The U.S. government wants civilian and defense agencies to adapt their networks by mid-2008 to support IPv6-based traffic, but the lack of security products to support this transition is causing problems.

The National Institute of Standards and Technology (NIST), the Gaithersburg, Md.-based agency that sets information technology standards, is circulating a draft report that sounds the alarm over the absence of IPv6-based commercial security products in the market, including firewalls, intrusion-detection/prevention systems (IDS/IPS), and other kinds of security gear.

The NIST Special Publication 500-267, “A Profile for IPv6 in the U.S. Government – Version 1.0” indicates NIST wants to take the lead in setting security requirements for IPv6 and require conformance testing for IPv6-based infrastructure, such as routers, and security network devices.

“Additional efforts are required to ‘raise the bar’ in these areas to ensure the safety of IPv6 deployments and in operational Federal IT systems,” NIST states.

The IPv6 protocol is over a decade old, and while applauded for benefits such as easier administration, tighter security and an enhanced addressing scheme over IPv4, experts say what’s lacking is the constellation of security gear that protects IPv4 networks.

There’s no way to know exactly how much IPv6-based networking there is in the world, but it’s fair to say it’s still new, says Jim Bound, chair of the North American IPv6 Task Force, a volunteer organization that promotes IPv6. The U.S. government is making the most visible effort on IPv6 to date, but “hasn’t spent a lot of money yet,” says Bound, who supports the idea of NIST evaluating IPv6 security and infrastructure gear if it can be done efficiently.