Page 1 of 3
The move to IPv6 will end shortage of IP addresses, starting on IPv6 Launch Day, but security issues remain
Wednesday is World IPv6 Launch Day, the deadline for major service providers to cut-over to the new IP protocol, which could potentially help to lure the rest of the world to move in that same direction.
In some respects, the deadline is seen as a non-event since many of the organizations required to cut over to v6 have done so long ago.
[Related: IPv6 And Security: The Threat From Version 4]
From a security standpoint, the industry’s move towards two versions of the Internet Protocol will introduce an additional layer of complexity. And, where there is complexity, therein lies an additional level of vulnerability. The degree to which IPv6 will foster new security threats depends upon whom you ask.
“I personally think the security issues around IPv6 are more mundane than technical and have more to do with the fact that people running local networks are not as accustomed IPv6,” said Cricket Liu, vice president, architecture and technology at Infoblox. “They're probably going to make some accidental errors in set-up and configuration around routers and firewalls, and things like that.”
The Wednesday deadline applies to large service providers and not enterprise networks, which are far more likely to continue to run Version 4 for the foreseeable future. But, Liu says many networks have IPv6 running in part and oftentimes without the knowledge of network managers or channel partners with whom they work. This is often caused by the introduction of new devices that have IPv6 active by default setting.
“Partners need to be aware that IPv6 is already here and running internally on their customers’ networks,” said Liu. “Tools that help them to discover ways in which IPv6 is already operating on the network are an important thing for them to have. They also need to understand the differences in the functional capabilities of the gear that they sell. IDS and IPs’ capabilities are pretty limited over IPv6. But, I think firewalls are getting better.”