Pentagon scraps IPv6 testing program that provided enterprise guidance

Routers, firewalls will no longer be deemed IPv6-cabable by military engineers

The U.S. Defense Department is halting a five-year-old effort to test off-the-shelf network hardware and software products for compliance with IPv6, the next-generation Internet protocol.

Instead, the Defense Information Systems Agency (DISA) is folding IPv6 testing into its regular IT product evaluation process, which is dubbed Unified Capabilities Requirements.

Beginning in April, DISA will test for IPv6 compliance along with all the other military-specific requirements that commercial IT products need to meet before they can be installed on Defense Department networks.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

The U.S. Defense Department is halting a five-year-old effort to test off-the-shelf network hardware and software products for compliance with IPv6, the next-generation Internet protocol.

Instead, the Defense Information Systems Agency (DISA) is folding IPv6 testing into its regular IT product evaluation process, which is dubbed Unified Capabilities Requirements.

Beginning in April, DISA will test for IPv6 compliance along with all the other military-specific requirements that commercial IT products need to meet before they can be installed on Defense Department networks.

"The IPv6-capable testing has been phased out," says Kris Strance, the Defense Department's lead for IP policy. "Our emphasis now is on interoperability and information assurance testing to include IPv6."

Strance says the Pentagon's new policy regarding IPv6 testing applies to all voice, video and data products that the military plans to buy.

DISA's Joint Interoperability Test Command (JITC) at Fort Huachuca, Ariz., which conducted the IPv6 tests, will continue testing commercial IT gear under the Unified Capabilities Requirements.

"We were testing IPv6 just for IPv6 sake, without much filter of whether these products were going to be immediately brought into the DOD inventory because it was a new technology," explains Rick Meador, chief of the Battlespace Communications Portfolio at JITC. "But now IPv6 is a little more prevalent, and we're seeing it in products ready to be fielded in DOD, so we're merging two separate but related processes. Now we're only going to look at those products that have immediate DOD need, and we're going to look at IPv6 as one of a subset of many requirements."

The Pentagon is canceling its IPv6-capability testing effort to increase efficiency. Instead of running IT gear through a separate IPv6 test suite, military engineers will run a streamlined IPv6 test at the same time they check for other military IT requirements.

"We never had an IPv4-specific test process, and we want to mainstream IPv6 so that it is just one more requirement," Strance says.

The elimination of the U.S. military's IPv6-capability testing effort is a loss for the IPv6 community because the Pentagon provided one of the few IPv6-related seals of approval for use by ISP and enterprise customers.

Over the last few years, 380 networking products including routers, switches, operating systems and firewalls passed JITC's IPv6 Capability test. Vendors marketed these wares as having passed rigorous set of tests by the Pentagon to ensure compliance with the full set of IPv6 standards.

For example, Juniper certified its routers and firewall VPN products as being IPv6-capable through JITC.

Tim LeMaster, director of systems engineering for Juniper Federal, says passing JITC's IPv6 test mattered to the Defense Department, intelligence community and civilian agency customers. "It was widely recognized as a key differentiator for us," LeMaster says.

LeMaster says of the Defense Department's new policy requiring vendors such as Juniper to go through IPv6 testing as part of the Unified Capabilities Requirements: "It probably makes sense to do it that way, and it is one less set of tests that vendors have to support from a resource standpoint … but it may limit the buzz you can generate from it."