Defense

DOD's IPv6 transition lags

Image of the Pentagon

The Department of Defense first laid out plans to convert its network to the Internet Protocol Version 6 standard in 2003. While DoD has hit several milestones along the way, a lack of a coordinated effort on the part of the CIO office and U.S. Cyber Command prevented an enterprise-wide switchover, according to an inspector general report from December 2014 that was recently made public.

As a result of the delay, DoD is losing the benefits of IPv6, such as embedded IP security, mobility and the ability to create dynamic IP addresses for devices such as sensors, smart munitions, weapons systems and plug-and-play networks, all of which offer a technological advantage to IT-equipped forces on the battlefield. According to the report, "the delay in migration could increase DoD's costs and its vulnerability to adversaries."

While DoD IT leaders apparently see the need to adopt a more rigorous schedule for IPv6 deployment, in their reply comments senior leaders questioned the urgent tone of the report, and stated that the IG's conclusions didn't fully take into account security risks associated with the transition and with running a "dual-stack" environment that supports both IPv6 and its predecessor, IPv4.

There are some considerable barriers to transition, both financial and in terms of human capital and equipment. Hardware and software interoperability can be challenging, especially for an enterprise supporting out-of-date stacks and legacy code. It may be difficult for IT leaders to push to make transition a priority when they support a base of working IPv4-compatible gear and applications.

According to the report, IPv6 transition  and testing activities weren't centrally coordinated. For example, according to the report, Cyber Command officials reported a "lack of knowledge about IPv6 and the need for pilot testing before implementation." At the same time, Cyber Command did not take advantage of testing and certification done by the Army Technology Integration Center on IPv6-enabled equipment -- as of July 2014 the center had issued 88 separate interoperability certifications. According to the report, Cyber Command faced competing challenges and was, "focused on defense of the IPv4 network because of a significantly increased threat environment."

The IG report also criticized DoD for missing key deadlines on a government-wide directive issued by the Office of Management and Budget in 2010, including converting public facing email, web and DNS systems to IPv6 by the end of fiscal 2012, and DoD applications and networks to IPv6 by the end of fiscal 2014.

The IG report recommends jump-starting the conversion effort with a DoD-wide IPv6 transition office led by the DoD CIO to include staffers from the Defense Information Systems Agency, U.S. Cyber Command, the Defense Research and Engineering Network and the CIOs of the military services. The IG report also wants an updated transition plan, with procedures in place to monitor progress. Additionally, the IG wants defense agencies and services to be able to work from common sets of component testing results.

In his reply comments, then-Acting Principal Deputy CIO David DeVries said that DoD was taking IPv6 seriously, but an "expensive transition from an IPv4 to an IPv6 environment is not cost effective nor warranted." DeVries said DoD has pushed out IPv6 where necessary, but also maintains a "sufficient IPv4 address space to support future operations."

But DeVries largely concurred with the IG recommendations. While he doesn't want a dedicated IPv6 office, he supports an existing steering group led by the CIO to coordinate transition, including cybersecurity issues put forth by Cyber Command. Additionally, a project team at DISA plans to take the lead in integrating component and implementation testing, and will share IPv6 test results in the third quarter of fiscal 2015.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.