IPv6 implementation security advice from Check Point's Robert HindenDate: Apr 08, 2013
SAN FRANCISCO -- With Robert Hinden on staff, it's fair to say Check Point Software Technologies is in good hands with its IPv6 network implementation.
Hinden, a Check Point Fellow and co-inventor of IPv6, is currently lending his expertise to Check Point's internal IPv6 rollout. Regardless of the gravitas he brings to the project, Hinden said -- like most network security practitioners -- Check Point's team quickly realized IPv6 isn't so different from IPv4.
More on IPv6 security
For the definitive enterprise resource on IPv6 security, check out SearchSecurity's IPv6 security tutorial: Understanding IPv6 security issues, threats and defenses.
"At the beginning, it was a big hurdle, but as they sort of realized, it was in some ways very similar to IPv4, so most of what they knew applied," Hinden said. "It wasn't this new scary thing; it was just a little different."
However, IPv6 is not without risk. In this video, recorded at the 2013 RSA Conference, Hinden discusses the IPv6 security implications for enterprises, particularly with key areas of concern like IPv4-to-IPv6 transition mechanisms, IPv6 host-scanning attacks and the use of IPv6 as a covert channel for malware. He also shares one critical piece of advice to keep in mind when working with network security vendors during an enterprise IPv6 transition.