Networking

02:50 PM
Connect Directly
LinkedIn
RSS
E-Mail
50%
50%

Will IPv6 Make Us Unsafe?

IT pros who see NAT as essential to network security are worried about a wide-open, any-to-any connection model. Should they be?

We see security as a major stumbling block in enterprise migrations from IPv4 to IPv6. For starters, the code is mostly untested, and too few of our current network security products support IPv6, something the black hat community is banking on. And there's widespread confusion--the idea that some characteristics of IPv6 make it intrinsically more secure than IPv4 is, sadly, just plain false, and information security teams are largely in the dark on how to help their companies safely transition.

Consider the "NAT-bashing" slide, a fixture in IPv6 presentations. Presenters gleefully list all the reasons Network Address Translation is evil, and explain how an abundance of IPv6 addresses will finally let us eliminate what was always supposed to be a temporary address-conservation kludge and get back to a true peer-to-peer Internet. High-fives ensue.

Except, IT security professionals don't share the enthusiasm. Let's face it, IPv6 idealists can wave their fists at NAT all they want, but there are legitimate concerns about losing the ability to shield internal address schemes.

No wonder, then, that among the sessions InformationWeek Analytics presented at the recent Interop conference, by far the most popular was our program on IPv6 with a focus on security. A quick show of hands revealed that most attendees are still in the planning stages of their deployments, par for the course among companies we work with. The good news is that they can take advantage of the lessons learned by telecom carriers and ISPs, which tend to be well along the road to IPv6. And while many conventional enterprise security systems will need to change to work in a v6 network, the upgrade also provides opportunities for improvement--possibly even an outright reimagining of your security strategy.

A prime opportunity to see how all this works in real life is World IPv6 Day, set for June 8. This is a milestone in the transition from IPv4 to IPv6, when companies including Akamai, Facebook, Google, and Yahoo will offer their content over IPv6 for 24 hours. The event will provide valuable data on connectivity, ranging from simple system misbehavior to the amount of user traffic that will switch to IPv6 when content is available over the 128-bit version of IP. We're also fielding our first InformationWeek Analytics IPv6 Survey now through June 13, to see where our readers are on the migration curve. We'll share our results in an upcoming report.

Deploying IPv6: Gateway To the Next-Gen Internet

Become an InformationWeek Analytics subscriber and get our full report on IPv6 security.

This report includes 15 pages of action-oriented analysis including:
  • What attackers are looking for in IPv6 networks
  • More on the seven critical features in IPv6that affect your secrity stance
  • Key ways to mitigate your operational risk
Get This And All Our Reports


Previous
1 of 4
Next
Comment  | 
Print  | 
More Insights
Hot Topics
5
12 Hot Programming Languages To Learn
Ericka Chickowski, Contributing Writer, Dark Reading,  7/8/2014
4
Understanding IPv6: The Journey Begins
Denise Fishburne, Cisco Champion,  7/7/2014
1
Randy Bias Helps You Harness The Cloud
Susan Fogarty, Editor in Chief,  7/8/2014
White Papers
Register for Network Computing Newsletters
Cartoon
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Slideshows
Twitter Feed