The Cybersecurity and Infrastructure Security Agency (CISA) released the finalized ‘IPv6 Considerations for TIC 3.0’ guidance document today, providing security considerations related to implementing the Trusted Internet Connections (TIC) 3.0 as Federal agencies transition to IPv6.
“To keep pace with fast-moving technology, the Federal government is expanding and enhancing its strategic commitment to IPv6,” said Eric Goldstein, executive assistant director of cybersecurity at CISA, in a press release.
The guidance reflects the directive outlined in the Office of Management and Budget (OMB) M-21-07, which calls for agencies to upgrade their infrastructures to use IPv6. It’s intended to broadly support the government-wide deployment and use of the IPv6 network protocol.
Additionally, it provides IPv6 protocol information to enable a general understanding, informs agencies of their responsibilities concerning OMB M-21-07, aligns TIC 3.0 security objectives and security capabilities to support IPv6 securely, and offers awareness and guidance regarding IPv6 security considerations.
CISA collaborated with OMB, the General Services Administration, and the Federal Chief Information Security Officers Council TIC Subcommittee to finalize the guidance. The final version also echoes public feedback CISA obtained from an October 2021 request for information.
“With our Federal partners, we thoroughly reviewed and assessed public comment to ensure this finalized guidance informs and prepares Federal agencies on how to properly implement the IPv6. We greatly appreciate every person and organization that took the time to provide comment, which reflects the community’s focus on strong and usable security practices and CISA’s commitment to robust partnership.”