Common Infrastructure Questions we get from clients

Do you support DNSSEC?

For domains owned by 18F that speak HTTP, 18F follows the requirements of OMB M-15-13, including HTTP Strict Transport Security and the recommended additional step of HSTS preloading.

For information on how HTTPS and HSTS compensate for an absence of DNSSEC for HTTP-based services, see:

Customer applications hosted on cloud.gov that use domains owned by customers outside 18F (such as partner agency subdomains) can implement DNSSEC. See cloud.gov’s DNSSEC information for details.

Do you support IPv6?

Yes! More information.

Do you allow “Direct Connections”?

18F does not support direct connections, either via fiber or VPN, into the cloud.gov environment. If systems launched on cloud.gov either require initial data from an internal customer system, or ongoing communications with internal customer systems that are unavailable over the public internet, we recommend working with 18F Infrastructure to devise alternatives.

Where can I get compliance information about cloud.gov?

More info about cloud.gov’s

  • FedRAMP package
  • System Security Plan
  • Control Implementation Summary
  • Customer Responsibility Matrix

can be found on cloud.gov’s FedRAMP page.