- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
While the vast majority of networks today are based on the IPv4 protocol, the U.S. government is mandating that defense and civilian agencies are ready to accept IPv6-based traffic as well by June 2008. Those guiding the effort know the transition won’t be easy, especially given the lack of IPv6-based security products.
“Unfortunately, we’re set to be the guinea pig,” says Sheila Frankel, senior computer scientist at the National Institute of Standards and Technology (NIST). “Business will seriously be watching the government experience.” Frankel is co-author of “A Profile for IPv6 in the U.S. Government – Version 1.0,” a NIST document that draws attention to the lack of IPv6-based security products, including firewalls, intrusion-detection systems and vulnerability-assessment tools on the market today.
With its charter to set standards for nonclassified systems, NIST expects its role will be to set up a conformance-testing regime where independent accredited labs would review network-infrastructure equipment, such as routers and switches for IPv6 support. NIST also wants to set specific requirements for IPv6-based security equipment.
|
||||||||||||||||||||||||||||||
By this summer, says Frankel, NIST will issue for public comment a document titled “Secure Transition to IPv6.” The NIST document would be intended to offer guidance to agencies about making the transition into what will be a new world where IPv4 and IPv6 must coexist. It will be a world of dual-stack protocols, IPv4-to-IPv6 and IPv6-to-IPv4 tunneling. “For the civilian agencies, we have to express this coexistence,” Frankel says. “Each carries a burden in terms of processing and security, and there are pros and cons of each approach.”
Rss FeedRss Feed
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (2)
IPv6 Development SupportBy davegreen on May 12, 2008, 10:23 pmOur company helps enterprises and agencies acquire IPv6 technology, and IT product and software vendors transition their products to IPv6. We find that its often...
Reply | Read entire comment
More on IPv6 securityBy Anonymous on March 29, 2007, 1:14 pmThank you for the article on the status of IPv6 security products. I also wish to bring to your attention Cetacea Network's OrcaFlow traffic anomaly detection technology....
Reply | Read entire comment
View all comments