Hours for live chat and calls:
Sun 8 p.m. - Fri 8:30 p.m. CST
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Trusted Internet Connections (TIC) is a federal cybersecurity initiative intended to enhance network and data security across the Federal Government. The Office of Management and Budget (OMB), the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA), and the General Services Administration (GSA) oversee the TIC initiative through a robust program that sets guidance and an execution framework for agencies to implement a baseline boundary security standard. Originally established in 2008, the initial versions of the TIC Initiative sought to consolidate federal networks and standardize perimeter security for the federal enterprise.
On September 12, 2019, OMB released M-19-26 with the goal of "Updating the Trusted Internet Connections (TIC Initiative)". M-19-26 provided an enhanced approach for implementing the TIC initiative that enabled agencies with the increased flexibility to leverage modern security capabilities, while also establishing a process for ensuring the TIC Initiative is agile and responsive to advancements in technology and rapidly evolving threats. CISA branded this evolution of the program as TIC 3.0 and has since developed Core Program and Use Case Guidance to support and navigate the program's paradigm shift. The TIC 3.0 program updates have modernized and expanded the original version of the initiative to drive security capabilities to better leverage advances in technology as agencies decentralize their network perimeters or system boundaries to better support the remote workforce and the continued adoption of cloud service provider environments.
GSA Managed Trusted Internet Protocol Service (MTIPS) is an orderable solution for the CISA TIC 3.0 Traditional TIC Use Case [PDF] modeled after the perimeter-based internet security paradigm. MTIPS is offered as a managed security service through the GSA Enterprise Infrastructure Solutions (EIS) contract.
Agencies may leverage MTIPS along with other EIS managed or cloud services to adhere to CISA's TIC 3.0 guidance.
GSA and DHS jointly developed the requirements for the MTIPS Trusted Internet Connection Access Provider (TICAP) service. The high-level working parts include:
The MTIPS SOC monitors all information exchanged with external networks to protect agency traffic. The MTIPS transport serves as a group network for the TIC portal, insulating an agency's internal network from the Internet an other external networks.
Each MTIPS partner solution undergoes the Assessment and Authorization (A&A) process and is issued an ATO from the GSA at the FISMA High Level. The MTIPS contractor is required to identify and route government traffic through a secure CISA EINSTEIN Enclave for processing by the latest generation of EINSTEIN capabilities.
The MTIPS industry partner provides and supports two (2) components associated with the MTIPS service:
Due to the physical implementation nature of the Tradition TIC use case, prescribed EIS CLINs for ports and access methods as well as additional features are defined in EIS for MTIPS.
GSA has contract and schedule solutions to deliver on agency requirements for the Branch Office, Remote User, Cloud and other TIC 3.0 Use Cases.
Solutions for these TIC use cases are available from the Enterprise Infrastructure Solutions (EIS) contract using one or more of the following services:
For agency-specific TIC customized solutions and/or when additional related network security services are required agencies may leverage the EIS Managed Security Service (MSS) Trusted Internet Connections Service (TICS). MSS TICS may be leveraged to supplement capability gaps between TIC 2.2 services like MTIPS or other Traditional TIC access points and the TIC 3.0 security capabilities. MSS TICS may also be leveraged in combination with other EIS services as needed to address other TIC and cybersecurity requirements an agency may have.