Internet protocol version 6 (IPv6) is coming, as we've reported in this series on some of the issues network operators have to deal with in the near future. Two issues that require more than just checking boxes on a to-do list concern compliance and security. However, making sure the IPv6 network is as compliant and secure as the existing IPv4 network can be accomplished with the proper planning.
In the first of this three-part series on the IPv6 transition, Network Computing looked at how some enterprises need to pay more attention to IPv6 than others and part two covered how to operate an IPv4 and an IPv6 network simultaneously in what experts call a "dual stack" mode. We wrap up the series here with a few tips on how to make sure the IPv6 network is as secure and well managed as the one it is replacing.
The transition from IPv4 to IPv6 is required because the world is running out of IPv4 addresses due to the proliferation of Internet-connected devices. It started with computers and servers and expanded to virtual servers, home game consoles, appliances, myriad monitoring devices, and, soon, automobiles.
The mere 4 billion IP addresses under IPv4 will expand to "trillions and trillions" of potential addresses under the IPv6 standards, said Leslie Daigle, chief Internet technology officer for the Internet Society (ISOC), a global nonprofit organization promoting IPv6. Mark June 6 on the calendar for IPv6 Day 2012, a date on which several household name Web properties are expected to be IPv6 ready.
How individual sites and networks become compliant depends on how much IPv6 impacts them and how much planning they do. Security compliance may actually be relatively easy because it is so deeply embedded in IPv6, advises Jon Oltsik, an analyst with Enterprise Strategies Group.
The Internet Protocol Security (IPsec) standard is baked into IPv6 rather than bolted on, as it is with IPv4, he says. That can be reassuring, but there are still a few things to make sure to do before rolling out an IPv6 network.
Find out how to create and implement a security program that will defend against malicious and inadvertent internal incidents and satisfy government and industry mandates in our Compliance From The Inside Out report. (Free registration required.)