Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity & Infrastructure Security Agency
America's Cyber Defense Agency

Search

 
 
  • Topics
    Cybersecurity Best Practices
    Cyber Threats and Advisories
    Critical Infrastructure Security and Resilience
    Election Security
    Emergency Communications
    Industrial Control Systems
    Information and Communications Technology Supply Chain Security
    Partnerships and Collaboration
    Physical Security
    Risk Management
    How can we help?
    GovernmentEducational InstitutionsIndustryState, Local, Tribal, and TerritorialIndividuals and FamiliesSmall and Medium BusinessesFind Help LocallyFaith-Based CommunityExecutives
  • Spotlight
  • Resources & Tools
    All Resources & Tools
    Services
    Programs
    Resources
    Training
    Groups
  • News & Events
    News
    Events
    Cybersecurity Alerts & Advisories
    Directives
    Request a CISA Speaker
    Congressional Testimony
  • Careers
    Benefits & Perks
    HireVue Applicant Reasonable Accommodations Process
    Hiring
    Resume & Application Tips
    Students & Recent Graduates
    Veteran and Military Spouses
    Work @ CISA
  • About
    Culture
    Divisions & Offices
    Regions
    Leadership
    Doing Business with CISA
    Site Links
    Reporting Employee and Contractor Misconduct
    CISA GitHub
    Contact Us
Report a Cyber Issue
America's Cyber Defense Agency
Breadcrumb
  1. Home
  2. Resources & Tools
  3. Programs
Share:

Resources & Tools

  • All Resources & Tools
  • Services
  • Programs
  • Resources
  • Training
  • Groups

Trusted Internet Connections (TIC)

Related topics:
Cybersecurity Best Practices

Since 2007, the Trusted Internet Connections (TIC) initiative has redefined federal cybersecurity by consolidating network connections and enhancing visibility and security measures throughout the federal network. In accordance with the Office of Management and Budget (OMB) Memorandum (M) 19-26: "Update to the TIC Initiative," TIC 3.0 expands on the original initiative by leveraging modern security practices and technology to secure a wide range of agency network architectures. Compared to previous iterations of the TIC program, TIC 3.0 is highly iterative, meaning the guidance continually reflects modern processes and technological innovations as they become available. TIC 3.0 recognizes shifts in modern cybersecurity and assists agencies in adoption, while recognizing their challenges and constraints in modernizing IT infrastructure.

New Releases as of April 17, 2023!

Trusted Internet Connections (TIC) 3.0 Core Guidance Documents

TIC Guidance Documents

OMB M-19-26 tasks the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) with modernizing the TIC initiative to help accelerate the adoption of cloud, mobile, and other emerging technologies. To further this effort, CISA has released guidance to assist federal civilian agencies in their transition to contemporary architectures and services.

The updated TIC guidance provides agencies with the flexibility to secure distinctive computing scenarios in accordance with their unique risk tolerance levels. Agencies are expected to reference the initiative’s Program Guidebook, Reference Architecture, and Security Capabilities Catalog to determine how to protect their environments to conform with their risk management strategy and the security considerations outlined in TIC use cases.

The TIC 3.0 Cloud Use Case is the final document of the “initial Common TIC Use Cases” outlined in the OMB M-19-26. The TIC use cases posted to this site are not an exhaustive representation of all the scenarios agencies may wish to consider when securing their environments. Agencies are encouraged to combine uses cases, as appropriate, to suit their needs.

Links directly to pdf versions of the TIC guidance can be found at the bottom of the page: Trusted Internet Connections (TIC) 3.0 Core Guidance Documents, under Resource Materials.

TIC Use Cases

The modernized initiative, M-19-26, no longer requires agencies to route traffic through TIC access points if they have a TIC alternative. The purpose of TIC use cases is to provide agencies with guiderails for implementing TIC 3.0 in scenarios that do not necessarily require the use of a TIC access point. The use cases supplement the guidance detailed in the Reference Architecture.

TIC use cases provide guidance on the secure implementation and configuration of specific platforms, services, and environments. The guidance is derived from TIC pilots and best practices from the public and private sector. Each use case identifies security architectures, data flows, and environments applicable in a given scenario and describes the implementation of relevant TIC security capabilities. TIC use cases articulate:

  • Network scenarios for TIC implementation,
  • Security patterns commonly used within the federal civilian enterprise, and
  • Technology-agnostic methods for securing current and emerging network models.

TIC use cases are designed to be general architectures for securing specific scenarios that agencies can use as a framework to build their own use cases custom to their mission needs and risk tolerances.

Agencies must understand the inherent risks in implementing scenarios that do not leverage TIC access points. Agencies must leverage the use cases, in coordination with guidance from their senior officials accountable for risk management, to implement compensating controls that fortify their network and cloud environments. Additional information on use cases can be found in the Use Case Handbook.

The TIC Cloud Use Case is the final use case that satisfies M-19-26 requirements.

TIC Use Cases and Security Capabilities Catalog agencies can refer to are listed below. The latest updates were made April 17, 2023, to Security Capabilities Catalog, Branch Office Use Case, Remote User Use Case, Cloud Use Case, and the Response to Comments on Cloud Use Case.

  • Traditional TIC Use Case – Describes the architecture and security capabilities guidance for the conventional TIC implementation.
  • Branch Office Use Case – Describes the architecture and security capabilities guidance for branch offices.
  • Remote User Use Case – Describes the architecture and security capabilities guidance for remote users.
  • Cloud Use Case – Describes the architecture and security considerations for deploying different cloud services. 
  • Security Capabilities Catalog – Indexes security capabilities relevant to TIC.

TIC & National Cybersecurity Protection System

As outlined in the TIC 3.0 Program Guidebook, TIC and the National Cybersecurity Protection System (NCPS) initiatives will continue to support and complement each other in accordance with the Federal Cybersecurity Act of 2015. However, CISA will provide independent guidance for each of the respective programs.

NCPS is supporting the TIC modernization efforts via the release of its Cloud Interface Reference Architecture (NCIRA). NCIRA is being released as two individual volumes. NCIRA Volume One (pdf, 4.06MB) provides an overview of changes to NCPS that accommodate collection of relevant data from agencies’ cloud environments and provides general reporting patterns for sending cloud telemetry to CISA. NCIRA Volume Two (pdf, 3.61MB) (currently in draft) builds on the concepts presented in NCIRA Volume One and provides an index of common cloud telemetry reporting patterns and characteristics for how agencies can send cloud-specific data to NCPS. Individual cloud service providers can refer to the reporting patterns in this volume to offer guidance on their solutions that allow agencies to send cloud telemetry to CISA in fulfillment of NCPS requirements.

As agencies architect their networks to adopt the TIC 3.0 use cases, agencies are required to engage with the NCPS Program to determine the appropriate telemetry that is being shared with CISA. Please visit CISA's NCPS page for more information.

Trusted Internet Connections (TIC) Guidance Repository

Trusted Internet Connections (TIC) 3.0 core guidance documents are intended to be used collectively in order to achieve the goals of the program. 

Complementary Implementation Guidance

In addition to the core guidance documents, CISA has developed and released complementary guidance to address exigent needs or support agencies during TIC 3.0 implementation.

IPv6 Considerations for TIC 3.0

CISA’s "IPv6 Considerations for TIC 3.0" supports federal agencies as they implement Internet Protocol version 6 (IPv6) network protocol, in accordance with OMB Memorandum (M) 21-07: "Completing the Transition to Internet Protocol Version 6." 

Capacity Enhancement Guide for Remote Vulnerability and Patch Management

In support of the TIC 3.0 Interim Telework Guidance released in April 2020, CISA released a Capacity Enhancement Guide (CEG) for Remote Vulnerability and Patch Management.

Zero Trust Maturity Model

TIC 3.0 provides agencies with flexibility to adopt modern security concepts, like zero trust architecture (ZTA). ZTA is defined by seven tenets (outlined in NIST SP 800-207.

Cloud Security Technical Reference Architecture

The Cloud Security Technical Reference Architecture (TRA) is to illustrate recommended approaches to cloud migration and data protection.

FAQ, Training, and Additional Resources

TIC FAQs

To aid agencies in implementing the guidance, CISA maintains a list of frequently asked questions for reference. 

Trusted Internet Connections (TIC) Guidance Release Schedule

CISA will continue to produce and update the guidance through collaboration with agencies and vendors to maintain relevancy.

Cloud Security Technical Reference Architecture (TRA)

The Cloud Security Technical Reference Architecture (TRA) is to illustrate recommended approaches to cloud migration and data protection.

Contact

For questions concerning the TIC Program, please contact: tic@cisa.dhs.gov

Sean Connelly, Trusted Internet Connections Program Manager

Tags

Topics
Cybersecurity Best Practices
Return to top
  • Topics
  • Spotlight
  • Resources & Tools
  • News & Events
  • Careers
  • About
Cybersecurity & Infrastructure Security Agency
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS
CISA Central 888-282-0870 Central@cisa.dhs.gov
DHS Seal
CISA.gov
An official website of the U.S. Department of Homeland Security
  • About CISA
  • Accessibility
  • Budget and Performance
  • DHS.gov
  • FOIA Requests
  • No FEAR Act
  • Office of Inspector General
  • Privacy Policy
  • Subscribe
  • The White House
  • USA.gov
  • Website Feedback