OMB: Agencies must shed more gateways

Agencies have until the latter part of 2009 to begin operating approximately 79 Internet gateways that will serve the federal government under the Trusted Internet Connection (TIC), Karen Evans, Office of Management and Budget’s administrator for e-Government and information technology, said today.

The exact number of connections may change as some agencies provide more information and vendors establish TIC services, Evans said as she released a status report on the TIC initiative today. Evans also said the deadline for the TIC is "toward the end" of calendar year 2009, but did not provide a specific date.

The TIC effort should improve the federal government’s information security environment by making it easier to monitor data traffic on agencies’ connections, OMB said when it introduced the initiative last year.

“Fewer external connections means fewer vulnerabilities and better secured networks,” Evans said.

Agencies have reduced the number of their external connections to the Internet from 4,300 in January to 2,758 in May and shown progress toward meeting the goal of fewer than 100 connections that was established in June, Evans said.

OMB originally set a goal for 50 connections to serve all federal agencies. It raised that number after reviewing the statements of capability that agencies submitted to OMB last month.

OMB must still reconcile the difference between the 235 connections that agencies in total reported as their target and its calculated target of 79 agency connections, Evans said.

The TIC would standardize individual external network connections so agencies can provide the connections for themselves or use the services of TIC Access Providers, which would be modeled after the shared-service provider concept in other consolidation initiatives. Vendors under the General Services Administration’s Networx governmentwide network and telecommunications contract will have the opportunity to demonstrate their technical capabilities to also provide TIC services.

To meet the goal of fewer than 100 trusted Internet connections, the status report stated that 17 agencies acting as single-service providers and one agency as a shared-services provider would establish 79 TICs. Networx providers could potentially offer 10 TIC locations.

However, five agencies have not met at least 90 percent of the technical requirement and the remaining 121 mostly smaller federal agencies would seek service from an approved TIC Access Provider, OMB said.

TIC is one of the security initiatives for which agencies accomplished the initial milestones by June 30. Agencies also demonstrated that their networks are ready for the transition to to IPv6, the next-generation Internet protocol, and for implementing a security standard, the Federal Desktop Core Configuration, for Microsoft’s XP and Vista operating systems.