Pentagon wants to move its ‘Acropolis’ to the cloud to fight cyber-adversaries

The Acropolis in modern Athens, Greece. (Getty Images)


Written by

In ancient Greece, the Acropolis in Athens was a citadel and a religious site, strategically placed on a hilltop to defend against adversaries.

The Defense Department, too, has an Acropolis — a program “to provide a secure, consolidated and integrated [defensive cyber operations, or DCO] and Situational Awareness (SA) environment for cybersecurity analysts within the DoD to protect and defend the Department Of Defense Information Network (DODIN).”

And like the Greeks, who put their Acropolis at the highest point of the city, the DOD wants to move its Acropolis to the most secure cloud environment.

The Defense Information Systems Agency issued a request for information Monday in search of small businesses that can provide infrastructure-as-a-service, virtual private cloud capabilities at DOD Impact Levels 5 and 6 for the Acropolis program. Vendors with IL5 authorization can handle the most sensitive DOD controlled unclassified information; at IL6, vendors can work with DOD’s classified information up to the Secret level. For now, Amazon Web Services is the only cloud provider authorized to handle IL6 information.

The “Acropolis is ‘Where We Fight’ cyber adversaries,” the solicitation says. “The success of the Acropolis mission revolves around our ability to successfully collect, store, translate, enrich and deliver DCO data to both external and internal subscribers from within the Acropolis environment.”

The new cloud environment must “blend the current DoD owned and operated infrastructure with IaaS offered by the cloud service provider” to ensure “critical services such as Data Brokering and cross domain remain within the DoD owned and operated boundary, while the backend services, databases, and ancillary servers are shifted to IaaS within a dedicated [virtual private cloud] instance.”

Additionally, the eventual contractor will have to expand hosting of “the existing DoD owned and operated Acropolis Transport Network (ATN)” to its own location.

“The cloud provider is required to host a DoD owned network encryption device and router within their facility to provide the necessary confidentiality, integrity, and availability from the DODIN infrastructure to the cloud provider’s IaaS virtual environment,” the solicitation says.

The winning contractor must have IL6 authorization prior to award date, which DOD anticipates will be in fiscal 2018 or 2019.

Northrop Grumman Corp. is currently on contract to support the DOD Acropolis program through 2019.

This solicitation marks yet another DOD move to the cloud, amid several other ongoing high-profile cloud acquisitions at the department. Most notably, the Pentagon is looking to adopt a commercial enterprise cloud through the Joint Enterprise Defense Infrastructure program. That landmark multibillion-dollar effort, however, has hit a pause of late since new DOD CIO Dana Deasy took over the department’s cloud initiatives and decided to do a “full review” of the program. 

-In this Story-

Acropolis, Cloud, Defensive cyber operations, Department of Defense (DOD), DISA, Northrop Grumman, Pentagon