5. ENTERPRISE-WIDE
PHYSICAL & LOGICAL
IDENTITY FRAMEWORK
OneID is an architectural strategy being driven by DOE and NNSA to create a unique
identity for all federal employees and M&O contractors to improve security and
streamline business processes associated with both physical and logical access.
6. Infrastructure as a Service secure hybrid community cloud
leveraging LANL's Infrastructure on Demand (IoD)
Accomplishments
• Project plan and
architecture delivered
• IoD v3 software
development completed
• Cloud service provider
selected and contract
awarded
• Physical and logical build-
out is complete
• IoD installation underway
7. The OneNNSA Network is a
secure, multi-tenant scalable
network that provides NNSA
with the ability to bridge
local site networks and
YOURcloud.
• Dynamic Multipoint Virtual Private Networking (DMVPN)
• FIPS 140-2 compliant encryption
• Secure, high-bandwidth network connecting all sites and
the cloud
• Moving from test phase to Pilot phase
10. INNOVATIVE VEHICLES
STRONG SERVICE LEVEL AGREEMENTS
NO-CAPEX MODEL
EVERYTHING AS A SERVICE
Procurement Strategy
Moving DOE IT from a service provider to a service
broker with a focus on SLAs, value engineering,
security, and world class customer service
13. CYBERSECURITY STRATEGY
• YOURcloud maps to FEDRAMP, DOE,
and NNSA cyber controls
• Data centric approach to security –
secure the data, not the device
• Pick a plan versus write a plan
• Simple, Adaptive security
• Software Defined Security – enforced
through the broker
This design allows sites to retain the responsibility for provisioning and securing of end devices and incident management, but also gives NNSA centralized management of the edge devices required for OneNNSA Network connectivity.