Where it All Began: The Migration to the AFNet
In 2007, there were over 250 separate Air Force domains supporting 840,000 accounts and 1.9 million computing objects at 12 Major Commands (MAJCOM) worldwide. These networking “silos” led to standardization problems; skyrocketing operations, maintenance, and security costs; and a lack of enterprise-wide cyber situational awareness. The Air Force knew that to achieve efficiencies in scale, security, cost, and use, it had to create a single, centrally managed network with enforceable policies and
standards—otherwise known as the Air Force Network (AFNet). From approximately 2007 to 2014, the Akima portfolio of companies served as the primary contractor for all technical aspects of the AFNet migration. The Akima team helped to collapse individual/standalone networks for the Air Force, Air Force Reserve, and Air National Guard into a single global network under operational and management control of a single commander—migrating more than 840,000 user accounts worldwide.
Akima’s team of 80 systems engineers either led or were part of a team responsible for:
The initial design of the Air Force Active Directory forest (the highest level of organization in Active Directory)
- Advanced system engineering support for both secure and non-secure Microsoft Active Directory and Exchange (ADX) environments
- Supporting user, group, e-mail, computer, and file migrations from Base/MAJCOM ADX environments to the AFNet environment
- Design, testing, and implementation of virtualization technologies on the type of commodity
- Migration of Air Force custom applications and Command and Control systems
- Creating customized programs to modify data enabling commercial-off-the-shelf applications to work effectively in the Air Force enviroment (e.g the User Mapping Tool)
- Installing server equipment hardware and software
- Providing network optimization and troubleshooting support for base level and enterprise data center network equipment and clients
- Shutting down legacy environments
Upgrading, Securing, & Supporting the Network
Once the migration was complete, Air Force leadership quickly realized that their existing enterprise service desk (ESD) wasn’t built to handle the increased volume of support tickets. Users routinely waited on hold for more than 60 minutes when they called the ESD for assistance. Working closely with Akima, the Air Force created an innovative virtual Enterprise Service Desk (vESD)—an automated system that streamlined resolution of email, network, software, hardware, and phone issues. Users who previously would have called the IT service desk could now use an automated menu to self-identify service issues. After answering a few questions, the system directed a user to an automated fix or a walkthrough, if available. If the fix worked, a call to the service desk was avoided. If the fix did not work, or an automated solution was not available, the system sent a request to the ticketing system with all the background information already available. In its first year of operation, the vESD saved more than 200,000 support hours and approximately $14 million in user IT support, and it reduced the time to resolve many issues
to under 10 minutes. The vESD remains in operation today and now comes as part of the standard suite of applications on all Air Force workstations.
As the years progressed, some of the original servers and equipment fielded during the AFNet migration started facing end of life. Akima teams were called upon to perform widespread technical refreshes of the ADX infrastructure. Through a series of contract awards between 2014 and today, Akima companies
have conducted tech refreshes at nearly 200 Air Force locations around the globe. The technical refreshes focus solely on the Non-Secure Internet Protocol Router Network (NIPR) hardware that aligns with the overarching effort to transition to the Joint Information Environment (JIE) and Installation Service Node/ Installation Processing Node (ISN/IPN).
The ADX technical refresh effort also supports the Federal Data Center Consolidation Initiative (FDCCI) and JIE by establishing a standardized IT network communication and computing environment that hosts applications critical to supporting the base mission in disconnected operations, serving as a precursor
to the ISN. Additionally, the ADX infrastructure being deployed is scalable to meet the future needs of the Air Force IPN infrastructure, which will modernize and consolidate base level data processing centers.
The equipment procured and deployed during the ADX tech refreshes serves as a complete replacement of the legacy ADX equipment and encompasses compute, storage, and network requirements for 100 Air Force locations and 78 Air National Guard sites across the globe.
Now and Into the Future: Sustaining the Network
Since the completion of the AFNet migration project right up to today, the Akima team has played a vital role in the sustainment of the AFNet for the U.S. Air Force’s Cyber Capabilities Center (CCC).
For over 13 years, Akima companies have delivered services across nine core areas, performing modernization and sustainment activities; Tier III level support, problem, and incident management activities; configuration and change management tasks; and accreditation and authorization support function under the Risk Management Framework (RMF).
The core services sustained by Akima include:
- Active Directory
The Akima team serves as the Active Directory (AD) administrator for the entire Air Force, supporting a broad range of directory based identity-related services for more than 1 million AD objects (user accounts, distribution lists, printers, etc.).
Akima led migration activities for the Air Force’s email migration to Office 365, as well as delivered pre- and post-migration support (including troubleshooting for users) and continues to maintain 35
active Exchange servers. During the move to Office 365—one of the largest in Microsoft’s history—Akima teams decommissioned 290 Exchange servers, resulting in an 89% reduction in the overall
server footprint for the Air Force. Moving to Office 365 helped the Air Force significantly reduce the burden of email administration, as well as lessen the need for future technical refreshes thanks to
the built-in scalability of the cloud.
- Microsoft Endpoint Configuration Manager (MECM)
The Akima team worked together with Microsoft to configure and deploy Microsoft Endpoint Configuration Manager (MECM) for the Air Force, playing the lead role in its implementation and
continued maintenance. Currently the Air Force has the world’s largest environment for MECM which protects over 700,000 endpoints, surpassing large enterprises such as Walmart and
Citibank. Maintaining a healthy MECM environment ensures the ongoing safety, security, and integrity of the AFNET.
- Systems Center Operations Manager
Akima configured—and now maintains—the Systems Center Operations Manager (SCOM) for the Air Force, providing comprehensive infrastructure monitoring and ensuring the predictable performance and availability of vital applications.
- Mobile Devices
The Akima team supported migrations from legacy mobile phone server platforms such as BlackBerry and Good Mobile to modern platforms—and continues to support all mobile device
management activities for users across the globe. Recently, the team supported the transition to DISA’s Purebred Application for PIV certification delivery to mobile devices, partnering
with BlackBerry engineers to design, test, and integrate new capability, as well as transition an initial 6,000 out of 32,000 corporately owned/personally enabled (COPE) mobile devices.
The team also implemented a solution for Device Enrollment Protection (DEP) enrollment and Volume Purchase Program (VPP) for application distribution, among other key tasks.
- Virtual Enterprise Service Desk (vESD)
A team of five Akima employees provide ongoing development and support for vESD. To keep the system running as effectively as possible, they meet regularly with Air Force technicians
who work on the IT service desk to review high-ticket items. if a high-ticket item is no longer relevant, the Akima team replaces it in the automated system with one that needs more
attention. Additionally, Akima provides tier 3 level support for AFNet Core Capabilities and Enterprise Services, working in close conjunction with the network and cyberspace operations
squadrons to keep the AFNet operational. When tier 2 personnel cannot resolve an issue or restore service, they call the tier 3 technicians at the CCC for support.
- Directory Resource Administration (DRA)
Akima helps individual bases and groups administer AD with granular delegation of specific privileges, reducing the number of “power” administrators required by the Air Force. The result:
improved configuration management and increased security of the network.
- Skype for Business
The Akima team is responsible for operating and maintaining one of the largest Skype for Business environments in the world.
- Virtual Private Network (VPN)
Akima supports VPN requirements for the Air Force, helping to safeguard user identities and deliver a stronger overall security posture. In response to the unprecedented transition to maximum telework in early 2020 due to COVID-19 (from 10,000 users to more than 500,000), the Akima team quickly integrated VPN upgrades with AD and MECM, creating more than 15 new AD sites, deploying new domain controllers, and installing and configuring new Software Update Points (SUPs) and Distribution Points (DPs). The team also strengthened the MECM to ensure proper patching and software upgrade rollouts over VPN connectivity, as well as simplified the transactional path to Office 365 by removing redundant components and allowing traffic and connections to ensure users could reach their email over the most efficient network paths.
In addition to the nine core services listed above, Akima delivers ancillary IT support services for:
- Akima is helping the Air Force upgrade servers at major bases across the U.S. and create a single patching environment across legacy domains.
- Capacity Planning
Our teams provide oversight for virtual environments to ensure proper utilization of memory, CPU, hard disk space, etc.
Akima personnel developed scripts that run against Air Force servers to ensure security settings remain intact, delivering a comprehensive view across more than 600,000 global workstations.
- User Experience
Akima team members are involved in “ROLE-IT” initiatives for the Air Force, supporting the cleanup of base logon scripts and outdated/duplicate GPOs in an overall effort to reduce user logon times.
- Working closely with Microsoft, Akima teams developed (and now maintain) a dashboard the consolidates information from MECM, SCOM, PowerShell scripts, and other key sources for base leaders, providing a comprehensive view into the status of key security/patch level settings for workstations.
- IT Service Management (ITSM)
Akima serves as a trusted advisor for the CCC, helping to develop ITSM processes and governance structures in response to the DoD Enterprise Service Management Framework (DESMF) mandated
in 2015 by then DoD CIO, Terry Halvorsen. Our SMEs played an instrumental role in the development of the AFITSM Process Guide—a SharePoint repository encompassing all the processes needed to support the adoption of the AFITSM program.
- Change/Configuration Management
Starting with a collection of 217 disparate, non-standardized, and often duplicative change process models, Akima’s experts helped the Air Force reduce that number to 49 universally relevant models with automated workflows for use across the entire Air Force enterprise reducing hundreds of labor hours needed to review, process, and approve enterprise change requests. These processes are followed by Air Force technicians daily to manage configurations of and changes to the AFNet.
In an age of information dominance, IT is a critical mission enabler. Akima is proud to play a critical role in the Air Force’s continued IT transformation. At any given time, our engineers and technicians are involved in a portfolio of approximately 35 to 40 ongoing projects managed by the CCC. Together, we are ensuring the availability, integrity, and security of a robust network that connects today’s Airmen and Guardians from the ground, to the skies, to space.