Upcoming Events

Where the Cloud Touches Down: Simplifying Data Center Infrastructure Management

Thursday, July 25, 2013
10:00 AM PT/1:00 PM ET

In most data centers, DCIM rests on a shaky foundation of manual record keeping and scattered documentation. OpManager replaces data center documentation with a single repository for data, QRCodes for asset tracking, accurate 3D mapping of asset locations, and a configuration management database (CMDB). In this webcast, sponsored by ManageEngine, you will see how a real-world datacenter mapping stored in racktables gets imported into OpManager, which then provides a 3D visualization of where assets actually are. You'll also see how the QR Code generator helps you make the link between real assets and the monitoring world, and how the layered CMDB provides a single point of view for all your configuration data.

Register Now!

A Network Computing Webinar:
SDN First Steps

Thursday, August 8, 2013
11:00 AM PT / 2:00 PM ET

This webinar will help attendees understand the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging. It will also help users decide whether SDN makes sense in their environment, and outline the first steps IT can take for testing SDN technologies.

Register Now!

More Events »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

Vendor NewsFeed

More Vendor NewsFeed »

Shadow Networks an Unintended IPv6 Side Effect

As adoption of the IPv6 Internet protocol continues to gain traction, some network security monitoring businesses and industry analysts are starting to see a troubling phenomenon they call "shadow networks."

On a shadow network, data flows through new IPv6-enabled connections and onto the existing IPv4 network--but the IPv4 security in place is unable to identify that IPv6 traffic. All sorts of security perils can arise, as a result. Even though they're currently only theoretical, security experts worry it may not be long before hackers and the like figure out how to use shadow networks for nefarious purposes

More Insights

Webcasts

More >>

White Papers

More >>

Reports

More >>

Blue Coat Systems, in introducing its PacketShaper 9 network monitoring device this week, says that on shadow networks, employees can engage in prohibited file-sharing or view pornography, both of which carry network security risks. Also, cybercriminals can use these shadow networks to distribute malware.

Shadow networks are popping up as more IPv6 connectivity is appearing on networks where it’s not yet formally supported by IT organizations, Blue Coat says. They can also appear on networks in which the enterprise has just upgraded to Microsoft Windows 7 from XP because 7 is automatically IPv6-enabled. PacketShaper 9, however, adds support for IPv6 to monitor and screen that traffic.

But the vulnerability remains for those who haven’t addressed this problem. Or more specifically, address this potential problem. Blue Coat says it knows of no attacks made on IPv6 shadow networks. But Bob Laliberte, senior analyst at Enterprise Strategies Group, thinks it may be just a matter of time.

“I haven’t heard of any malicious attack in the IPv6 [realm] yet, but the key word there is ‘yet,’” he says. “I'm not saying that to be a pessimist, and I hope that it doesn’t happen, but it just seems inevitable when one of these opportunities that could be exploited exist, the hackers tend to find it and can get in there.”

Network administrators need to think through the deployment of more IPv6 equipment, Laliberte says, because if they do that and aren’t firewalling the ports through which they connect, they could have a potential shadow network issue.

Elsewhere in the WAN optimization market the people at Narus are aware of the IPv6 shadow network issue, but say it’s nothing new.

“The term shadow networks is relatively new, but previously it was just called covert channels,” says Travis Dawson, director of product management for Narus. “This is just another tunnel, and we detunnel it and look inside of it just like any other standard tunnel.”


Page:  1 | 2  | Next Page »


Related Reading


Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
 
Vendor Comparisons
Network Computing’s Vendor Comparisons provide extensive details on products and services, including downloadable feature matrices. Our categories include:

IPv6 Reports

Research and Reports

Network Computing: April 2013



TechWeb Careers