This tip is a part of the SearchSecurity.com mini learning guide, IPv6 tutorial: Understanding IPv6 security issues, threats, defenses.
In a nutshell, what is involved with the transition from IPv4 to IPv6? Would it improve network security in my organization?
IPv6 was finalized in 1996, and every major supplier of network hardware and operating systems supports the updated protocol. Very, very few organizations currently run IPv6, however, and I don't know many that have immediate plans to make the switch. This alone should tell you something: there's a good reason people aren't making the move.
IPv6 was supposed to provide enhanced security by including IPsec as a standard feature. However, this hasn't proven enough of an incentive, as organizations typically deploy add-on IPsec solutions on their IPv4 networks to avoid the hassle of migrating to IPv6.
IPv6 offers few real benefits to organizations, and the protocol version can introduce significant headaches. The driving force behind IPv6 development was the impending depletion of available IPv4 addresses. Trends, however, have changed, and most organizations no longer require large pools of public IP addresses. Enterprises are instead using RFC 1918 private addressing in conjunction with Network Address Translation (NAT).
It's also important to note that deploying IPv6 may require you to upgrade network hardware and/or software, especially if you have older components on your network. Routers, firewalls, VPNs and other devices introduced prior to IPv6 won't support the protocol without (at least) a software upgrade.
So, unless you have nothing better to do with your time, I'd suggest putting IPv6 on the back burner and focusing your attention on more pressing security issues.
This was first published in April 2007