Agencies get ready to reduce Internet gateways

Agencies must by April 15 detail for the Office of Management and Budget their final road map to fewer external connections to access the Internet under the Trusted Internet Connections (TIC) initiative.

Agencies then will provide a statement of their capabilities and updated plans and actions to reduce the number of external connections, said Wendy Liberante, OMB’s program officer for the TIC initiative. By May 1, agencies that need more access will submit their justification for more access points than the recommended two or three.

OMB outlined in November the need for fewer external connections to the Internet to protect agency data. OMB plans to limit agencies to a total of 50 gateway connections from the more than 1,000 now in use. Agencies have a target date of June 30 to consolidate and reduce the number of connections. OMB is working with agencies, Liberante said April 1 at the 2008 FOSE event sponsored by FCW’s parent, 1105 Government Information Group.

“It’s going to be a back-and-forth conversation with OMB,” she said. “It’s a holistic view that we’re asking agencies to take,” she said, about incorporating other security and privacy directives  mandated by OMB.

To protect sensitive data from flexible adversaries, agencies can’t have an unlimited number of external pathways to the Internet, said Randy Vickers, associate deputy director of the U.S. Computer Emergency Readiness Team (US-CERT) in the Homeland Security Department. Instead, agencies can channel or re-direct connections through a smaller set of portals. Users should not be aware of the reduced number of portals, he said.

“To watch a network, you have to control it,” Vickers said. With fewer external connections, agencies will be better able to watch and analyze traffic in and out of their networks.

The Health and Human Services Department previously reduced its external connections from more than 40 to 16, said Michael Carleton, HHS chief information officer.

“It was a success because nobody knew,” Carleton said. It will be harder to decrease those external connections from 16 to two or three.

However,  the TIC initiative presents decisions for agencies to make that also influence other policies they must adopt, Carleton said. He plans to use HHS’ move to the General Services Administration’s Networx telecommunications contract to implement the architecture for fewer Internet gateways. Under the Networx option, HHS will go live with its Trusted Internet Connection in April 2009, he said.

Networx vendors qualify as TIC providers. HHS could implement TIC faster under the current but expiring FTS-2001 telecommunications contract, but Networx will provide more capabilities, Carleton said.

In relation to TIC and Networx, HHS will incorporate the mandate to use IPv6 on backbone networks and infrastructure optimization under OMB’s Information Technology Infrastructure Line of Business.

“Here is a way to integrate these and put them on a schedule,” he said.

The TIC requirement may provide security controls for agencies just by consolidating the number of external connections, Carleton said.

“TIC serves as a set of controls that wasn’t there before," Carleton said. "They allow them to either reduce residual risk that we’re accepting already or rely on the TIC as a control in place of those controls for which they used to spend more time on than they will have to on the TIC. There are still judgments to be made on how much you’ll be able to rely on it.”

About the Author

Mary Mosquera is a reporter for Federal Computer Week.


  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    OPM nominee plans focus on telework, IT, retirement

    Kiran Ahuja, a veteran of the Office of Personnel Management, told lawmakers that she thinks that the lack of consistent leadership in the top position at OPM has taken a toll on the ability of the agency to complete longer term IT modernization projects.

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

Stay Connected