Ipv6 Security Issues
IPv6 Security Issues
Internet Protocol v6 (IPv6) is replacing Internet Protocol v4 (IPv4). The need for IPv6 has risen to the forefront due to the depletion of IPv4 addresses. Security concerns and issues have slowed the adoption of the new protocol. Trade information is readily available for IPv6. A simple web search on the topic will lead you to trade magazine articles, books, white paper and even the government agency recommendations. The marketplace is brimming with “solutions” to IPv6 security issues, but industry experts warn against implementing the ‘software solution’ in lieu of advanced investigation and planning (Ashford, 2011; Gont, 2012; Goodin, 2010).
Background/History
Global standards for IPv6 were adopted in 1995 by the Institute of Electrical and Electronic Engineers (IEEE) group. In 2004 Virginia Tech, one of the early adopters, began the “Turn it on and fix whatever breaks” approach, by 2010 Virginia Tech deployed IPv6 to its primary core backbone and removed the network safety net that had been running parallel to IPv6 during rollout (Marchany, 2011). In September of 2010, all U.S. Government agencies were required by the Obama Administration to renovate all public-facing websites & services to support (by default) IPv6 to be completed no later than September 30, 2012 (AT&T, 2012). Did the U.S. Government meet their deadline and complete the implementations? Steven J. Vaughan-Nichols, Contributing Editor of ZDNet explains that our government barely scored at 20% compliance (Vaughan-Nichols, 2012). The bar chart below graphically illustrates the statistics and supports Nichols’ assertion that if we were handing out letter grades, the U.S. Government failed. The “Completed IPv6 Enabled Domains on 2012.10.01” chart depicts fully integrated IPv6 environments in green, partial implementations in yellow and red portions denote integrations that have not even begun (Vaughan-Nichols, 2012). The IPv6 security model was created in 1995, a far cry
Internet Protocol v6 (IPv6) is replacing Internet Protocol v4 (IPv4). The need for IPv6 has risen to the forefront due to the depletion of IPv4 addresses. Security concerns and issues have slowed the adoption of the new protocol. Trade information is readily available for IPv6. A simple web search on the topic will lead you to trade magazine articles, books, white paper and even the government agency recommendations. The marketplace is brimming with “solutions” to IPv6 security issues, but industry experts warn against implementing the ‘software solution’ in lieu of advanced investigation and planning (Ashford, 2011; Gont, 2012; Goodin, 2010).
Background/History
Global standards for IPv6 were adopted in 1995 by the Institute of Electrical and Electronic Engineers (IEEE) group. In 2004 Virginia Tech, one of the early adopters, began the “Turn it on and fix whatever breaks” approach, by 2010 Virginia Tech deployed IPv6 to its primary core backbone and removed the network safety net that had been running parallel to IPv6 during rollout (Marchany, 2011). In September of 2010, all U.S. Government agencies were required by the Obama Administration to renovate all public-facing websites & services to support (by default) IPv6 to be completed no later than September 30, 2012 (AT&T, 2012). Did the U.S. Government meet their deadline and complete the implementations? Steven J. Vaughan-Nichols, Contributing Editor of ZDNet explains that our government barely scored at 20% compliance (Vaughan-Nichols, 2012). The bar chart below graphically illustrates the statistics and supports Nichols’ assertion that if we were handing out letter grades, the U.S. Government failed. The “Completed IPv6 Enabled Domains on 2012.10.01” chart depicts fully integrated IPv6 environments in green, partial implementations in yellow and red portions denote integrations that have not even begun (Vaughan-Nichols, 2012). The IPv6 security model was created in 1995, a far cry