T-Rex SMART™ Framework: Modernizing and Securing Environments

T-Rex SMART™ Framework: Modernizing and Securing Environments

Date: October 7, 2020

T-Rex has designed, built, integrated, and operated some of the world’s largest mission critical systems for our government clients who need to leverage the power of data & the cloud while also holding to aggressive schedules. To support this, we developed the T-Rex SMART™ Framework that offers an Agile and iterative methodology to take advantage of new platforms while meeting critical missions. This approach allows for micro or macro modernization in a structured fashion allowing for agencies to take advantage of available modernization funds. There are 5 steps to our framework:

S – Strategize and Stabilize

We leverage and enhance existing enterprise architecture (EA) roadmaps and perform application rationalization to establish a “landing zone” strategy for target applications. We take a structured approach to determine the most appropriate operating models (e.g., Cloud, on-premise virtualization, or bare metal) that should be considered for the greatest business benefit. The application rationalization task takes into account several factors in recommending a modernization path, including:

  • Licensing and cost optimization;
  • Cost, health, and longevity of the current hosting environment;
  • Overall value of the application to the mission and consideration of redundancies; and
  • Impact of current risk, schedule, and staffing baselines on modernization paths and movement to target stable platforms.

We then stabilize our project baselines. This includes the technical baselines such as requirements and functionality baselines, and the Implementation and Integration Plan (IIP). The IIP establishes the schedule and sequencing of modernization efforts that facilitates enterprise coordination.

M – Management and Framework

Once landing zones are determined, we establish or integrate with a management framework to provide a reporting mechanism and identify enabling tools. The framework defines core services (e.g., Network Segmentation, Configuration Management Database (CMDB), Continuous Diagnostics and Mitigation (CDM), Information Technology Service Management (ITSM), DevSecOps, and monitoring) to re-use or establish early to avoid rework and the associated added costs of doing this late. In addition, this is an important time to manage the start of FISMA compliance activities as well as provide cross-training for existing O&M staff.

A – Automate

Within the management framework and enabling tools, automation should be maximized to assure repeatability, consistency, and easy access to critical information. The core of our automation capability comes from our DevSecOps solutions, promoting automation of deployments, testing, scanning, and more. We start with discovery of existing processes and standards and then work with stakeholders to develop a roadmap to DevSecOps adoption and process and technology modernization.

R – Modernization (the 7 R’s)

Analysis of target applications determines which of the seven modernization options should be taken. The 7 R’s include: Relocate, Repurchase, Refactor or Rearchitect, Replatform, Rehost, Retire, and Retain. This is not just a one-time assessment. Our process is built to be revisited on a regular basis to determine if either technology or business factors have changed which approach is required for the applications.

T – Transition to Operations

After the application is moved, we execute our operational cut-over and monitor performance with existing O&M staff until all stakeholders sign off on a successful transition. Prerequisites to this cut-over include the completion of the ATO process to assure that Authorizing Officials and System Owners have accepted the documented security risks, implementation of controls, and any residual risk if applicable. In addition, T-Rex staff responsible for application modernization and migration engage with current system team members and operational support staff to capture and implement updates to existing O&M processes.

To learn more about T-Rex’s methodologies, check out the following:


recently posted
2020 Census Recognized as Top 10 “Most Influential Projects” Across Government

2020 Census Recognized as Top 10 “Most Influential Projects” Across Government

Each year, the Project Management Institute (PMI) recognizes the “Most Influential Projects” by industry, region and overall. These projects showcase “compelling efforts across industries and around the world that achieved a significant milestone,” said PMI President & CEO Sunil Prashara.1…

T-Rex Introduces Cloud to Cloud via Containers (C3)

T-Rex Introduces Cloud to Cloud via Containers (C3)

Containerization, Multi-Cloud and portability are fundamental to any successful Cloud migration. As part of the T-Rex SMART™ Framework which we use to modernize and secure IT infrastructure, T-Rex has developed a Cloud to Cloud via Containers (C3) portability strategy.  This…

T-Rex Ranked #1 Civilian Cloud Contractor by GovWin from Deltek

T-Rex Ranked #1 Civilian Cloud Contractor by GovWin from Deltek

Each year, Deltek publishes a Federal Cloud Computing Market analysis, which focuses on key policy, acquisition and spending trends. T-Rex is featured in this report as the Top Civilian Cloud Contractor (FY2017-2019).  T-Rex’s Technical Integration work for the U.S. Census…

T-Rex Internal AWS GameDay

T-Rex Internal AWS GameDay

Modeled after Amazon Web Services (AWS) GameDay for Public Sector Partners, T-Rex held a virtual GameDay to support our core value of Continuous Learning and Agility and Innovation. T-Rex invests in programmatic planning to provide virtual technical training sessions. As…