What are the security issues of IPv6? With World IPv6 Launch now underway, what should security practitioners care about?
The Australian edition of SC Magazine ran a piece last Friday called “IPv6 co-founder talks protocol security” where Robert Hinden lays out some of the main issues security professionals need to be concerned about, including:
- Unauthorized IPv6 tunnels can provide hidden gateways in and out of a network;
- Security devices may not have IPv6 turned on and are therefore not monitoring/scanning any IPv6 traffic;
- Operating systems may have IPv6 enabled by default and without IT’s knowledge; and
- These IPv6 tunnels may completely bypass firewalls, intrusion prevention systems, etc.
The article recommends – but unfortunately doesn’t link to – the excellent guidelines from NIST about how to securely deploy IPv6.
We definitely agree with the thrust of the article – security professionals definitely do need to understand the basics of IPv6 because the reality is that IPv6 will be on most networks purely through operating system defaults. Plus, as World IPv6 Launch has shown, more and more networks are starting to move to IPv6. The time to learn how to securely implement IPv6 is now!