Quick Overview of Challenge, Solution and Benefits:
The Challenge:
- Enhance system image to conform to DoD Information Assurance (IA) initiatives
- Simplify ongoing management and upgrade of field systems
- Upgrade and transition images from Windows 7 to Windows 10
- Ensure easy patching to safeguard compliance with constantly changing STIGS
- Enable more convenient, flexible, and secure backups
The Solution
- Configure secure image to Windows 10 IoT Enterprise and Embedded Server 2016
- Customize backup solution for independent backup of STIG-compliant image, application data, and customer-specific data
The Benefits
- Engineer-to-engineer collaboration ensures ideal time to value
- Improved overall design using best in practice
- Improvements in serviceability due to sharing of knowledge through collaborative design
- Efficient Windows 10 migration
- Standardized security protocol across defense and commercial offerings reduces maintenance resources and costs
- Scheduled backups increase control and convenience, with backup files stored securely on-site
The Full Version:
The Customer
The customer is a flight training and simulation leader, distinguished by its range of both commercial and military end-users. The firm’s proprietary training centers serve customers in over 150 countries, educating and supporting pilots flying the most modern and sophisticated aircraft in the world. Services include application development as well as integrated design, manufacturing, and support. These comprehensive capabilities drive the organization’s ability to deliver aircraft- and mission-specific courses, complete training systems, and advanced flight simulators designed to enhance pilot training experience.
The Challenge
Recognizing the need to simplify management of its field of flight systems and conform to DoD Information Assurance (IA) initiatives, the customer required a smart approach to its operating system (OS) image management strategy. The group wanted to enhance system image features to meet STIG requirements and simultaneously capitalize on the opportunity to migrate Windows 7-based images to Windows 10-based images.
Because DoD STIGs continually change every three to six months, the company needed to establish a plan for maintaining ongoing compliance. With hundreds of simulators serving up thousands of training courses annually, security patching had to be seamless – including a central domain policy that would push out policy updates and enable administrators to rerun STIG validations and create compliance reporting. Commercial customers would benefit as well, as security features defined by the DoD would become standardized across the firm’s commercial and military offerings
The firm also wanted a simpler and more flexible backup process – launched from within its application and capable of backing up local and remote nodes using secure authenticated credentials.
The Solution
Dedicated Computing stepped into the role of technical partner, collaborating with the training and simulation firm. A two-part project was established, including a new image and image management approach and customized backup solution.
Dedicated Computing created a secure Information Assurance (IA) baseline image, configuring Windows 10 IoT Enterprise and Embedded Server 2016 to meet DoD STIG requirements. The engineering team ensured all required third party software components (applications, drivers, and patches) were configured on both images and generated reporting properly formatted for IA submission. Both images were designed to be field upgradable to meet constantly changing STIG requirements.
The Dedicated Computing team worked on all tasks in parallel, completing the transition to Windows 10, Embedded Server 2016 image, and custom backup solution simultaneously. The backup tool was designed to allow a single system in the rack to control remote backup of all other nodes – scalable to any number of nodes. Designed for flexibility, the backup tool enables system administrators to select and schedule nodes for backup as well as choose a destination device for safe storage. Backup files are now securely stored on high capacity storage media secured on-premise, addressing DoD concerns about sensitive data.
The backup solution also includes a central domain policy that manages changes and updates, such as security policies that are added or removed from STIGs and Windows patches that are routinely released by Microsoft. The result is a solution that meets security and compliance, without sacrificing user experience.
The Benefit
The initial architectural design was established quickly, addressing expectations and requirements as well as future product plans. The process was collaborative, with daily updates regarding how the backup infrastructure, application software, and hardware would integrate.
Consolidating to a single, high performance security option improved security across the firm’s offering, including both military and commercial services. Costs are also reduced for the long-term, eliminating maintenance associated with supporting additional security standards.
The backup was configured for application integration and included flexible backup strategies to devices for secure online storage – a big win in reducing time and labor of field application engineers. Operating system data and customer application data can each be backed up independently, providing flexibility for field engineers during recovery and maintenance activities. Backup data is stored securely onsite. And due to the unique design, restore operations are quick and simple, even allowing restore to bare metal. In addition to enabling greater control of backup operations, the solution provides options for future development, such as repairing corrupted partitions, and changing operating systems and boot environments.
Dedicated Computing’s engineer-to-engineer collaboration is unique, and drives a cooperative design and engineering process. Exchange of knowledge ensures not only clear understanding of project requirements and expectations, but also available skillsets and overall business priorities. By sharing insight and feedback, with ongoing daily communications, the timeline was met and the solution was perfectly tailored to the customer’s needs. By standardizing security features to rigorous DoD requirements, the organization reduced maintenance and documentation costs for the long-term. Coupled with smart image management, the result was a stronger and more secure solution, optimized for both commercial and military products.
--
Interested in learning more? Contact a DC representative to schedule a 1:1 discussion.
