Common Infrastructure Questions we get from clients

Do you support DNSSEC?

For domains owned by TTS that speak HTTP, TTS follows the requirements of OMB M-15-13, including HTTP Strict Transport Security and the recommended additional step of HSTS preloading.

For information on how HTTPS and HSTS compensate for an absence of DNSSEC for HTTP-based services, see:

Customer applications hosted on that use domains owned by customers outside TTS (such as partner agency subdomains) can implement DNSSEC. See’s DNSSEC information for details.

Do you support IPv6?

Yes! More information.

Do you allow “Direct Connections”?

TTS does not support direct connections, either via fiber or VPN, into the environment. If systems launched on either require initial data from an internal customer system, or ongoing communications with internal customer systems that are unavailable over the public internet, we recommend working with TTS Infrastructure to devise alternatives.

Where can I get compliance information about

More info about’s

  • FedRAMP package
  • System Security Plan
  • Control Implementation Summary
  • Customer Responsibility Matrix

can be found on’s FedRAMP page.