Agencies get ready to reduce Internet gateways

Agencies must by April 15 detail for the Office of Management and Budget their final road map to fewer external connections to access the Internet under the Trusted Internet Connections (TIC) initiative.

Agencies then will provide a statement of their capabilities and updated plans and actions to reduce the number of external connections, said Wendy Liberante, OMB’s program officer for the TIC initiative. By May 1, agencies that need more access will submit their justification for more access points than the recommended two or three.

OMB outlined in November the need for fewer external connections to the Internet to protect agency data. OMB plans to limit agencies to a total of 50 gateway connections from the more than 1,000 now in use. Agencies have a target date of June 30 to consolidate and reduce the number of connections. OMB is working with agencies, Liberante said April 1 at the 2008 FOSE event sponsored by FCW’s parent, 1105 Government Information Group.

“It’s going to be a back-and-forth conversation with OMB,” she said. “It’s a holistic view that we’re asking agencies to take,” she said, about incorporating other security and privacy directives  mandated by OMB.

To protect sensitive data from flexible adversaries, agencies can’t have an unlimited number of external pathways to the Internet, said Randy Vickers, associate deputy director of the U.S. Computer Emergency Readiness Team (US-CERT) in the Homeland Security Department. Instead, agencies can channel or re-direct connections through a smaller set of portals. Users should not be aware of the reduced number of portals, he said.

“To watch a network, you have to control it,” Vickers said. With fewer external connections, agencies will be better able to watch and analyze traffic in and out of their networks.

The Health and Human Services Department previously reduced its external connections from more than 40 to 16, said Michael Carleton, HHS chief information officer.

“It was a success because nobody knew,” Carleton said. It will be harder to decrease those external connections from 16 to two or three.

However,  the TIC initiative presents decisions for agencies to make that also influence other policies they must adopt, Carleton said. He plans to use HHS’ move to the General Services Administration’s Networx telecommunications contract to implement the architecture for fewer Internet gateways. Under the Networx option, HHS will go live with its Trusted Internet Connection in April 2009, he said.

Networx vendors qualify as TIC providers. HHS could implement TIC faster under the current but expiring FTS-2001 telecommunications contract, but Networx will provide more capabilities, Carleton said.

In relation to TIC and Networx, HHS will incorporate the mandate to use IPv6 on backbone networks and infrastructure optimization under OMB’s Information Technology Infrastructure Line of Business.

“Here is a way to integrate these and put them on a schedule,” he said.

The TIC requirement may provide security controls for agencies just by consolidating the number of external connections, Carleton said.

“TIC serves as a set of controls that wasn’t there before," Carleton said. "They allow them to either reduce residual risk that we’re accepting already or rely on the TIC as a control in place of those controls for which they used to spend more time on than they will have to on the TIC. There are still judgments to be made on how much you’ll be able to rely on it.”

About the Author

Mary Mosquera is a reporter for Federal Computer Week.


  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.