Navy Marine Corps Intranet

The Navy/Marine Corps Intranet (NMCI) is a United States Department of the Navy program which was designed to provide the vast majority of information technology services for the entire Department, including the United States Navy and Marine Corps.

Overview
The largest internal computer network in the world, NMCI served more than 707,000 sailors, marines, and civilians in 620 locations across the continental United States, Hawaii, and Japan as of March 2008. The network's 4,100 servers handle over 2.3 petabytes of data.

NMCI established an interoperable command and control network that provides the IT platform necessary for transitioning to a net-centric environment. Acting Department of Defense (DoD) CIO Terry Halvorsen described NMCI as a "forcing function within the DON to attend to our legacy infrastructure of applications, servers and networks. ” While recent statements by the Navy have been very positive about NMCI, a 2007 survey of users reported it unstable, slow, and frustrating.

"NMCI has been a hugely successful program for the Navy," Weller said during a press briefing with reporters [14 October 2010]. "It has been a cost-effective way to deliver unprecedented level of service. We learned a lot about how to do it and how not to do it."

"Anytime you transition from where you have a high degree of localized control to a high degree of centralized control, there will be some disgruntled folks," Weller said. "I think since we already are in that world, about 70 percent of the Navy's IT infrastructure, we are in a world where the Navy has complete control and authority over how we operate the network. That has allowed us to maintain extremely high degree of security, which is frankly our number one issue. The only way that we are aware of you can do that is to have tight configuration management and tight central control. So that is where a lot of the complaints came from. To that note, what have we done to lessen blow in future? I think the answer is we don't need to because we are already there."

On 30 September 2010, the NMCI contract ended and the new Continuity of Services Contract (COSC) began. Under the COSC, the Navy retains the same scope of NMCI services with HP, but the network becomes a government-owned, contractor-supported, managed services environment.

This is a paradigm shift because under the original NMCI contract, the government managed the network at a distance and did not own any IT assets used in the program. Rather, they were owned by the prime contractor, and services are provided to the government on a per-seat basis. Pricing is primarily assessed on a per-machine basis that includes security services, help desk support, and periodic technology upgrades; however, fees for additional services (such as classified connectivity, mission-critical service, additional user accounts, software installation, seat moves, remote access from mobile devices, etc.) did apply. Videophones that provide equal access for Deaf employees are not permissible under NMCI regulations. As of October 2007, the per-seat price for all of NMCI was reduced by 15 percent. Desktop PCs and laptops as well as other network components are being continually upgraded in order to enhance performance and security.

NMCI is the first large-scale federal government IT centralization and outsourcing project. Its lessons have informed other government agency efforts to consolidate and outsource IT services. According to industry analyst Warren Suss of Suss Sonsulting, "In the long run, government agencies will come to see the need for similar types of solutions, and I think they'll look to NMCI for lessons learned."

The NMCI program is managed by the Navy's Program Executive Office–Enterprise Information Systems (PEO-EIS).

History
On 6 October 2000, the NMCI contract was awarded to Electronic Data Systems (EDS), now HP Enterprise Services (HP). Secretary of the Navy Gordon England summed up the Navy's IT Environment prior to the commencement of NMCI: “We basically had 28 separate commands budgeting, developing, licensing, and operating IT autonomously. It was inefficient and from the larger Department perspective, produced results that were far from optimal.”

NMCI consolidated roughly 6,000 networks—some of which could not e-mail, let alone collaborate with each other—into a single integrated and secure IT environment. HP updated more than 100,000 desktop and laptop PCs in 2007. The program also consolidated an ad hoc network of more than 8,000 applications to 500 in four years and 15,003 logistics and readiness systems to 2,759 over a two-year period.

Sub-contractors to HP include: HP also provides the security services once provided by Raytheon.
 * Apple Inc., Cisco, Dell, DTech, McAfee, Microsoft, Oracle Corporation, Sun Microsystems, and Symantec
 * Harris Corporation (which acquired Multimax formerly known as Netco Government Services and WAM!NET), which provided enterprise network infrastructure design and support until its contract expired in 2014.
 * Verizon, which provides wide area network (WAN) connectivity.

HP also has worked with more than 400 small businesses, with 5 percent for small disadvantaged businesses, 5 percent for women-owned small businesses and 1.5 percent for HUBZone small businesses. Since its inception, NMCI has exceeded the minimum 40% small business objective set for the contract.

NMCI quickly suffered some widely publicized setbacks, including rollout delays that caused HP financial losses. Today, NMCI is described in documents from the Navy's chief information officer as "the core enterprise network for Navy and Marine Corps forces in the United States and Japan, providing secure access to integrated voice, video and data communications."

In 2009 NMCI became the first network to deploy the Global Address List (GAL), a multiservice address list that increases interoperability by enabling Navy and Marine Corps users to access the Defense Information Systems Agency's Joint Enterprise Directory Services (JEDS) contact list.

Additional improvements to network performance are also underway with the deployment of the Network Operations Common Operating Picture (NetOps COP). The tool helps provide enhanced situational awareness via increased information sharing and collaboration to commanders by giving them a common picture of network performance. Commanders can see scheduled maintenance tasks and other issues impacting the network, giving them the option to defer work that might affect the flow of critical information from the battlefield.

Work in 2008 has increased NMCI's ability to respond to security issues and the program was the first network to implement fully the Department of Defense information assurance standards in both classified and unclassified environments. Among the enhancements were the deployment of Websense content filtering, an information assurance tool designed to inspect and block inbound Web traffic containing malicious code with little impact to the user. According to NMCI public affairs, "Websense allows the Network Operational Commands to set a tailored blocking policy by content such as gambling, hate speech or adult content, rather than blocking specific sites or URLs only. This allows the network operators to block sites much more efficiently and outsources the fight against the growing amount of inappropriate content."

According to the Navy, Websense enables users to block or unblock sites, based on emerging and/or dynamic threats. The NMCI blocking policy is determined by various operational commands, such as the Naval Network Warfare Command, and enforced by the Global Network Operations Center, based in Norfolk. Blocked sites are redirected to a notification page which then links to a page on NMCI's homeport Web site. On this site, a user can submit a request that a site be unblocked in order to support mission requirements.

In addition, NMCI is upgrading existing servers with Bluecoat proxy servers, which provides better capacity and traffic management functions. According to NMCI's own data, a few users account for the majority of NMCI's bandwidth usage, mostly attributed to streaming internet radio and video. New servers will allow bandwidth usage monitoring, down to a command or user level.

The security upgrades have been well received by the Navy. On 31 March 2009, Rear Admiral (Ret.) John A. Gauss, Acquisition Director for the NGEN System Program Office (SPO) said during a press conference that "NMCI is the most secure network within the Navy."

The Navy and HP measure end-user satisfaction through a series of quarterly satisfaction surveys. End user satisfaction has steadily improved, reaching a high of nearly 86% in February 2008, as compared to 80% in December 2006. This is largely due to the upgrade of nearly 112,000 desktop and laptop computers in 2007, and a combination of network enhancements that are improving speed and reliability. HP is on track to upgrade another 120,000 seats in 2008 at Navy and Marine Corps bases in the US and Asia.

Working in tandem with the technology refresh are the virtualization efforts on the network. NMCI is on track to move from 2,700 servers down to roughly 300. The efforts are expected to save more than $1.6 million per year in electricity costs. Additionally, the decrease in the number of servers being refreshed will lower the cost of updating the equipment, leading to a potential savings of at least $1.5 million over four years.

A highlight of the Navy's virtualization efforts was its win of InfoWorld's 2009 Green 15 Award, which honors 15 companies and/or organizations for their green IT projects. Ted Samson, Senior Analyst for InfoWorld said of the honorees, "This year's Green 15 winners demonstrate, once again, that green IT projects can be a win-win proposition. These organizations have not only helped the planet by reducing greenhouse gas emissions, preserving trees, and keeping e-waste out of landfills. They've also reaped measurable business benefits, such as significantly lower electricity bills, fewer hardware refreshes, and postponed datacenter-expansion projects – along with gains in efficiency and productivity."

In 2006, the NMCI program office was criticized for its annual customer-satisfaction surveys. Officials refuse to release the raw data, leading to accusations that their conclusions are overly sunny. One NMCI director, Rear Admiral James B. Godwin III, said releasing the results would challenge the "integrity of our data."

The Department of the Navy has shown no desire to scale back or cancel the program. On 24 March 2006 the Navy exercised its three-year, $3 billion option to extend the contract through September 2010.

In April 2006, users began to log on with Common Access Cards (CACs), a smartcard-based logon system called the Cryptographic Log On (CLO). In October 2008, NMCI's prime contractor HP posted a set of procedures so Apple Mac users can access NMCI's public-facing Web services, such as the e-mail and calendar functions, using their CAC readers with their Macs. The workaround also works with other Defense Department CAC-enabled networks. Alternatively, NMCI and all other CAC-authenticated DoD websites may be accessed using LPS-Public.

After early challenges, the Navy is pleased with the performance and security of the NMCI network. According to Captain Tim Holland, program manager for the Navy's Next Generation Enterprise Network (NGEN), "NMCI is very robust today—we have good security with it, very good performance." In an interview the DoN CIO Robert J. Carey stated, "The plan is that NGEN  will be in place before the NMCI contract expires because it is not a renewable contract. According to the Navy, NMCI will serve as the baseline from which it will transition to NGEN.

The Navy's confidence in NMCI today marks a significant turnaround from the challenges cited in the GAO’s report of December 2006. The report states that " NMCI has not met its two strategic goals—to provide information superiority and to foster innovation via interoperability and shared services." The document also goes on to evaluate HP's performance, "GAO's analysis of available performance data, however, showed that the Navy had met only 3 of 20 performance targets (15 percent) associated with the program's goals and nine related performance categories."

In contrast are the more recent comments from Vice Admiral Harry B. Harris Jr., deputy chief of naval operations for communication networks (OPNAV N-6) and deputy chief information officer, Department of the Navy. "I believe that NMCI in 2008 is achieving much of what we had hoped NMCI would achieve. It's leveled the playing field for security. It's allowed us to do things like push security patches that go through the whole enterprise that's on NMCI. If you look at NMCI historically, it was probably the first step for the Navy to move into what was then called Joint Vision 2010 and now is Joint Vision 2020. It's actually done that, and it's moving the Navy toward the U.S. Defense Department's goal of information superiority. So, I see a lot of good things with NMCI."

NMCI works today and it continues to improve as user needs evolve and technology opportunities arise. During the final two years of the contract, technology initiatives included new hardware, applications, and services to support the Navy and Marine Corps' advanced IT needs. HP will install more than 110,000 new laptops and desktops, and will push more upgrades to improve end-users' IT capabilities through upgraded machine capacity, new operating systems, and new service lines.

Today
The Naval Enterprise Networks (NEN) program office, in collaboration with NMCI partner HP, which manages the CoSC program, is deploying a number of new Navy initiatives, including: Tablet laptops for Navy recruiters Hosted Virtual Desktop (HVD) capability Expanded support for smartcards Enterprise-wide operating system upgrade and improved end-user hardware delivery times
 * The NRC began rolling out Hewlett-Packard (HP) Elitebook 2740p Tablets to recruiters in early September 2011.
 * Thin-client HVDs using network storage will replace bulkier traditional workstations.
 * Two-factor authentication using a SIPRNET smartcard token will be used to confirm the identity of NMCI users.
 * New five-day seat deployment initiative aims to speed up the delivery time of new workstations.

Next steps
On 31 March 2009, the Department of the Navy's Space and Naval Warfare System Command announced its intention to negotiate a Continuity of Service Contract (COSC) that would allow HP to continue to provide IT services during the transition from the existing contract (NMCI) to the proposed next contract, known as Next Generation Enterprise Network Solution (NGEN).

Under the new contract, HP will continue NMCI services, support the transition to NGEN (which includes various engineering services), and give the Navy licenses for the network's operations and infrastructure. A chief goal of the new contract is to ensure that the network remains up-and-running while the Navy pursues the goals of NGEN.

As Rear Admiral John Goodwin, assistant chief of naval operations of NGEN notes, "My responsibilities are to synchronize the efforts of the operations, the policy, the programming, the resources and the acquisition piece," Goodwin said.

Network security and functionality
In November 2007, a quarterly user satisfaction rating between both the United States Marine Corps and the United States Navy revealed that 83.8 percent of the military members who submitted the survey said that NMCI was satisfactory. Some of the 17 percent who were not satisfied were vocal in their disapproval.

Disgruntled users nicknamed NMCI "No More Contracted Infosystems," according to an article in the Marine Corps Times. Some users also complain that they are not able to access all the Web sites they want, like box.net and npr.org. Senior officers said they enacted the worldwide ban on these types of sites out of concern that the rapidly increasing use of these sites threatened to overwhelm the military's private Internet network and risk the disclosure of combat-sensitive material.

NMCI's (per DoD requirements) need for security results in longer boot-up times for computers on the network than on non-network computers. HP claims to be accelerating its technology refresh activities which include deploying new, faster computers which should improve performance while maintaining tight security.

Though technical support has improved dramatically, and though HP's help desk earned high praise from many survey respondents in 2007, some NMCI users felt that their wait times were excessive when they called the help desk. Further, because NMCI's first priority was to rein in the counterproductive customization and proliferation of applications and networks, users are not given permissions to change computers’ settings. Some servicemen and women are unhappy with the fact that they are not given permission to administer the system from the user level.

NMCI requires that only network administrators perform all maintenance and support to ensure uniform security and capabilities across the network. Some users find that requirement cumbersome and claim that wait times to resolve even the smallest of issues are too long.

Despite early challenges, NMCI will be the foundation on which the Navy and Marine Corps can build to support their broader strategic information management objectives.

The U.S. Naval Institute reports that "Complaints about NMCI speed and reliability are near-constant" and a wired.com piece quotes an NMCI employee as saying:

"I still work for the NMCI and I have to say that I honestly have a hard time looking sailors in the eye when I’m out and about because I’m so ashamed of the job that’s done. I’ve never seen more disregard for the well-being of a customer than I have at HP. We’re given sub-standard tools and people that are hired off the street that have NO computer knowledge. There is absolutely no incentive or upward advancement, and on top of that, there have been pay cuts since HP took over. They aren’t retaining any talented individuals, and it shows. We’re understaffed. We were working mandatory overtime for almost a year (10-11 months). Now that’s been eliminated since it’s no longer cost effective to care about the users for the remainder of this contract seeing as how the new contract has been signed and made official...Stretched for resources as they are, people like me are pulled from their normal duties (dealing with customer issues, training agents, and completing order requests) to just answer basic Service Desk calls. When this happens, we worsen our situation because there’s a major loss in training and resolution time. Agents that I know that have been resourced to working e-mail backlog have said that there is a 15 day turnaround time for nothing more than a response back...We’re digging ourselves into a hole that we can’t possibly hope to get out of ethically, and I shudder to think of what it’s going to take to even restore ourselves back to the position of a semi-effective source of troubleshooting and support for our customers."

Additionally, a govinfo.gov article mentions several perceived NMCI inadequacies, e.g. "NMCI response time is slow both on- and off-site" and " 'reach back' to legacy systems through NMCI is slow, sometimes taking 45 minutes to open a document."

It was reported that NMCI was breached by Iranian cyber warfare efforts. NMCI's performance and reliability has been criticized by its user base, as evidenced by sailors and marines initially claiming that the acronym stood for “No More Computer Information.”

In terms of transparency relating to NMCI's user satisfaction surveys, unofficial US government IT news site gcn.com reports "Since the surveys began a few years ago, the NMCI program office has steadfastly declined to release a complete copy of the questionnaire, instead just issuing a release about the results."