Department of Defense
High Performance Computing Modernization Program

Cloud Computing available under GSA contracts

In October, 2010, the United States (US) General Services Administration (GSA) awarded 11 vendors spots on the first government-wide contract for cloud computing. The initial ordering period has ended for these blanket purchase agreements for infrastructure-as-a-service (IaaS), which included cloud storage, virtual machines and Web hosting services with support for IPv6. Details for currently available cloud acquisition vehicles are available on the GSA website. More information about cloud computing was available on the Cloud.CIO.gov website [material from that website was archived March, 2015, and is available here for reference]. A Best Business Practices for US Government (USG) Cloud Adoption guide is available on the GSA website.

USG Requirements for IPv6

The requirements of the Federal Acquisition Regulations as amended in July, 2010 (as described in the IPv6 Boiler Plate Acquisitions Language article in the Deployment section) always apply. Explicit requirements for IPv6 are in the Cloud Security Guidance document mentioned in the above paragraph. Requirements were included in early documents of the Cloud Security Alliance (CSA) -- for example, this Sept 2012 SecaaS Implementation Guidance, Network Security document.

Requirements for IPv6 support are not always explicitly included in recent government documents. 

Cloud Service Providers that support IPv6

Lists of cloud service providers that are accessible via Internet Protocol version 6 (IPv6) are available here and here. Since those lists were published, Amazon Web Services (AWS) added IPv6 support and Microsoft Azure expanded its IPv6 support. IPv6 addressing in Amazon Virtual Private Clouds (VPCs) is subject to restrictions, described here. Alibaba has announced IPv6 support for their Alibaba Cloud in China.

Content and applications that natively support only IPv4 access may (or may not) become dual stack (IPv6 in addition to legacy IPv4) accessible when hosted by a cloud service provider that supports IPv6. Verify the additional cost for IPv6 support (if any). Verify that connectivity via IPv6 to the cloud service provider’s locations is available from the geographic locations included in your IPv6 deployment effort. Verify that content and applications that natively support only IPv4 will become dual stack accessible. If they will not become dual stack accessible, then you might want to consider using one of the other services or products described in the Content and Applications Delivery over IPv6 article in the Frequently Asked Questionis (FAQ) section. This article from Nephos6 suggests some additional cloud service acquisition considerations.

Secure Cloud Computing

Information about the Federal government’s security assessment, authorization, and monitoring of cloud vendors may be found on GSA’s Federal Risk and Authorization Management Program (FedRAMP) website. Among other documents available (see this listing) on the FedRAMP website is an Agency Cloud Procurement Best Practices guide (also called "Creating Effective Cloud Computing Contracts"). 

Cloud Access Security Brokers (CASBs) support for IPv6 is discussed in this article.

Information about secure deployment of clouds may be found here: 

Cloud Security Alliance Security Guidance for Critical Areas of Focus in Cloud Computing version 4.0 document,
Defense Information Systems Agency (DISA) Information Assurance Support Environment (IASE) DoD Cloud Computing Security website, 
Department of Homeland Security Cloud Security Guidance version 0.2 document, and 
Federal CIO Council (CIOC) Information Security and Identity Management Committee (ISIMC) Guidelines for the Secure Use of Cloud Computing by Federal Departments and Agencies V0.41 (draft).

Open Source Cloud Computing Platforms

There are numerous open source cloud computing platforms and more are being announced all the time. A few that support IPv6 include:

  1. Abiquo: Support for IPv6 described in this article.
  2. Apache Cloudstack: Support for IPv6 is described in this article.
  3. CloudFoundry: Support for IPv6 is described in this article.
  4. Openstack: In January, 2011, the Openstack consortium announced that the next release of Compute, Image Services, and Object Storage modules included support for IPv6. This article provides an introduction to the software architecture and modules in Openstack. The 2013 Havana release of Openstack is described in an article from Nephos6. This document and this article describe what it takes to run the 2015 Openstack Kilo release on IPv6. This document describes running the Openstack Newton Oct 2016 release (and subsequent releases in that series) on IPv6. This document describes deploying IPv6-only tenants with Openstack.

 


Top