As the Department of Homeland Security (DHS) and the Department of Justice (DOJ) modernize software to meet increasingly complex missions, a collaborative development model – powered by open-source technologies and agile methodologies – speeds the development process. In a recent interview with MeriTalk, Michael Hardee, chief architect for law enforcement and justice at Red Hat, discusses how a container-first and cloud-first approach can help – and how the recent achievement of FedRAMP High Status for the Red Hat OpenShift Service on AWS (ROSA) platform provides DHS and DOJ agencies with even stronger security controls.
MeriTalk: The Department of Homeland Security and the Department of Justice are working to modernize software and retire legacy systems. From your perspective, how do you see the departments accomplishing these goals?
Hardee: The broader goal for DHS and DOJ is to build modern, effective software, and the departments are both doing that at an extremely effective pace. Every DHS or DOJ agency that I interact with is taking a container-first approach, a cloud-first approach and an automation-first approach. And they’re layering in security on top of that to meet zero trust requirements. The specific focus of our DHS and DOJ clients has been establishing a cloud landing zone, or sometimes a multi-cloud landing zone. That can mean repositioning their entire portfolio to the cloud or establishing a hybrid cloud architecture where they have workloads living in the cloud and in the data center. Red Hat supports these efforts as our technology is portable, whether it’s Red Hat Enterprise Linux, Red Hat Ansible Automation Platform, or Red Hat OpenShift. Because of this portability, DHS and DOJ can take the solutions that they’ve been building in the data center to the cloud or out to the tactical edge without sacrificing capability or security. And security is especially important for these two departments.
Our portfolio enables customers to design solutions that meet their requirements and provide mission-focused outcomes. Developers are leveraging Red Hat Enterprise Linux to develop and host multi-tier container workloads and begin adoption of Kubernetes concepts in their development practice. For customer workloads that require Kubernetes orchestration, greater observability, enterprise tooling and professional developer experience. That’s where OpenShift comes into play.
Additionally, there has been a disruption in the legacy virtualization landscape. OpenShift provides industry-standard capabilities for virtualization and builds upon them. Being able to run virtual machines and containers side by side and leverage the greater functionality of the platform in a hypervisor context is transformational.
MeriTalk: Thinking about application development specifically, Red Hat utilizes a collaborative development model. How can this collaborative development model help DHS and DOJ in support of their missions?
Hardee: Red Hat solutions promote collaboration by design. Our Ansible Automation Platform, for example, due to its vast ecosystem of supported content we see teams from different domains and skill levels coming together to collaborate, share and refine automation. The Certified content collections we provide really change the starting line for our customers. By leveraging these collections our clients are able to use supported prebuilt automation. Teams don’t have to start from scratch and in most cases the heavy lifting is already done. All that is required is customizing the automation to their environment. Our customers are able to realize the value of their investment really quickly. Using the Ansible Automation Platform enters you into a larger community of practice. Thats true for all of our products.
MeriTalk: DOJ and DHS are using artificial intelligence (AI) for missions that range from protecting civil rights to securing the homeland. What advice can you offer to Federal organizations as they work to leverage AI efficiently and effectively?
Hardee: The Federal government has identified thousands of AI use cases, and so far, agencies have been focused on designing guardrails and understanding what ethical adoption looks like. As they begin adoption, a good place to start is leveraging AI capabilities infused into products that already live in their portfolio. For example, at Red Hat, we have branded the integration of generative AI into our product suite as Lightspeed, whether it’s platform management or co-development with Ansible or on OpenShift. AI is lowering the bar to adoption of technology – and will help customers fully adopt technology by closing the skills gap. I think that’s really important.
Additionally, based on unique mission requirements, many Federal agencies will be developing AI applications and training models. With Red Hat Enterprise Linux AI and OpenShift AI, we are empowering customers to protect their data with indemnified open-source models and own their AI enterprise. That’s helping to drive AI adoption, which has traditionally been a challenge across government for any technology. As you evaluate options, consider integration with your current environment.
MeriTalk: Please tell us how ROSA, a fully managed Kubernetes container platform, accelerates software modernization.
Hardee: ROSA is our managed service offering for the OpenShift container platform, which is our cloud-native application development platform that provides everything you need out of the box to support Kubernetes and containers and cloud native development. It’s a full stack solution. Now, with the managed service aspect, we’re abstracting away the need to manage the platform. Red Hat, in partnership with Amazon Web Services, is taking care of that for you. So now you can focus on developing your containers, focusing on developing robust CI/CD pipelines, making sure your workloads are secure. And we’ll take care of the platform.
As for accelerating software modernization, our customers say, ‘Give us the easy button. We don’t have time. We need to move the football downfield. We need tooling that is going to help us do that.’ ROSA is the easy button. Customers now have all of the tooling required for Kubernetes and container-native development. Whether it’s providing an enterprise-standard developer experience, building images, or adopting a GitOps practice – all of your monitoring and observability tooling is in the platform. It’s a complete solution.
MeriTalk: This year, the ROSA platform achieved FedRAMP High status. What do FedRAMP High’s additional security controls mean for your existing DOJ and DHS customers, and for those considering the platform?
Hardee: I think it’s confidence. OpenShift provides a secure starting line for our customers to build upon. We already have a DISA Security Technical Implementation Guide for the OpenShift platform, so agencies can be confident that OpenShift meets DISA standards for protecting sensitive information. And now, with FedRAMP High accreditation for the managed service, customers can use OpenShift with an added level of confidence that the platform is secure. The new accreditation also means that industry benchmark compliance profiles are supported, such as NIST 800-53 High-Impact Baseline and PCI_DSS v4 Control Baseline. We’re really proud of that.