This document summarizes a webinar presented by SolarWinds on improving Federal agencies' scores on the Federal IT Acquisition Reform Act (FITARA) scorecard. It discusses how consolidating monitoring tools onto the SolarWinds Orion platform can help agencies optimize licensing costs, modernize infrastructure to improve performance, and enhance cybersecurity compliance. The webinar covered how SolarWinds products can help agencies gather device and utilization data, modernize networks and data centers, and improve compliance reporting.
28. @solarwinds
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are
the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are
registered with the U.S. Patent and Trademark Office, and may be
registered or pending registration in other countries. All other SolarWinds
trademarks, service marks, and logos may be common law marks or are
registered or pending registration. All other trademarks mentioned herein
are used for identification purposes only and are trademarks of (and may be
registered trademarks) of their respective companies.
Hinweis der Redaktion
Proposed timeline-
SolarWinds overview (5)
FITARA overview (5)
Improving your FITARA scorecard (18)
IT tools consolidation
Modernize and consolidate
Improve compliance
Additional resources (2)
Demonstration (25)
Q&A (5)
Why FITARA?
FITARA was enacted in response to specific federal IT challenges:
Duplicate IT spending between and within agencies
Struggle to understand cost & performance of IT investments
Lack of visibility into IT spend
Inability to benchmark IT spend within federal entities and between federal and private-sector counterparts
FITARA helps solve these challenges because it both requires greater transparency for agency IT spending, and gives the agency CIOs the authority to address the challenges and improve efficiencies.
What are the objectives of FITARA?
The legislation specifically identified 10 objectives, including:
Aligning IT resources with agency missions and requirements
Strengthening federal agency CIOs’ accountability for IT costs, performance, and security
Enabling effective planning, programming, budget and execution for IT resources
Providing transparency into IT resources across agencies and programs
• Scorecard compiles data for 24 covered agencies
GAO released latest scorecard in June 2019
Scores have been mediocre; highest overall grade B+
50% of scores were unchanged; 25% went up and 25% went down
The columns on the right are used to calculate agency score (we’re going to explore them in the next slide)
For the four agencies with two grades on the Scorecard, the grade on the left displays what they received, and the grade on the right displays what they would have received if DCOI was taken into account
The FITARA scorecard has been evolving since its introduction, and we are currently on version 8.0. The ratings on these initiatives is used to determine the overall grade, which is important to your CIO and agency leadership. Let’s have a closer look-
CIO authority enhancements
Develop policy to explain how the authorities provided by FITARA are to be carried out
Transparency and risk management
This is an assessment of risk and the investment’s ability to accomplish its goals
Portfolio review
This is each agency’s total portfolio savings divided by its total IT budget; the result is compared to the leading agency’s ratio
Data Center Optimization Initiative (DCOI)
In 8.0 DCOI score was included, but removed from the calculation (due to congressional concerns over policy revisions)
Includes an inventory of data centers and a strategy for consolidating and optimizing the data centers including planned cost savings
The scorecard grades are based on the percentage of planned savings achieved
Software licensing (MEGABYTE)
Centralize the management of software licenses
MEGABYTE includes inventory of software licenses held by the agency, an analysis of software usage and agency goals covering the use of software within the agency
Modernizing Government Technology (MGT)
Tracks agency progress on the Modernizing Government Technology (MGT) Act; MGT is a revolving fund for legacy modernization projects
Cyber (FISMA)
7.0 compiled data on FISMA compliance, but now 8.0 includes it in the scorecard calculation
This chart summarizes the grades achieved by initiative. [chart appears to be organized based on the number of Fs; please think of a few things to say]
This is the same as previous slide with orange highlights were SolarWinds can help.
We don’t help with policy or project risk assessment or transparency
Portfolio review
The government is trying to reduce the proliferation of duplicative and low priority investments in IT
The idea is to consolidate acquisitions and increase the use of shared services
We feel that this applies to network and systems monitoring and not just to email, O365, etc.
Standardizing on SW reduces costs and simplifies operations and we’ll explore this again soon
Data Center Optimization Initiative (DCOI)
Our systems management tools can help a lot here
We provide visibility to systems and their performance/utilization and help ensure smooth transitions
We’ll delve into this in detail
Software licensing (MEGABYTE) [this is light orange because our support is light for this initiative]
Our systems management tools will inventory the applications on the nodes we’re monitoring, but there are probably better tools to help with enterprise licensing
SolarWinds certainly feels that standardizing on our products and consolidating licensing across an agency has benefits
Modernizing Government Technology (MGT)
This initiative involves those large modernization project we all hear about
We don’t help with legacy app dev, but our tools can help with network and systems modernization, which should be a part of these larger programs
Cyber (FISMA)
We have a range of tools that support FISMA compliance, including NCM and SEM
We could spend an hour on this (and regularly have webinars on the topic) but we’ll certainly touch on it later
NPM data collected includes manufacturer, serial number, operating system, MAC and IP addresses, and topology information
SAM server monitoring performance, includes
CPU, memory, and storage, including predictive analytics
Server storage volume monitoring and capacity planning
Creates a centralized hardware and software asset inventory
Including server warranty status, driver software, hard drive inventory, and custom properties
Planning requires right-sizing, acquiring and redeploying assets. Consideration should be given to future growth; get rid of IPv4 devices, etc.