IPv6 profile takes the long view
- By William Jackson
- Jan 29, 2008
The National Institute of Standards and Technology wants to make it clear that neither agencies nor the information technology industry are expected to be using its proposed standards for IPv6 networking and security products when IPv6 is enabled on government backbones this year.
The Office of Management and Budget has required that agencies enable their core networks to handle IPv6 traffic by the end of June. As part of this process, agencies must procure IPv6-ready products. NIST is developing a profile of what it means for a product to be IPv6-ready. But Special Publication 500-267
, 'A Profile for IPv6 in the U.S. Government-Version 1.0,' is still in the draft stages and will not be a requirement for meeting the June 30 deadline.
The Web page
hosting the document has been updated to reflect this. "It should be noted that the profile is not intended to be applicable to near term uses,' the page reads. 'Instead, as a forward looking strategic plan, the profile's recommendations are targeted for 2010 and beyond."
Included in the draft profile is the statement, "As a general principle, we recommend that users and the product industry be given 24 months between the indication of the intent to add a new mandatory requirement and citations of those requirements in procurement actions."
The profile contains technical standards for government acquisition of IPv6 hosts and routers along with a specification for network protection devices. The host and router profile encompasses basic IPv6 functionality in addition to specific requirements and key optional capabilities for routing, security, multicasting, mobility, network management and quality of service. The network protection device profile contains a set of capability requirements for IPv6-aware firewalls and intrusion detection systems. The profile also addresses how such systems can interoperate and co-exist with the current IPv4 systems.
Changes in the second draft of the standards were the result of more than 500 comments received on the first draft and feedback from a series of meetings with government and industry groups.
Comments on the draft profile are due Feb. 29 and should be sent to firstname.lastname@example.org
William Jackson is freelance writer and the author of the CyberEye blog.