Telework was not the norm for most federal employees. In a matter of weeks, the Coast Guard successfully met the needs of the Coast Guard office staff that now had a requirement to “work-from-home” due to the COVID-19 pandemic. Over many months the C5ISC and CGCyber increased remote access tenfold. The Coast Guard C5I community is positioned to continue growing this capability into 2021.
“Before COVID, we had the ability to support 2,500 concurrent users on our virtual network,” explained Tom Pedagno, deputy chief of the infrastructure services division within the C5I Service Center (C5ISC). This meant that only 2,500 individuals could be on the Virtual Desktop Interface (VDI) from their home computer at any one time. The Coast Guard also had a pilot Virtual Private Network (VPN) capability, which allowed a limited group of special users to complete more complex tasks remotely.
“[What we had pre-COVID] was a fairly robust solution to meet the need at the time,” explained Pedagno. “It provided a path for non-drilling Reservists to stay connected to [Coast Guard] operations. It also allowed your average employee to work from home one day a week and offsite contractors to gain the basic access they needed while keeping the Coast Guard’s network safe from outside threats.”
In early March, however, new stay-at-home orders and social distancing measures more than tripled the Coast Guard’s needs for remote access in a matter of days.
While many went home to makeshift home offices at kitchen tables, the individuals at the former Telecommunication and Information Systems Command (TISCOM—now a part of the C5ISC) stayed hard at work. “We were tasked with finding a way to rapidly give people access to the Coast Guard networks at home,” said Pedagno about the need to urgently scale the networks. “To do this safely and securely was no easy feat.”
The people responsible for working on this unique challenge were presented with two sometimes competing demands: providing individuals access to their Coast Guard information from home and keeping the Coast Guard networks safe from outside threats. While many felt unable to do their jobs without full access to their files, opening tens of thousands of access points into the Coast Guard’s network also provides cyber attackers that many more opportunities to intrude and wreak cybersecurity havoc. Both demands are equally important to the overall mission readiness of the Coast Guard.
“In order to properly solve this crisis, our team prioritized four key elements that we felt defined success in this new environment,” said Pedagno. These were: improve end-user capabilities (e.g. getting people access to the files they needed); support more remote users on the Coast Guard’s network (i.e. getting more individuals on VDI or VPN); improve external bandwidth (i.e. allow more individuals to access the network at once); and increase the number of people with government-issued laptops (the equipment necessary to support VPN capability).
“We began by expediting a procurement of special hardware that enabled us to more than triple our remote access,” explained Pedagno. This nearly tripled the capability of VDI from 2,500 users at any one time to 7,000 users.
VDI, however, did not give individuals access to specialized applications that may have been installed on their work computer. “VPN offers a better end-user experience compared to VDI,” said Pedagno. “VPN was also more secure, which made it the best overall solution.”
By early April, thanks to the hard work of Coast Guard engineers, the VPN capability went from a limited group of users to 15,000 users. These engineers drafted code that created a private tunnel when the user opened their computer. This private tunnel made a safe and secure connection to Coast Guard networks and was, as Pedagno explained it, “a huge technological accomplishment”
To provide VPN access to even more people, the Coast Guard rapidly acquired additional networking hardware. This investment increased the numbers of potential users to access CG-VPN by June 2020 from 15,000 users to 40,000 users—about 72% of the total Coast Guard workforce.
To make full advantage of the increased remote access capability, the Coast Guard expedited a purchase of an additional 8,000 laptops.
Because the Coast Guard does not buy computers with operating systems pre-installed, these 8,000 laptops needed to be loaded with the system Windows 10 Secure Host Baseline to be functional. To accomplish this, a special factory—the Imaging Factory—was stood up to facilitate and accelerate the process of getting the VPN-enabled laptops to the field.
“The imaging factory was working two or three shifts a day to get these laptops ready for use,” said Pedagno. “We knew that the workforce was, now more than ever, dependent on us to be able to work safely and efficiently from home. We were highly motivated to get these laptops deployed as quick as possible, knowing that it would help prevent fellow Coasties from becoming infected with the corona virus.”
Beyond providing laptops with ready VPN access, people involved in the COVID-19 network expansion efforts also improved the external connection to Coast Guard’s network—aka bandwidth—tenfold. “As Capt. [Russell] Dash explained it, we moved from a single country road to a ten-lane superhighway in just a few short weeks,” said Pedagno. In the end, the Coast Guard went from a total of 1.5 Gbps of external connection to 30 Gbps in only two months.
“It was an all hands on deck evolution,” said Pedagno. “We are happy with the success that has occurred and are committed to supporting whatever the new normal is for the Coast Guard and across the country.”
Decisions regarding how many connections to support with VDI and VPN were made with the future in mind. The Coast Guard’s Technology Revolution goal is to enable a more mobile workforce. The COVID-19 pandemic response has in many ways expedited achieving this goal.
“We have proven that the IT infrastructure can successfully support a large portion of Coast Guard personnel to be able to work from home simultaneously.” said Pedagno. “We are committed to maintaining the reliable and agile network that the Coast Guard needs to support this more mobile workforce.”
Looking to the future, the workforce can continue to expect top-of-the-line support regarding working from home. There is already funding in place to purchase more laptops that are lighter and more efficient, providing even more members with an enhanced telework experience. “Ultimately we want to have 75% of the Coast Guard working from laptops,” said Pedagno. “Whereas before this occurred, we had about 75% of the workforce working on desktop computers—meaning you had to be in the office to do your work.”
Additional efforts are also being pursued with Microsoft 365 that should enable better collaboration and cooperation in this new remote environment.
The incredible increase in remote access capability would not have been possible without the support of the C5ISC Commanding Officer, Capt. Russell Dash, and those who make up the Infrastructure Services Division, Asset Logistics Division, Office of Contracting and Procurement (CG-914), and C5I Project Management Office (CG-68). “I would also like to acknowledge the cooperation of and partnership with CG Cyber who seamlessly operate and maintain these enhanced teleworking solutions,” said Pedagno. “They were also instrumental in clearing the hurdles to enable the enterprise-wide deployment of the Department of Defense Commercial Virtual Remote (CVR) TEAMS environment.
We do our best, working with other enterprise partners, to provide the workforce with the tools they need to be a productive mobile workforce while maintaining a secure environment,” said Pedagno.
So if you are reading this article from your home office—be it the couch, the kitchen table, or your at home desk—you now know the time and effort that went into that notion becoming a reality.