gogo6 IPv6 Video Series. Event, presentation and speaker details below: EVENT gogoNET LIVE! 3: Enterprise wide Migration. http://gogonetlive.com November 12 – 14, 2012 at San Jose State University, California Agenda: http://gogonetlive.com/4105/gogonetlive3-agenda.asp PRESENTATION Panel Discussion: Small Steps for USGv6 a giant leap for Internet-kind? Abstract: http://www.gogo6.com/profiles/blogs/the-largest-transition-to-v6-ever-small-steps-for-usgv6-a-giant Presentation video: http://www.gogo6.com/video/panel-discussion-small-steps-for-usgv6-giant-leap-for-internet-at Interview video: http://www.gogo6.com/video/interview-with-john-leland-lee-at-gogonet-live-3-ipv6-conference SPEAKER John Leland Lee - CTO, Internet Associates - Moderator Bio/Profile: http://www.gogo6.com/profile/JohnLelandLee MORE Learn more about IPv6 on the gogoNET social network http://www.gogo6.com Get free IPv6 connectivity with Freenet6 http://www.gogo6.com/Freenet6 Subscribe to the gogo6 IPv6 Channel on YouTube http://www.youtube.com/subscription_center?add_user=gogo6videos Follow gogo6 on Twitter http://twitter.com/gogo6inc Like gogo6 on Facebook http://www.facebook.com/pages/IPv6-products-community-and-services-gogo6/161626696777

1. Federal IPv6 Working Group
Innovative IPv6 Implementation with
Least Cost Funding
John L Lee, CTO
Co-Chair, IPv6 Address Planning Team, ACT-IAC,
Federal IPv6 Task Force
Internet Associates, LLC A Certified VOSB
November 13, 2012 1
•©2012 Internet Associates, LLC; All Rights Reserved..

2. Disclaimer
 The opinions contained in this brief are
those of the author and do not reflect an
official position of the United States
Government, ACT-IAC, Internet Associates
or any other entity
2

3. USG IPv6 Strategy
 Integration with other CIO/IT initiatives
 Integral to Digital Government
 DNSSEC, Trusted Internet Connection (TIC)
 No or small incremental costs for v6
deployment – this is a funded initiative
 Federal Acquisition Regulations (FAR)
 Federal Enterprise Architecture (FEA)
 Sustainment and Technology refresh dollars
 Conformance Testing
3

4. USG IPv6 Timeline
 1994 Forward - USG involved in Next Gen Network
 Oct. 2003 - DoD mandates IPv6
 August 2005 - Memorandum M-05-22, “Transition Planning
for Internet Protocol Version 6 (IPv6)” (June 2008)
 June 2008 - IPv6 traffic passed on USG backbones
 May 2009 - Initial release of Roadmap Document
 Dec. 2009 - FAR IPv6 regulations go into affect
 Sept. 2010 - OMB Memo on “Transition to IPv6”
 July 2012 - Version 2.0 Roadmap Document Released
 Sept. 2012 - 35% of USG Domains
 Sept. 2014 - v6 supported on certain backbone elements
4

5. Federal IPv6 Task Force
5

6.  is a non-profit, public-private partnership dedicated to
improving government through the application of
information technology. ACT-IAC provides an objective,
ethical and trusted forum where government and industry
exchange information and collaborate on technology
issues in the public sector
 Networks & Telecommunications SIG
 IPv6 Working Group
 Address Management
 Project Plan
 Security
6

7. FAR IPv6 Requirements
 FAR 7.105(b)(4)
(iii) For information technology acquisitions using Internet Protocol, discuss whether the requirements
documents include the Internet Protocol compliance requirements specified in 11.002(g) or a waiver of these
requirements has been granted by the agency’s Chief Information Officer.
 FAR 11.002(g)
(g) Unless the agency Chief Information Officer waives the requirement, when acquiring information technology
using Internet Protocol, the requirements documents must include reference to the appropriate technical
capabilities defined in the USGv6 Profile (NIST Special Publication 500-267) and the corresponding
declarations of conformance defined in the USGv6 Test Program. The applicability of IPv6 to agency networks,
infrastructure, and applications specific to individual acquisitions will be in accordance with standards identified
in the agency’s Enterprise Architecture (see OMB Memorandum M-05-22 dated August 2, 2005).
 FAR 12.202(e)
(e) When acquiring information technology using Internet Protocol, agencies must include the appropriate
Internet Protocol compliance requirements in accordance with 11.002(g).
 FAR 39.101(e)
(e) When acquiring information technology using Internet Protocol, agencies must include the appropriate
Internet Protocol compliance requirements in accordance with 11.002(g).
7

8. Federal CIO Initiatives
 Digital Government -Building a 21st Century
Platform to Better Serve the American
People
 IT Modernization, USG Configuration
Baseline, HSPD-12 ( Secure ID)
 Cloud Computing: Cloud First Strategy
 Federal Data Center Consolidation Initiative
(FDCCI)
 Server, Appliance or Virtual Machine
8

9. Federal CIO Initiatives …
 2012 Planning Guide/Roadmap Toward
IPv6 Adoption within the U.S. Government
 Supports a Central Addressing Authority
 Secure Network wide Access
 Automated IP Address Planning, Design,
Management and Deployment
 Multi-vendor DNS, DHCP AND AAA
 Auto generation of A, AAAA and reverse zone RR
9

10.  This is not your fathers v4
network …
 Do not apply v4 thinking and design
constraints to v6 networks
Ron Broersma, DREN Chief Engineer
10

11. Network Reliability Categories
 National Command Authority
 Life Safety FAA, Medical, Fire, Police
 Service Provider 5,000 - 10,000
 Enterprise 100 - 1,000
 “Home” or Subscriber 1 - 10
 Service Provider Network Requirements
 Designed, Engineered, Secured and Tested
 Integrated, Automated systems
 Two vendor policy for devices, network services
(DNS, DHCP, AAA) and circuits
11

12. Operating Support Systems Network Management
Device Inventory Device OS
Device & Interface Config Device Status
Interface Status
IP Address List IP Address List
IP Address List
Identity Management
Security Policy
BGP & DNS SEC
Cyber Security
12

13. Operating Support Systems Network Management
Device Inventory Device OS
Device & Interface Config DNS Device Status
DHCP Interface Status
IP Address
Lifecycle
Management
Firewall Config Net Flow
Firewall Rules System Events & Logs
Security Events & Logs
Identity Management
Security Policy
BGP & DNS SEC
Cyber Security
13

14. 20 Critical Controls – Consensus Audit
Guidelines
 Inventory for Authorized & Unauthorized
Devices & Software (1&2)
 Secure Configurations for Hardware & Software
on Laptops, Workstations & Servers (3)
 Secure Configurations for Network Devices such
as Firewalls, Routers & Switches (4)
 Boundary Defense (5)
 Maintenance, Monitoring, and Analysis of
Security Audit Logs (6)
14

15. 20 Critical Controls – Consensus Audit
Guidelines …
 Continuous Vulnerability Assessment &
Remediation (10)
 Account Monitoring & Control (11)
 Malware Defenses (12)
 Limitation & Control of Network Ports, Protocols
& Services (13)
 Wireless Device Control (14)
 Secure Network Engineering (16)
 Penetration Tests and Red Team Exercises (17)
15

16. Cyber Security Eco-System
16
•*IPal Technology is covered under U.S. Patents 7,127,505, 7,330,907, 7,523,189, 7,558,881, 7,739,406 and other US and International Patents Pending.

17. USG Stats as of Sept. 2012
 The official repository of USG domains, data.gov has
~1,500 domain and sub-domains.
 ~800 domains made some progress in operational
deployment. Those domains span dozens of distinct
enterprises, CIO shops, vendor/contractors and
deployment environments.
 ~30% of public web .gov sites monitored are IPv6 enabled.
 Scores of commercial products have been conformance
and interoperability tested through the USGv6 Program.
http://www-x.antd.nist.gov/usgv6/products.html
 If you look at the historical graphs, you will see significant
progress over the last 6 months. http://usgv6-
deployment.antd.nist.gov/cgi-bin/generate-gov
17

18. Resources
 Planning Guide/Roadmap Toward IPv6
Adoption within the U.S. Government
 https://cio.gov/wp-
content/uploads/downloads/2012/09/2012_IPv6_Roa
dmap_FINAL_20120712.pdf
 Digital Government Initiative
 http://www.whitehouse.gov/sites/default/files/omb/ego
v/digital-government/digital-government.html
18

19. Industry Contributors
 Chris Chroniger – Chair Acentia
 Dale Geesey Auspex Technologies
 Kenny Burroughs Internet Associates
 Barry Chapman Acentia
 Jeremy Duncan Salient Federal
 TJ Evans Nephos6
 Joe Klein QinetiQ, North America
 Tim Owen SMS
 Chip Popoviciu Nephos6
 Yanick Pouffary HP
 Yurie Rich Nephos6
 Kristofer Smith Auspex Technologies
 Frank Troy Troy Networks
 Ralph Wallace White Oak Consulting 19

20. Contact Information
 John L. Lee, CTO
 john@internetassociatesllc.com
+1-678-488-6085
 Internet Associates, LLC
 +1-855-GET-IPV6
+1-770-495-0953
20