architecting next generation internet technologies l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Architecting Next-generation Internet Technologies PowerPoint Presentation
Download Presentation
Architecting Next-generation Internet Technologies

Loading in 2 Seconds...

play fullscreen
1 / 19

Architecting Next-generation Internet Technologies - PowerPoint PPT Presentation


  • 400 Views
  • Uploaded on

Architecting Next-generation Internet Technologies Peter J. Tseronis, PMP Chair, Federal IPv6 Working Group Federal IT Summit | October 22, 2008 A brief history and chronology… The Internet is a worldwide network of networks comprised of servers, routers, and backbone networks

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Architecting Next-generation Internet Technologies' - jana


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
architecting next generation internet technologies

Architecting Next-generation Internet Technologies

Peter J. Tseronis, PMP

Chair, Federal IPv6 Working Group

Federal IT Summit | October 22, 2008

a brief history and chronology
A brief history and chronology…

The Internet is a worldwide network of networks comprised of servers, routers, and backbone networks

The basic function of the Internet is to transmit packets of information across interconnected networks via:

Addressing

Fragmentation of data

The two primary protocols enable these packets to traverse the Internet: TCP and IP

In February 2003, the President’s National Strategy to Secure Cyberspace commenced the government wide effort to address IPv6

In May 2005, the GAO-05-471 informed Congress on the state of the federal IPv6 landscape and recommended that OMB begin addressing key planning considerations for an IPv6 transition

In August 2005, OMB released M-05-22 requiring to begin the transition to IPv6 on core network backbones

In September 2008, NIST published A Profile for IPv6 in the U.S. Government – Version 1.0 to assist Federal agencies in formulating plans for the acquisition of IPv6 technologies

implications of not using ipv6
Implicationsof not using IPv6…

Despite the wide-scale deployment of Network Address Translation (NAT) at Federal agencies and within the United States, the worldwide consumption of the IPv4 address pool continues at an accelerating rate

IPv4 address space is projected to run out in or before 2011

Moreover, the current community (IPv4) may not be able to talk to the future Internet community (IPv6) effectively, which could splinter the Internet

Agencies may not be prepared for dramatic changes brought about by IPv6 in commercial and international markets

exponentially more addresses
Exponentially More Addresses…

IPv4:

4,294,967,296

IPv6:

340,282,366,920,938,463,374,607,432,768,211,456

phase i was about
Phase I was about…

Culminating a 35-month initiative to begin migrating the federal government to the next generation Internet

Integrating the next generation Internet protocol into core backbone network infrastructure

Substantiating an enterprise architecture framework for IPv6 adoption

Building momentum for Phase II

ipv6 market trends
IPv6 Market Trends…
  • IPv4 Address space depletion
  • Operating system releases with v6 “on” and “preferred” by default
  • Explosion of connected appliances
  • Earth population trend: 6B (now) to 9B (2050)
  • National IT strategies:
    • M 05-22
    • E.U. Recommendations
    • China Next Generation Internet
    • E-Japan
    • Korea IT-839

Source: Arch Rock

it predictions for 2008
IT Predictions for 2008…
  • Web 2.0 evolution
  • Infrastructure optimization/modernization
  • Information Sharing/Collaboration
  • Distance Learning
  • IT Security
  • Wireless and Mobile communications
  • Virtualization
  • Green IT
  • Broad use of telework

Sources: Government Insights, January 2008; INPUT Federal IT Market Forecast, 2008

phase ii is about
Phase II is about…

Deploying secure, end-to-end, shared IPv6-enabled network services

Implementing of the USG standards profile

Developing of an open, public formal testing program for IPv6 technologies

Producing a suite of artifacts via the Federal Enterprise Architecture PMO to guide to guide Federal IPv6 transitions

Coordinating IPv6 initiatives with the IT infrastructure Line of Business (ITILOB)

Utilizing the IT Infrastructure and Information Sharing Segment Architectures to define a “to-be” IPv6 environment

Reinforcing how EA and Enterprise Transition Plans drive IPv6 Exhibit 300 development

ip security will evolve
IP Security will evolve…
  • The AS-IS:
    • IP security relies heavily on perimeter devices (firewalls, routers, NAT)
    • Network-based security is the “modus operandi”
    • IP security security constantly “adding on” to meet requirements
  • The TO-BE:
    • Move towards an “end-to-end” security model via a policy-based trust domains:
      • a combination of host, application, and network-based security
      • Boundary devices will servea s gatekeepers screenifn for pokkciy breaches
      • Nodes will provide firewall, intrusion detection and virus capabilities
    • Security services can be applied at varying levels of the TCP/IP model
    • Reliance on a distributed security architecture/model to remove the burden of screening rules at a perimeter firewall
    • Leverage integrated security that v6 has to offer

* Source:IPv6 Forum and Juniper Networks

things to think about
Things to think about…
  • Evaluating transition mechanisms
  • Architecting IPSec and IKE across your enterprise
  • Investigating Secure Neighbor Discovery (SEND)
  • Deploying DHCPv6 and DNSSEC
  • Designing scalable Addressing and Routing schemas
  • Replacing NAT functionality with v6 capabilities

* Source:IPv6 Forum and Juniper Networks

how to define the to be v6 environment
How to define the “to-be” v6 environment…

Use the Enterprise Architecture Assessment Framework (v3.0)

Enterprise architecture levels

Enterprisecommon/shared assets; aligning resources; all stakeholders

Segmentcore mission areas; structure, reuse, and alignment; business owners

Solutionapplications/components; users and developers

Performance Improvement Lifecycle Communities

Strategic/Performance Improvement: “Strategize – Formulate – Execute”

Information Technology: “Architect – Invest – Implement”

Segment architecture maturity

Segments are subset of the overall agency architecture

Segment Types: Core Mission, Business Service, or Enterprise Service

Serve as a conduit between strategic plans and enterprise investments

it portfolio alignment line of sight
IT Portfolio Alignment: Line-of-Sight

ITServices

Business

Capabilities

Investment

Portfolio

Strategies

Objectives

SolutionDeliveryOrganizations

Mission/Goals

Business View

IT View

takeaways
Takeaways…
  • June 30, 2008 marks the end of Phase I
  • Utilize the USG profile to develop specific acquisition and deployment plans
  • Leverage Federal Enterprise Architecture and Capital Planning activities to deliver IPv6-enabled mission results
  • Design a hierarchical routing and addressing strategy based on your current and future IP-based service portfolio
  • Use network modeling and simulation tools to develop routing architectures
  • Craft an enterprise security plan to support an end-to-end, “holistic” service model versus an enclave approach
  • Securing IPv6 not only depends on the protocol but also on integration planning and implementation
  • Increase agency awareness, train staff, and recruit talent
  • The USG is a key catalyst in the globalization of IPv6
slide19
Peter J. Tseronis, PMP

Chair, Federal IPv6 Working Group

FOR MORE INFO: Go To www.EGOV.gov > Information Policy > IPv6