CISA Releases Guidance to Assist Agencies Moving From Wide Network Perimeters to Micro-Perimeters
The Cybersecurity and Infrastructure Security Agency (CISA) released a new Trusted Internet Connections (TIC) 3.0 draft guidance that adjusts to federal agencies narrowing their cyberdefenses.
The guidance was developed to assist agencies in protecting modern information technology architectures and services, less focused on a perimeter. According to CISA, in the early 2000’s, the White House Office of Management and Budget initiated a data-call asking federal agencies to inventory their connections to the internet. "The results were eye-opening: agencies reported more than 4,000 connections. This prompted a desire for network consolidation across the Federal Government in order to limit the number of tubes to monitor to a smaller set, spurring the initiative known today as Trusted Internet Connections (TIC)," says CISA.
TIC began with the goal of creating the first federal perimeter security baseline, notes the statement. The initiative focused on large federal agencies reducing the enterprise footprint to approximately 50 connections, or “TIC access points."
The following TIC guidance documents are sequential in nature and CISA recommends they be read in order:
- Program Guidebook (Volume 1) – Outlines the modernized TIC program and includes historical context
- Reference Architecture (Volume 2) – Defines the concepts of the program to guide and constrain the diverse implementations of the security capabilities
- Security Capabilities Handbook (Volume 3) – Indexes security capabilities relevant to TIC
- Use Case Handbook (Volume 4) – Introduces use cases, which describe an implementation of TIC for each identified use:
- Traditional TIC Use Case. Describes the architecture and security capabilities required for the conventional TIC implementation
- Branch Office Use Case. Describes the architecture and security capabilities required for remote offices
- Service Provider Overlay Handbook (Volume 5) – Introduces overlays, which map the security functions of a service provider to the TIC capabilities