The Cybersecurity and Infrastructure Security Agency included updates in industry best practices in finalized guidance on IPv6 security considerations for Trusted Internet Connections 3.0 implementation released Thursday.
TIC 3.0 accounts for shifts to cloud computing and other architectures in consolidating agencies’ network connections to limit cyberthreat vectors. CISA‘s guidance explains how the transition of federal networks to Internet Protocol Version 6 (IPv6) will affect network management operations and thereby TIC 3.0 adoption.
CISA released a draft of “IPv6 Consideration for TIC 3.0” in September for public comment on the first piece of guidance addressing the expanded cyberthreat landscape the protocol presents.
“To keep pace with fast-moving technology, the federal government is expanding and enhancing its strategic commitment to IPv6,” said Eric Goldstein, executive assistant director of cybersecurity at CISA, in the announcement. “With our federal partners, we thoroughly reviewed and assessed public comment to ensure this finalized guidance informs and prepares federal agencies on how to properly implement the IPv6.”
The public comment period ended in October, after which CISA adjudicated feedback with the Office of Management and Budget, General Services Administration, and Federal Chief Information Security Officers Council TIC Subcommittee.
Commenters additionally requested federal standards for implementing facets of IPv6 like stateless address auto-configuration, Dynamic Host Configuration Protocol Version 6 and asset management, which CISA plans to address with the Federal IPv6 Task Force in future guidance.
CISA may consider dual-stack environments, implementing IPv6 in the cloud and other use cases in future guidance, based on commenters’ requests.