Post on 10-Mar-2018
transcript
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
USGv6:
US
Government
IPv6 Transition
Activities
11/04/2010
Dale Geesey Chief Operating Officer Auspex Technologies, LLC Phone: 703.319.1925 Fax: 866.873.1277 E-mail: dgeesey@auspextech.com Web: www.auspextech.com
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
Agenda
• US Government IPv6 (USGv6) Transition History
• USGv6 Next Steps
• Department of Veterans Affairs (VA) Transition Example
November 4, 2010 2 © 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
US GOVERNMENT IPV6
(USGV6) TRANSITION
HISTORY November 4, 2010 3 © 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
• How to transition?
– Infrastructure first
– Applications first
• Utilize Agency’s Enterprise Architecture Process (Enterprise Focus)
– Track progress
– Show value
• How to pay for it?
– Existing budget
– Business case by specific program
• The Real Question: Why Transition to IPv6 in the First Place?
– Real Answer – It is inevitable!
– Other Answers (Money/Capability/Security)
• Other Big Question – Why transition now?
– Government requires a much longer timeframe than industry to integrate new technology
– Waiting will have a negative impacts on Government & industry
– No more time
Federal IPv6 Transition
Thought Process
11/4/2010 4 © 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
USGv6 Historical
Timeline
DoD IPv6
Transition
Memo
Released
OMB IPv6
Transition
Memo
Released
USGv6 Testing
Milestone
FAR Changed
to Require IPv6
for IT
Acquisitions
USGv6 Product
Profile &
Testing
Program
November 4, 2010 5
2003
2005
2008
2009
2010 New OMB
IPv6
Policy
10/28/2010
© 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
M-05-22 Requirements
& Dates
November 4, 2010 6
Oct
FY06
Nov
FY06
Dec
FY06
Jan
FY06
Feb
FY06
Mar
FY06
Apr
FY06
May
FY06
Jun
FY06
Jun
FY08
Assign IPv6 Lead
Inventory of Existing
Routers Switches &
Hubs
Inventory of All
Existing IP Devices
Impact Analysis
Transition Plan
Use of IPv6
© 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
June 2008 IPv6
Milestone Results • OMB Public Statement
– All major USG agencies reported that they successfully demonstrated IPv6 capabilities on their network backbones.
• Reality
– Most agencies turned IPv6 on
– Performed basic network tests (ping, trace routes, etc.)
– Turned IPv6 off
• Bottom Line - IPv6 not operationally ready
– C&A and security
– Operational procedures
– Training
– Interoperability
– Etc.
• Is this Success?
– Yes!
– First, critical step in the overall transition
November 4, 2010 7 © 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
FAR Language
• 11.002(g)
Unless the agency Chief Information Officer waives the requirement, when acquiring information technology using Internet Protocol, the requirements documents must include reference to the appropriate technical capabilities defined in the USGv6 Profile (NIST Special Publication 500-267) and the
corresponding declarations of conformance defined in the USGv6 Test Program. The applicability of IPv6 to agency networks, infrastructure, and applications
specific to individual acquisitions will be in accordance with the agency's Enterprise Architecture (see OMB Memorandum M-05-22 dated August 2, 2005).
November 4, 2010 © 2010 Auspex Technologies 8
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
Federal IPv6 Product
Profile • Device Types
– Host
– Router
– Network Protection Device
• Functional Categories – IPv6 Basic Capabilities
– Routing Protocols
– Quality of Service
– Transition Mechanisms
– Link Specific Capabilities
– Addressing
– IP Security
– Network Management
– Multicast
– Mobility
– Application Requirements
– Network Protection Device Requirements
November 4, 2010 9 © 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
Federal IPv6 Product
Testing Program • Tied to Federal IPv6
Product Profile
• Utilizes Suppliers Declaration of Conformity process
• Leveraged by changes to FAR
• Types of Testing – Conformance
– Interoperability
– Network Protection Device
• 1st/2nd/3rd Party Testing
November 4, 2010 10 © 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
USGV6 NEXT STEPS
November 4, 2010 11 © 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
The Business Case and
Roadmap for Completing IPv6
Adoption in US Government
What Does it Cover
1. Federal IPv6 Transition – Progress to Date
2. Federal IPv6 Transition – The Next Steps
3. Leveraging Enterprise Architecture
4. Transition Roadmap and Milestones
5. IPv6 Impact on Federal Initiatives
6. IPv6 in IT Governance and Procurement
November 4, 2010 12 © 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
The New OMB
IPv6 Memo
Why • Enable key Federal IT modernization initiatives:
– Cloud Computing
– Broadband
– SmartGrid
• Reduce complexity and increase transparency:
– Eliminate NAT technologies;
• Enable ubiquitous security services:
– End-to-end network communications
– Foundation for securing future Federal IT
systems
• Enable the Internet to continue to operate
efficiently:
– Integrated & well-architected networking
platform
– Accommodate future expansion of Internet-
based services
What & When • Procurements:
– Comply with FAR requirements
– Use of the USGv6 Profile and Test Program
– Ensure completeness/quality of IPv6
capabilities
– Now
• Designate an IPv6 Transition Manager:
– October 30, 2010
• External Services:
– Public/external facing servers and services
– e.g. web, email, DNS, ISP services, etc
– Operationally use native IPv6
– End of FY 2012 (September 30, 2012)
• Internal Services:
– Applications that communicate with public
Internet servers
– Supporting enterprise networks
– Operationally use native IPv6
– End of FY 2014 (September 30 2014)
November 4, 2010 © 2010 Auspex Technologies 13
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
DEPARTMENT OF VETERANS
AFFAIRS (VA) TRANSITION
EXAMPLE November 4, 2010 14 © 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
Example - OneVA Enterprise
Network Evolution
November 4, 2010 15 © 2010 Auspex Technologies
Yesterday Today
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
Example - VA IPv6
Transition Approach • Organic Approach
– Leverage existing resources
– Test lab
– Tap external expertise as necessary
• Transition Governance
– OIT lead
– Structured transition team
– VA-wide involvement
– Vendors/contractors
• Strategy
– Executive level buy-in
– Core across entire enterprise
– Significant training effort
– Strong testing focus
– Emphasis on security
• Collaboration
– Work with other agencies
– CIO Council IPv6 working group
– Cross-agency testing
– Internet2
November 4, 2010 16 © 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
Example - Multi-Agency
IPv6 Testing
November 4, 2010 17
`
GSA
VA
IRS
SSA
`
`
`
NIST
`
`
Verizon
Qwest
Sprint
Level 3
Internet
© 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
Example - VA IPv6
Accomplishments
OMB designated VA as Level 1 Agency
IPv6 Transition rated “5 out of 5” for last 2 years
Successfully tested IPv6 on core network
Led multi-agency IPv6 test initiative
IPv6 awareness video distributed to Federal
Agencies - Youtube (keyword: VA IPv6)
Provided IPv6 training leadership
Acknowledged as leader in public and private
forums
November 4, 2010 18 © 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
Example - VA IPv6
Lessons Learned • Start Early
– Many potential delays (as with any program)
– Will take longer than initially planned
• Be Inclusive
– Impacts entire organization
– Less issues if other groups brought in during the beginning
– Better understanding of potential impacts
• Executive Level Buy-In
– Educate executives on program and benefits (in their terms not techno-speak)
– Support via policy & memorandum
– Tie into business case & budget activities
• Training
– Do not limit to technical groups
– Educate as many across the agency as possible
– Include the program benefits in the training
• Test – Test – Test
– Absolute requirements for operational deployment
– More testing partners (internal & external) the better
– Include multiple carriers if possible
November 4, 2010 19 © 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
Example - VA IPv6
Next Steps • Phase II and Beyond Planning
– Identify VA next steps – Meet new OMB Memo Requirements
– Plan enterprise-wide transition (beyond core)
– Communities of interest
• Continue Collaboration
– Cross agency testing
– CIO Council IPv6 Working Group
– Training
• Build IPv6 into Business Case Process
– Leverage IPv6 into new programs and technology refreshments
– Focus on leveraging IPv6 capabilities and solutions
– Internal demand for IPv6 already identified from VA field organizations
• Establish Permanent Demonstration Network
– Leverage VA Internet2 Program
– In conjunction with other agencies & academia
– Active (and ongoing) testing and demonstration of IPv6 and other technologies and applications
November 4, 2010 20 © 2010 Auspex Technologies
DIS
CO
VE
R T
HE
TR
UE
VA
LU
E O
F T
EC
HN
OL
OG
Y
Example - VA IPv6
Pilot Programs
November 4, 2010 21 © 2010 Auspex Technologies