Need for IPv6 security products may hold up agency compliance

The biggest concern for federal agencies, which are facing the deadline to move their network backbone to Internet Protocol Version 6 in 18 months, is whether the security industry will have enough products to support them.

Three agency officials who are leading efforts to move to IPv6 today expressed concern over the lack of support from security vendors so far, and said federal agencies, such as the National Institute of Standards and Technology and the Defense Advanced Research Projects Agency, will have to provide seed money to move products along.

"Security has not received the same focus as, say, routers," said John McManus, Commerce Department deputy CIO and co-chairman of the IPv6 working group. "The Office of Management and Budget's memo said the security must be at least the same, if not higher. If you can't secure your network, you will not bring it online."

McManus was one of four agency officials to discuss their agency's move to IPv6 at a breakfast in Bethesda, Md., sponsored by the Armed Forces Communications and Electronics Association's Bethesda chapter.

Additionally, the Government Accountability Office is monitoring a handful of agencies', including the Agriculture Department, move to IPv6. Janice Lilja, USDA associate CIO for telecommunications services and operations, said if their systems are not certified and accredited, and all security issues are not addressed, they will not deploy IPv6 components on their network.

The Defense Department is focusing its transition initially on its sensitive but unclassified networks because, in part, of security concerns.

Kris Strance, a senior analyst in the DOD CIO office, said vendors' IP encryptors for the classified and top-secret networks are not IPv6-capable. He said DOD expects to transition to IPv6 on its classified and top-secret networks by 2010.

The National Security Agency has done the specifications of the encryptors, but vendors, such as General Dynamics, Cisco Systems and L3 Communications, have yet to make the commitment to build products and software to those specifications, he added.

In addition to IP encryptors, DOD has provided NSA funding to develop IPv6 standards for firewalls, intrusion detection systems and routers for all their networks.

"Vendors know they need to go there, but it is a business case situation," Strance said. "They need to know there is a demand for the products. We think we have an operational imperative for these products, but the demand in the commercial market is not there. Vendors are not coming on board as fast as we would like."

McManus said that agencies recognize that smaller vendors cannot afford the product development costs to take the "build it and agencies will come" approach.

"These companies have to leverage grant programs from places like NIST and DARPA," he said. "This is an issue that will require consistent attention. I think parts will mitigate over time, especially if civilian and DOD agencies stay on track. Then investments by vendors will follow."

McManus also said NIST will issue draft security standards for IPv6 for agency comment by the end of December. He said it will be out for public comment by the end of January.

"Once security elements are defined, large companies will move," McManus said.

Jason Miller is assistant managing editor of Washington Technology's affiliate publication, Government Computer News.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here


  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.