Proudly serving Virginia, Maryland and DC // Call us today! 703.396.6120
V2 SystemsV2 Systems

Federal Government Agency is Modernized

The Corporation for National and Community Service (CNCS) is a U.S. federal government agency that engages more than five million Americans in service through AmeriCorps, Learn and Serve America, Senior Corps, and other national service initiatives. The agency’s mission is to “support the American culture of citizenship, service, and responsibility”. While a government agency, CNCS acts much like a foundation and is the nation’s largest annual grant maker supporting service and volunteering. CNCS, formerly known as the “Corporation for National Service” or “CNS,” was created as an independent agency of the United States government by the National and Community Service Trust Act of 1993.

CNCS performs remote interviews for federal employment personal identification and verification (PIV), creating extensive personally identifiable information (PII). Due to changing requirements and lack of compliance, the legacy system authorization to operate (ATO) was terminated necessitating a platform modernization that met current security specifications.

The operators performing interviews needed secure and remote server-side access to CrossMatch, a biometric identity verification and enrollment application that processes and stores extensive PII. CIS, USGCB and NIST Moderate and High Controls were minimum specifications to obtain a new ATO. Examples included administrative lockdown, encrypted hard drives, multi-factor authentication (MFA) and restricted use of web browsers and all other applications. Further, if cloud services were to be leveraged, it had to be FedRAMP certified and needed to securely communicate with OPM to transfer the PII.

CNCS chose V2 Systems, a long-time member of the Amazon Web Services (AWS) Partner Network (APN), to help them architect, design, build, operate and maintain a modernized platform for federal employment PIV. Based on V2 Systems’ recommendations, CNCS decided to go with AWS because of their FedRAMP certification, monthly billing model, reduced expenses and ease of use. AWS makes it easy to stand up/down virtual infrastructure, resize instances and increase storage without the lengthy procurement or decommission process, while only paying for the services that are required on a monthly basis.

V2 Systems transitioned CNCS from a non-functioning, on-premise system and deployed a state of the art cloud-based environment to AWS Virtual Private Cloud (VPC) with Amazon Machine Images (AMIs) running Microsoft Windows, Amazon Linux and Ubuntu OpenVPN for use on AWS Elastic Compute Cloud (EC2). AWS Elastic Block Store (EBS) provides block level storage for six Amazon EC2 instances. V2 Systems uses separate volumes for the operating system, applications, and storage; runs Alert Logic on AWS to track server and application availability; and takes advantage of AWS CloudTrail for basic monitoring. V2 Systems uses Amazon Simple Storage Service (S3) with Veritas BackupExec to store event logs, database backups and EBS snapshots for system level recovery.

The cloud environment has an established VPN connection to OPM’s primary datacenter using EC2 instances running Openswan, an IPsec implementation for Linux for secure transmission of PII gathered by operators. The environment runs across one availability zone in the US East Region. V2 Systems used security groups and network ACLs to isolate the network traffic between the public and private subnets, OPM and the Internet. Figure 1 shows CNCS’ architecture on AWS.

V2 Systems configured, deployed and supported remote laptops with all scanning equipment (fingerprints, identification, etc.), McAfee ePO for endpoint security including drive encryption, AuthLite & Yubikey for MFA and cellular cards for Internet access through client VPN to connect securely to the cloud PIV platform.

CNCS, through the partnership of V2 Systems and AWS, was able to avoid a costly and lengthy deployment process, expedite the launch of service, increase availability and reduce costs, while meeting the stringent security requirements by leveraging a FedRAMP certified cloud.

Migrating to AWS was a smooth process that remained within budget for both the implementation and production environment. After embracing V2 Systems and the power of AWS Cloud, CNCS re-obtained their ATO knowing that the flexibility of their new platform would be able to scale and adapt to the changing needs of the agency’s mission.

Concentrate on your vision… We’ll handle the technology.

Happy to help!

Call us at 703.396.6120 or fill out the quick form below and we’ll hit you back right away.

Ask about our specials before the end of the month!