cloud is supposed to save them money and that is THE reason to do it. As you mentioned elastic is a good reason to go, some govt apps might need elastic. HOWEVER

A lot of government apps need things like firewalls, web proxies and the like to meet security ands regulatory requirements. When I buy those devices I'm on a treadmill of replacing them every three years. When I configure software appliances to do the same thing, I rent them and I pay for all the traffic that goes through them such that the security and regulatory burden makes cloud more expensive for government than on-prem. The pentagon should be able to make this case and get an exemption from the cloud first policy.

However all of the things they have on the internet facing side right now could probably go to Amazon Govcloud and be pretty resilient to denial of service. All of the things off the internet could use private links from region to region and do ok, but I don't expect this to save any money.

They should be able to choose one provider and then have the contractors working on individual systems maintain their applications within that provider this allows them to use some common infrastructure and only pay for the firewalls and proxies once, though still get metered on the traffic at least you aren't renting one appliance for every application. Also they can consolidate their identity provider, encryption key storage and the like.

Amazon is more technically capable than Azure, but if you're going to throw $10B at AWS, they have to fix things like the S3 outage and failover between the 2 govcloud regions need to be seamless. The contract should have milestones covering when those things have to be fixed by. I'm not worried about the fact govcloud doesn't have as many features as commercial AWS, they only import over new features as customer ask for them, the pentagon can ask for them.

Re:I don't trust any of them

[Tough+Love]

I doubt there is a kickback, it is too open to the GAO and auditing.

You are a trusting soul. Look at how Trump flouts the law in broad daylight. There are ways, there are means. Not all payback is in dollars (but most is.)

Oracle v. Pentagon

The Pentagon shouldn't take that lightly. Forget about Russia, only Oracle can bring them down to their knees.

It's like Stargate SG1 episodes, the biggest and most dangerous villains they ever face in the whole series are an obstructive bureaucrat and an evil senator.

Pentagon on the cloud

Pentagon on the clouds is as meaningful as giving the chicoms / russians all our secrets on silver platters

Perhaps Pentagon wants it this way - to surrender to the chicoms / russians without having to fight

Re: Pentagon on the cloud

What cloud service do the NSA and the CIA use? Question answered!

Re: Pentagon on the cloud

CIA: azure

Re: Pentagon on the cloud

Nailed it. Obamas DOD still runs the show.

Re: Trump files complaint against treason noose

Donald TRUMP cut in line at the supermarket!

day wanna wonga

*Waves hand*

You want to award the $10 billion contract to the JEDI, and you will like it.

But advanced JEDI mind tricks don't work on the GAO, perhaps something more simple like good old fashion bribery and corruption.

This seems fine to me

A SITH contract would be more appropriate for Oracle anyway.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Dead company walking. They just don't realize it

Dead company walking. They just don't realize it.
Their clients hate Oracle. If they could, they've fire them today.
Oracle has been a bully, especially on cloudy stuff.

And...

[erp_consultant]

If Oracle were awarded the contract instead then Amazon or Microsoft would just sit by idly? Of course not. They would launch lawsuits of their own. This story has nothing to do with what's best for the federal government and everything to do with endless corporate greed.

Obviously Oracle is fighting to prevent a competitor from getting a foot in the door. They want the whole pie for themselves, just like Microsoft and Amazon do.

Oracle warns about vendor lock in.

[kiviQr]

Oracle warns about vendor lock in - good one. (only if you choose someone else).

typical

any time big gov't contracts are awarded it's typical for non-selected vendors to launch formal protests

Re:typical

[ausekilis]

any time big gov't contracts are awarded it's typical for non-selected vendors to launch formal protests

See the KC-135 kerfluffle between Boeing, Lockheed and Northrop Grumman.

DoD response

[almitydave]

The DoD responded to Oracle:

"I am not altering the deal. Pray I alter it further."

Same thing happened before

[sentiblue]

About 5 years ago, the CIA gave a computing contract to AWS and IBM did the same challenge. The agency did aknowledge IBM's challenge and opened up a bidding prodess which AWS won anyway. Only few months after that I was offered an interview with AWS which requires that I secure a high level security clearance certification. I had no doubt that this was the work to be done at the agency, but I did have one disqualification for security clearance so I didn't even bother with the interview.

Now back to Oracle... they've always been a predator in this world. They don't cry when they're the single vendor of a lucrative contract but if someone else gets anything, they bitch. They keep raising licensing costs and changing licensing models on existing customers knowing that it takes them years to leave. Some of the customers are so much built on 11g that they can't leave at all. The most funny/silly thing I've seen with them is that Ellison said Google stole Android from them LMFAO!!!

Re:Same thing happened before

[oh_my_080980980]

Umm no ass-hole. Ellison claimed Google took stuff from Oracle. Which is true. As a court ruled: Google owes Oracle for unfair use of Java in Android. https://www.androidcentral.com...

Google was unable to develop their own language for Android so they used Java, hoping to tap into that eco system. Which is ironic since Google also berated the Java language.

Re: Trump files complaint against treason noose

Putin stole my USB key

Three person company, scales from there

[raymorris]

I started my cost comparison based on a three-person company renting a quarter rack (11U) duplicatds in two data centers. 6U was 32 hard drives, 3U was CPU, and the remaining 2U was the network switch and IP KVM.

Even at that level AWS was much more expensive, mostly due to the man power of occasionally maintaining it. Economies of scale make your own hardware cheaper as you scale up.

Re:Three person company, scales from there

So in other words you were NOT comparing apples to apples, you had a non redundancy system with no remote storage and did not include provisioning and deprovisioning, asset management and all the other costs.

Re:Three person company, scales from there

We have done the numbers many times for our organisation. It is always funny how badly IT people, especially infrastructure people don't understand real costs. We are only a 2000 server shop and we definitely can't do it cheaper than cloud though if you listened to the hardware and infrastructure guys up front they would claim that is bullshit.

They did the first price comparison, Cloud was nearly 3 times more expensive, we looked at it and laughed and told them to go back and include all costs like racks, building, provisioning, deprovisioning, parts and maintainence and ALL other costs. They came back and it was still 1.5 times more expensives for cloud, then we asked to look at their staffing costs and they looked at us blankly. They went back and added in the IT staff maintaining the hardware, configuring etc.and cost came back on par

we again started analysing the numbers and of course their argument was their is no saving so not worth it. We quickly found they had no HR costs, no ITSM, no project management, no contract management, no building/parking costs for staff or any of their equipment etc. Anyway we are now halfway through our migration! Chances are unless you are very large scale or so small that things like redundancy and maintenance just aren't significant then you are doing the numbers half arsed if you find cloud more expensive.

Re:Three person company, scales from there

[raymorris]

>> I started my cost comparison based on a three-person company renting a quarter rack (11U) duplicated in two data centers. ... 32 hard drives

> you had a non redundancy

Let me guess, with your keen eye for detail, you're a Bernie Sanders supporter?

What exactly is confusing to you about "DUPLICATED in TWO data centers"? How do you think 32 drives per unit would be configured? Perhaps as a RAID, aka Redundant Array of Independent Drives?

Azure or DigitalOcean

AWS is a complete disaster. My example is that S3, AWS' bread-and-butter, is crap. Want proof? Look no further than the now defunct Amazon Cloud Drive. They couldn't keep that "backed by S3" service up at even a 90% SLA and they sure couldn't maintain the Cloud Drive API at a level that would be called competent. AWS is constantly failing all over itself and the AWS console is an unmitigated user interface disaster and their APIs are incomplete train wrecks with documentation that borders on gibberish. It's also impossible to calculate what the real world costs will be as the AWS calculator is about as intelligent as my morning dump into the porcelain throne. My experience is that Amazon doesn't provide support for AWS either but they're plenty happy to take your money. Anyone who uses AWS and touts it as a great service is an idiot. That's coming from a veteran 30 year software developer.

Google doesn't understand DoD. Look no further than Google's history of pulling out of DoD contracts and terminating projects whenever they feel like it. Google will flake out at the worst possible moment.

Oracle is a joke. Has been a joke. Will continue to be a joke. They used to dominate enterprise databases but their database technology is from a crusty time period. When I think "cloud", I definitely don't think of Oracle. When Oracle decided to sue Google over Java in Android, that told me Oracle is a company permanently headed out to pasture. DoD can safely roll their eyes at Oracle and pass over them.

Azure is the enterprise-class behemoth in the space. Microsoft has done LOTS of DoD work in the past even making entire OSes catered to DoD needs. If DoD needs something today, Azure is, hands-down, the best choice. Despite Microsoft continually sucking hard in the mobile space, they've still got several cash cows raking in billions annually with Azure being competent and even decent. However, Azure is damn expensive so, well, tax dollars.

However, if DoD has some time and patience, DigitalOcean might be the best choice. DO has an absolutely amazing API for every feature of their platform, they keep adding incredibly useful features, Droplet performance is rarely starved for I/O, everything scales pretty damn well, and I've never experienced any outages. DigitalOcean hasn't done DoD work before so that would be an experience. DigitalOcean, however, costs less than all the other options I've mentioned so far.

Re: Azure or DigitalOcean

Azure is the best..... Wuahahahahhahahahhahahahhahhhhh oh man so good

Re: Trump files complaint against treason noose

Donald TRUMP cut in line at the supermarket!

At least he had his grocery purchasing ID on him.

that's a different thread. Trusting 2 worse than 1

[raymorris]

That may be a different thread since this article is about whether to put it on one cloud or two.

I suppose putting classified info on two public clouds is twice as dumb as putting it on one public cloud.

Re:that's a different thread. Trusting 2 worse tha

[Tough+Love]

And putting classified assets into any cloud is just asking for it. Don't let this one-or-two-vendor legerdemain distract you from the central question.