While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
As the program manager for the Naval Enterprise Networks Program Office, Capt. Michael Abreu manages 665 SQL Server databases for the Navy Marine Corps Intranet (NMCI), one of the largest SQL users in all of the federal government.
Microsoft will end support for SQL Server 2005 on April 12, and Abreu, like many in government, must carefully carry out NMCI’s transition to a new version.
“We’re never going to be on the bleeding edge,” Abreu says, “but if we can get closer to the latest version, that will help us manage the network better and improve the user experience.”
Government agencies represent some of the largest users of SQL Server 2005, so its end of support presents a large challenge — as well as an opportunity. With so many agencies facing the same transition, the shuttering of SQL Server 2005 creates a chance for federal IT teams to share upgrade strategies and experiences.
SQL Server 2014 is the most recent commercial version of the database management system, and Microsoft plans to release SQL Server 2016 later this year (with a preview version available for users now). These options give federal IT managers a difficult decision: Refresh immediately with 2014, or an older version? Or hold out until SQL Server 2016 makes its commercial debut?
There are different schools of thought on which SQL migration makes the most sense.
Some recommend moving to an already established version, and waiting at least a year after SQL Server 2016’s release before implementing it. In that time, Microsoft can fix early bugs and issue necessary security patches. Others argue that it’s best to be an early adopter of the new platform to take advantage of enhanced features. And adopting SQL Server 2016 now will postpone the next migration further into the future.
About a year ago, Abreu and his team began studying Microsoft’s roadmaps for all products to identify when and where to refresh.
“We looked hard at what was in the queue,” he says. “The more we plan, the faster we can deploy new capabilities.”
Abreu says the Navy migrated a number of servers to different SQL versions such as SQL Server 2008. He expects to be off SQL 2003 and 2005 by the summer of 2017, if not sooner.
That decision of where to migrate is not his alone. The Defense Information Systems Agency must vet each product and provide guidance before programs such as NMCI can implement the solutions. The same requirements exist for other migrations as well, like the inevitable move to Windows 10. As expected, DISA manages a lot of products that require adequate time to be thoroughly tested, especially SQL Server.
A DISA spokesperson says agency partners use multiple SQL Server versions, supporting hundreds of applications, including email, content management, document management, enterprise search, business intelligence and workflow management.
This testing structure includes substantial benefits.
“Our acquisition process puts us in the fast-follower industry,” Abreu says. “Typically, we are six months to a year behind Microsoft’s cycle, which allows the company time to fix any early issues by the time we are ready for full implementation.”
NMCI will also perform engineering reviews of the product to ensure a new SQL Server system works with existing applications and will not disrupt the work of the agency’s 700,000 users.
Abreu says SQL Server’s wide federal use creates opportunities for collaboration.
To that end, the Navy began reaching out to other agencies, both inside and outside of the Defense Department, to share and learn best practices and tactics for SQL Server refreshes (and other IT products too).
An example: the value of monitoring tools, such as Microsoft’s SQL Server Upgrade Advisor and Installation Center, which provide agencies with ongoing support as they migrate to a new version.
These add-on tools have helped at Oak Ridge National Laboratory, says J. Travis Howerton, deputy director of the lab’s IT Services Division. During a SQL refresh, he says, his agency tries to leverage monitoring tools to detect errors. Oak Ridge also conducts automated “smoke” tests, which quickly identify code changes that will likely be needed after an installation.
“We are in the early stages of maturing this process, but we envision significant reductions in manual effort, as well as improved turnaround time for patching once we automate the testing,” Howerton says.
Other useful tools can mitigate expensive custom support agreements, Abreu says.
“Agencies need effective change management and configuration management tools to understand their environment and get projects moving effectively,” he says. “That keeps us from getting too far behind on a project.”
But beyond in-the-trenches demands that any major migration will raise, Abreu recommends that IT teams take advantage of a product’s end of life as an opportunity to regroup and review infrastructure components.
Additionally, program staffs should rethink processes that use these products, he suggests. That way, agencies can both improve processes while also enabling tasks and efficiencies that weren’t possible with legacy versions.
“As we refresh, we must understand what new capabilities are available and how that changes our ability to manage, defend and operate a network at a large scale,” Abreu says.
Agencies that fail to migrate from SQL Server 2005 in time face a host of compliance issues. Learn more at fedtechmagazine.com/SQL2005migration