Enterasys Networks' intrusion prevention system (IPS) now supports IPv6, meeting the federal procurement mandate that went into effect this year and future-proofing business customers that will eventually adopt the expanded network addressing protocol. "The federal government mandates Ipv6 support; they're not using it, but everything they buy has to have it," says Charles Kolodgy, IDC research VP for secure products. "You need that check box if you want to sell to the government, especially [Department of Defense]."
In fact, none of Enterasys' customers have implemented IPv6 yet, says Michelle Araujo, director of product management.
IPv6 is being introduced to meet the dwindling number of addresses available with IPv4. The protocol also includes enhanced security via IPSec and mobile routing support. The federal government mandates that all networking infrastructure procurements must be in compliance with the requirements of the rigorous National Institute of Standards and Technology (NIST) USGv6 Test Program.
For the rest of us, "we're going to get there, we're going to have to, as the address space runs out," says IDC's Kolodgy. He adds that this will be especially true as the use of mobile devices increases, "if each has an IP instead of hopping." However, prospective customers should look at all aspects of Enterasys IPS and other products in its security portfolio, rather than focus on IPv6 support.
Enterasys IPS can be deployed in-line, typical of most IPS products, but Enterasys also offers what it calls Distributed IPS, which leverages Enterasys intrusion detection system (IDS) sensor detection around the network and enforces response action, such as removing the attacker's network access, through switches and other network infrastructure to block intrusions.