Federal officials this week discussed how they can support new approaches like zero trust and SD-WAN in an efficient and secure way by leveraging the Enterprise Infrastructure Solutions (EIS) contract along with security requirements of the Trusted Internet Connections (TIC) 3.0 policy.
Speaking at an ATARC webinar on October 22, officials leading the General Service Administration’s (GSA’s) EIS program office and the Cybersecurity and Infrastructure Security Agency’s (CISA’s) TIC 3.0 program office discussed how their efforts connect to support modernization efforts across government.
“We’re working with CISA and TIC 3.0, and we’re going to incorporate that guidance into the [EIS] master contract,” said Allen Hill, acting deputy assistant commissioner for category management at GSA. “To me, SD-WAN being available on EIS allows TIC 3.0 to begin building that foundation of how security gets out to the edge and different branch offices, and eventually move to a zero-trust architecture.”
“A lot of what we’ve done in TIC 3.0 – and this is in close collaboration with [the EIS] team, is to make sure that the guidance coming out from TIC can support an SD-WAN model for the agencies,” added Sean Connelly, TIC program manager at CISA.
SD-WAN is also being explored by defense agencies, with officials from the Defense Information Systems Agency (DISA) and the Army Corps of Engineers noting their desire to use its capabilities, but also using caution with implementation and recognizing limitation with legacy apps in the Department of Defense’s portfolio of 15,000 applications.
“The reality is, we have to have a good mix of this. Some things within our 15,000 applications will probably never be on SD-WAN but a good portion of them probably will. The baked-in security features with software-defined networks and wide area networks are supreme, and I do think they’re going to add a whole level of security integrated into this capability,” said Fred Ruonavar, chief of contingency operations at DISA.
“What we’re looking at, in conjunction with a lot of these new technologies and capabilities – and SD-WAN is just one of them – we’re looking at how to train our professionals to know what they’re really doing and how to properly use, implement and deploy,” said Dovarius Peoples, CIO at the U.S. Army Corps of Engineers. “Ultimately, without a trained professional, a lot of these concepts are just another government capability we’ve raised and deployed without fully understanding how to get from point A to point B.”
Zero trust was another concept discussed, with Connelly noting that a zero trust use case for TIC 3.0 is in the works among various stakeholders.
“One of the tenets of TIC 3.0 is that the network is suspect if you abstract away the network from software that runs on top of it. I think a lot of what you see here will be reflected in that zero trust use case, recognizing that we’ve already built some of that into the core guidance itself,” Connelly shared.
In addition to the connection with TIC, Hill noted that EIS is seeing significant cost savings that even outstrip GSA’s expectations.
“EIS had some projected savings/cost avoidance, but it’s even greater than what we anticipated [due to] the competition. EIS is bringing the entire Federal government to buy at a bulk rate, and the vendors have been responsive to that,” Hill said.