CISA Publishes Draft Guidance for Government Transition to IPv6
The Cybersecurity and Infrastructure Security Agency has published draft guidance to help government agencies securely transition to Internet Protocol version 6.
IPv4 uses the 32-bit format, which limits the maximum number of addresses to less than 4.3 billion. IPv6 offers a virtually limitless number of IP addresses.
The pool of IPv4 addresses was exhausted in 2011, requiring agencies to strictly manage addresses with network address translation, CISA said.
Government agencies currently use a dual-stack configuration that runs IPv6 alongside IPv4, a measure designed to address the former’s lack of backward compatibility.
CISA’s guidance is aimed at informing agencies of their responsibilities to carry out the transition as well as offering awareness regarding IPv6 security considerations.
The agency noted that the document is not intended to be prescriptive but to be architecture-agonistic and as widely applicable as possible across the government.
Roat said that federal agencies need to completely transition to IPv6 before they can achieve zero trust, a modern security model that restricts access for all network users by default.
Zero trust is a key element of President Joe Biden’s May 12 executive order on modernizing the federal government’s cybersecurity.
CISA’s Trusted Internet Connection program office will accept public comments on the document through Oct. 15. The agency is specifically interested in other IPv6-related or security challenges that need to be considered.
Category: Federal Civilian
Tags: CISA Cybersecurity and Infrastructure Security Agency draft guidance Executive Order federal civilian IP address IPv4 IPv6 Joe Biden Maria Roat Wash100