The Cybersecurity and Infrastructure Security Agency (CISA) released the finalized “IPv6 Considerations for TIC 3.0” guidance document today, providing federal departments and agencies with security considerations related to TIC 3.0 implementation as they transition to IPv6.
The Trusted Internet Connection (TIC) initiative was originally established to consolidate network connections throughout the federal government, limiting the number of threat vectors and increasing security. In its modernized form, TIC 3.0 is designed to account for shifts to cloud computing and other architectures. While the federal government embraces TIC 3.0, the internet as a whole is undergoing a shift to IPv6. IPv6 is the next generation of IP standards slated to replace the current IPv4. An IP address is a numerical identifier assigned to every device that connects to the internet. This IPv6 guidance is intended to broadly support the government-wide deployment and use of the IPv6 network protocol. This document explains the background of IPv6, lists security considerations for the protocol in relation to TIC 3.0 security capabilities, and provides awareness of IPv6 security features according to the TIC 3.0 guidance.
“To keep pace with fast-moving technology, the federal government is expanding and enhancing its strategic commitment to IPv6,” said Eric Goldstein, Executive Assistant Director of Cybersecurity, CISA. “With our federal partners, we thoroughly reviewed and assessed public comment to ensure this finalized guidance informs and prepares federal agencies on how to properly implement the IPv6. We greatly appreciate every person and organization that took the time to provide comment, which reflects the community’s focus on strong and usable security practices and CISA’s commitment to robust partnership.”
The finalized version reflects the inclusion of feedback provided during the public comment period that ended in October 2021. In partnership with OMB, the General Services Administration (GSA), and the Federal Chief Information Security Officers (CISO) Council TIC Subcommittee, CISA adjudicated feedback and revised the draft “IPv6 Considerations for TIC 3.0” to create this finalized version.
A summary of the feedback provided, as well as CISA’s response, is available in a fact sheet, “Response to Comments: IPv6 Considerations for TIC 3.0.” CISA recognizes that this is just a starting point for agencies transitioning to IPv6. CISA will continue to work with the Federal IPv6 Task Force to support agencies in this transition.