This tip is a part of the SearchSecurity.com mini learning guide, IPv6 tutorial: Understanding IPv6 security issues,...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
In a nutshell, what is involved with the transition from IPv4 to IPv6? Would it improve network security in my organization?
IPv6 was finalized in 1996, and every major supplier of network hardware and operating systems supports the updated protocol. Very, very few organizations currently run IPv6, however, and I don't know many that have immediate plans to make the switch. This alone should tell you something: there's a good reason people aren't making the move.
IPv6 was supposed to provide enhanced security by including IPsec as a standard feature. However, this hasn't proven enough of an incentive, as organizations typically deploy add-on IPsec solutions on their IPv4 networks to avoid the hassle of migrating to IPv6.
IPv6 offers few real benefits to organizations, and the protocol version can introduce significant headaches. The driving force behind IPv6 development was the impending depletion of available IPv4 addresses. Trends, however, have changed, and most organizations no longer require large pools of public IP addresses. Enterprises are instead using RFC 1918 private addressing in conjunction with Network Address Translation (NAT).
It's also important to note that deploying IPv6 may require you to upgrade network hardware and/or software, especially if you have older components on your network. Routers, firewalls, VPNs and other devices introduced prior to IPv6 won't support the protocol without (at least) a software upgrade.
So, unless you have nothing better to do with your time, I'd suggest putting IPv6 on the back burner and focusing your attention on more pressing security issues.
Dig Deeper on Network Protocols and Security
Related Q&A from Mike Chapple
Encrypting data going to the cloud is a security best practice, but does it add extra challenges for regulators that might need to access the data? ...continue reading
Merchants that sell at off-site venues need to take extra care to follow PCI compliance standards. Expert Mike Chapple discusses how organizations ...continue reading
The FTC's order for PCI DSS compliance assessments is odd since PCI isn't a government regulation. Expert Mike Chapple explains the motivation ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.