IBM Lodges JEDI Cloud Protest, Says Single Provider Leaves U.S. Forces Vulnerable


Just days before final bids are due for the lucrative JEDI cloud contract, IBM on Wednesday filed a formal protest with the federal government that argues the Pentagon's decision to go with a single cloud provider creates a military liability.

Big Blue has joined Oracle as the only other company to formally protest the JEDI (Joint Enterprise Defense Infrastructure) selection process with the Government Accountability Office.

The course pursued, and ardently defended, by military leaders "would not provide the strongest possible foundation for the 21st century battlefield," IBM's Sam Gordy, general manager for U.S. Federal, said in a blog post.

The winner-take-all approach is also a bad use of taxpayer dollars, Gordy added.

Sponsored post

[Related: Microsoft Upgrades Services To Meet Federal Compliance Standard Ahead Of JEDI Bid]

"The importance of this transition cannot be overstated: JEDI will be the foundation for integrating advanced technologies such artificial intelligence and augmented reality into America’s warfighting capability," Gordy said.

And the military is making an unprecedented move toward vendor lock-in that "no business in the world would build," he said.

IBM argues the solicitation's requirements were written with just one company in mind, and the military is "mandating a single cloud environment for up to 10 years." That's a departure from best practices adopted by leading enterprises, which are increasingly appreciating the value of multi-cloud environments.

While IBM did not name the single vendor referred to in the missive, its widely understood to be Amazon Web Services.

"Throughout the year-long JEDI saga, countless concerns have been raised that this solicitation is aimed at a specific vendor. At no point have steps been taken to alleviate those concerns," Gordy said.

Insiders with expertise in the government procurement process told CRN there are plenty of tell-tale signs the RFP was indeed written to deliver the award to AWS, which is the only cloud provider currently meeting all the nuanced demands for regional availability, certifications, specs for hardware used in cloud instances, and feature availability across Infrastructure-as-a-Service and Platform-as-a-Service.

"Certain requirements in the RFP either mirror one vendor’s internal processes or unnecessarily mandate that certain capabilities be in place by the bid submission deadline versus when the work would actually begin," Gordy said.

IBM goes as far as suggesting the military is jeopardizing the security of the armed forces by making its IT infrastructure more vulnerable to attack.

"America’s warfighters access to the best technology available across multiple vendors, complicates the integration of legacy applications and walls off access to future innovations. JEDI’s single-cloud approach also would give bad actors just one target to focus on should they want to undermine the military’s IT backbone," Gordy said.

In April, Microsoft, IBM, Dell and HPE all joined Oracle in urging the Pentagon to abandon a winner-take-all approach to the multi-billion contract. Since then, a coalition of nine companies has gelled in opposition to what they believe is Amazon's preordained selection.

According to Bloomberg, which cited internal emails, the five initial protesters were joined by SAP America, General Dynamics Corp.’s CSRA unit, Red Hat and VMware.

One notable company not a member of that coalition is Google, which withdrew altogether from bidding days ago, concerned the military's use of artificial intelligence might not align with the company's values.

But the industry's third-largest public cloud provider, in stepping away from the bidding process, also criticized the single-cloud approach.

The Pentagon has pushed back against complaints and resisted calls to change the nature of the award.

Pentagon brass have said any threat of vendor lock-in can be mitigated by demanding submitted RFPs that include plans that enable the military within two years to switch to another provider. Leveraging application containers is one way, the military believes, it can migrate if it decides not to commit to three- and five-year extensions stipulated in the contract.

Military leaders have argued that deploying workloads across multiple providers will increase security management challenges and make data less accessible to U.S. forces deployed in remote settings, such as naval vessels.