- Fotolia

Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

What are the security implications of multipath TCP?

Multipath TCP could soon bring improved redundancy and uptime to a network near you, but what does it mean for network security? Expert Kevin Beaver explains.

A Black Hat presentation last year discussed multipath TCP. Will this be a protocol enterprises will have to deal...

with and, if so, what are the implications we need to worry about?

Multipath TCP -- a.k.a. TCP Extensions for Multipath Operation with Multiple Addresses -- is a protocol that's attempting to extend the functionality and resiliency of the Transmission Control Protocol (TCP), which has been around for nearly four decades.

In traditional TCP-based communications, each peer or endpoint communicates directly with the other over a known path. The multipath concept has been around for years in the form of routing. What makes multipath TCP different is the data from a single TCP connection can be spread across multiple interfaces and routes before it gets to its destination.

Multipath TCP is great for redundancy and uptime, but what does it mean for security? Quite a bit.

This new set of extensions of TCP means the traditional visibility we've had into network communication sessions is vanishing. Not all -- but many -- of the benefits provided by NetFlow, security information and event management, data loss prevention, intrusion prevention systems and even general network analysis for troubleshooting and system monitoring will effectively be gone.

Theoretically, with multipath TCP your network will be faster and more resilient, but that means malware infections, external hack attacks and internal data breaches may go unnoticed even more than they do now because of reduced network visibility.

Support for multipath TCP may end up appearing in network infrastructure devices and interface cards in your environment at any time -- and it will quite possibly end up working against your network security initiatives. Therefore, it's certainly something you'll want to keep your eyes on.

Ask the Expert!
Want to ask Kevin Beaver a question about network security? Submit your question now via email! (All questions are anonymous.)

Next Steps

Learn more about the Transmission Control Protocol, its security risks and recommended security measures.

This was last published in January 2015

Dig Deeper on IPv6 security and network protocols security