The adoption of IPv6, the replacement Internet addressing standard, could spell trouble for enterprise security,...
said Tom Patterson, author of the forthcoming book, Mapping Security.
"I think IPv6 is going to be the single most disruptive factor we've seen in the Internet security industry," Patterson predicted.
The 128-bit IPv6, developed in the '90s to avoid an IP address shortage, has several security improvements over its 32-bit predecessor, including authenticated headers to prevent spoofing and payload encapsulation for end-to-end encryption.
Further, while it would take a worm 10 hours to scan IPv4's 4.4 billion addresses, IPv6 has almost an infinite number of addresses, which would take nearly 2 billion years to scan.
Asian countries are embracing IPv6, but American and European enterprises, particularly security vendors, have been slow to pick it up because network address translation has effectively alleviated the address shortage.
The problem, as Patterson sees it, is that most security products were built for IPv4. Firewalls, antivirus scanners, IDS and other solutions won't be as effective, if they work at all, in IPv6 environments. In some cases, conventional security devices will break connectivity with IPv6 sources, since they won't recognize traffic.
"Every new piece of major code has been successfully dissected and compromised in some way during the history of the Internet," Patterson explains. "I expect this trend to continue, despite many security features added into IPv6."
Patterson also anticipates that malware creators will advance their methods of targeting systems. The AV community in general, however, remains fixated on IPv4.
Innovation in IPv6 security products, Patterson said, needs to start now, so the security community isn't playing catch-up with the black hats.
"This is the first of the major Internet innovations driven from Asia, not America," Patterson explained. "And that's going to catch some people flat-footed."
Note: This article originally appeared in the September issue of Information Security magazine. Subscribe to Information Security magazine.