CDM IPv6 compliance plans due July 6: Why the technology matters

By Amanda Mull, contract specialist

As I mentioned in my previous blog, there have been some changes to CDM. The Cybersecurity and Infrastructure Security Administration (CISA) announced recently that the common requirements for the Continuous Diagnostics and Mitigation (CDM) Program had been updated to align with the extended compliance schedule published in the Office of Management and Budget (OMB) Memorandum 21-07 (M-21-07) – PDF.

By FY2023, all federal information systems must be Internet Protocol version 6 (IPv6) enabled. This is an important policy move for acquiring information technology (IT) products and services contained in Federal Acquisition Regulation (FAR) 11.002.

On June 4, CISA directed suppliers with CDM-approved products suspected of not being natively IPv6 compliant to provide proofs of capability or a plan for becoming compliant by July 6, 2021. CISA will conditionally approve products that are not fully IPv6 compliant, providing applicants submit an acceptable plan detailing how their products will become fully operational in an IPv6-only network by the end of FY2023. CISA intends to perform periodic progress checks on accepted plans.   

IPv6 is a network layer protocol that enables data communications over a packet switched network, data transferred in packets between two nodes in a network. This protocol is not new. The first working standard protocol came in 1998; by 2004, most U.S. software manufacturers were working to update their IPv4 architecture, considered the backbone of the modern Internet.

IPv6 was called the “next generation Internet” because of its expanded capabilities and growth potential. It is considered critical for heightened cybersecurity and privacy.

While IPv6 and IPv4 share similar architecture, there are some key differences:

• IPv6 increases address space from 32-bit under IPv4 to 128-bit address length. This makes it possible to have an almost unlimited number of unique IP addresses.
• Size matters: IPv6 address size helps deter malicious activities such as IP scanning.
• IPv6 packets support larger payloads, increasing throughput and transport efficiency.
• Most important for remote work forces is native support for mobile devices to switch between networks and receive roaming notices at any physical location. Mobile-iPv6 (MIPv6) is a hallmark protocol specified as a firm requirement in designing IPv6.
• Independent auto-configuration of IPv6 devices is a boon to network administrators. IPv6 devices connected with other IPv6 devices can assign IP addresses and device numbering. An IPv6 router may even determine its own IPv6 address.
• The IPv6 protocol provides increased authentication and privacy with an end-to-end security framework featuring embedded IPSec security to manage encryption and authentication between hosts.  

More information on IPv6 and federal cybersecurity policies and programs can be found at this GSA website.  

---

To keep on top of trends in government IT, subscribe to immixGroup’s Government Sales Insider blog now!

For expertise on the CDM program and help getting your products to the federal marketplace faster, contact immixGroup at CDM@immixgroup.com.