Assuring the Security of IPv6

Though Architected for Security, Safeguards Must Be Addressed

By , April 2, 2012.
Assuring the Security of IPv6
Read Transcript

IPv6, known to some as the new Internet, is architected to be safer than IPv4, but that doesn't mean organizations shouldn't take steps to assure the security in Internet Protocol version 6, American Registry for Internet Numbers' John Curran says.

IPv6, or Internet Protocol version 6, is the protocol that will be used to route traffic on the Internet, eventually replacing IPv4 that has been managing Internet traffic for more than 20 years.

Unlike IPv4, IPv6 has been architected with security in mind, though the older protocol has had 20-plus years to identify and fix security issues. "While IPv6, theoretically, will provide us a long-term, more secure environment, short term people have to realize IPv6 is subject to potentially having things discovered in it," Curran, chief executive officer at ARIN, says in an interview with Information Security Media Group.

Curran says he's aware of a few instances when vendors shipped IPv6 code that didn't properly check security options, but generally that has not been a problem. Still, security problems can occur.

"It's possible, that everything is working exactly as designed, but your firewall hasn't been configured for IPv6," Curran says. "It's not so much a security bug as much as you're turning on something new, you have to make sure you take the effort to secure it by setting up an appropriate firewall configuration. Otherwise, you may find that you're passing up all of the appropriate IPv4 traffic but the same traffic when it arrives on IPv6 is given a free pass into your network."

In the interview, Curran:

  • Explains why the Internet using IPv4 is quickly running out of addresses and how IPv6 will resolve that problem.
  • Discusses the responsibilities of user organizations' and Internet service providers' responsibilities to assure the safety of firewalls and other security measures tied to IPv6.
  • Reviews steps organizations should take to securely implement IPv6.

Curran, who founded ARIN in 1997, ran several early Internet companies including BBN Planet, XO Communications and Servervault. He has authored the paper An Internet Transition Plan, which calls for moving the global Internet from its existing IPv4 protocol the newer IPv6 protocol. He also wrote Market Viability as a IPng Criteria, which summarizes some of the challenges IPv6 will have competing against IPv4 and the inevitable arrival of network address translation devices.

Follow Eric Chabrow on Twitter: @GovInfoSecurity

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE LastPass Sounds Breach Alert

Warning to LastPass users: Change your master password and ensure you're using multi-factor...

Latest Tweets and Mentions

ARTICLE LastPass Sounds Breach Alert

Warning to LastPass users: Change your master password and ensure you're using multi-factor...

The ISMG Network