The business advantages of IPv6 are many, including direct customer access to websites, faster end-user experiences with Internet applications, and the opportunity to gather data about visitors to applications as well as measure visitors\u2019 engagement and conversion.\nWithout NAT, IPv6 is faster than IPv4\nIf your organization offers a public website or internet or mobile applications, then it is likely that your site will function faster when using IPv6 vs IPv4. \u00a0That\u2019s in part because of the proliferation of network-address translation (NAT) by service providers for IPv4 Internet connectivity.\n\nCarriers lack sufficient public IPv4 addresses to provide unique addresses to all of their subscribers so they channel them through a massive NAT using a pool of public IPv4 addresses.\u00a0 IPv4 traffic that hits carrier networks typically goes through one or more NATs and is backhauled through centralized carrier-grade or large-scale NATs where customer connections compete for TCP\/UDP port space, connection limits, and bandwidth.\u00a0 All this NATing requires recomputing TCP and UDP header checksums which introduces delays in the delivery of packets.\nBy contrast, most mobile and broadband subscribers now have native IPv6 on their devices.\u00a0 The IPv6 packets don\u2019t pass through carrier NAT systems and instead go directly to the Internet. \u00a0The lack of NAT usage by IPv6 means that TCP and UDP header checksums do not need to be re-computed like with IPv4.\nEven though IPv6 packets have a larger header size and extension headers (more protocol overhead) they are hardware-accelerated just like IPv4. And for systems that support both IPv4 and IPv6, the Happy Eyeballs algorithm helps decide which protocol is working faster and selects it, helping to improve end-user experience.\nFacebook, LinkedIn, Google and others have published statistics showing that IPv6 is faster from their perspective.\nThe Asia-Pacific Network Information Centre (APNIC) is one of the five Regional Internet Registries and monitors the Round-Trip Time of IPv4 and IPv6 packets from locations around the world.\u00a0 Its results show that IPv6 has lower latency than IPv4 everywhere except for Asia.\nMake corporate internet response time faster\nJust as IPv6 can improve performance for customers coming to retail websites, it can do the same for enterprise users accessing the internet from corporate networks.\nMost host operating systems support both IPv4 and IPv6 by default, so if the enterprise networks that enterprise hosts are connected to also supported IPv6, end users would automatically have dual-protocol internet connectivity. Unfortunately, today, most enterprises have these dual-protocol hosts connected to IPv4-only access networks.\nIf enterprises enabled IPv6 on their wireless access networks, they could start to take advantage of IPv6\u2019s benefits.\nIPv6 deployment should start at the internet edge, so when enterprises embark on IPv6 deployment projects, they should ensure that their Internet perimeter security defenses support IPv6. \u00a0These include firewalls, DNS servers, load balancers, Web application firewalls (WAFs) and cloud access security brokers.\nOnce the perimeter is IPv6-enabled, the next step is to deploy IPv6 across the core network and then out to end-users.\nGathers more reliable data on web-site visitors\nWhen sites use IPv6, they gain greater customer intimacy by observing customers\u2019 true IP addresses.\u00a0 When customer connect to a web site, it logs their IP address.\u00a0 That address can be checked against threat-intelligence databases and reputation filters to identify connections that might be malicious or fraudulent.\nSome web sites attempt to use the IP address as an element in authentication.\u00a0 A username and password can be associated with an IP address to add confidence that the person attempting to login is who they say they are because they are using the same IP address that they have in the past.\nWhile implementing IPv6 has many benefits, it can raise privacy concerns because without IPv6 NAT, it is possible to capture the true client device address.\u00a0 Some security administrators worry that makes IPv6 more vulnerable.\nPrivacy can be protected\nIt may seem that revealing clients\u2019 true IP addresses seems to somehow compromise security, but according to the IETF, NAT is not a perimeter security function needed for IPv6. Instead, perimeter security can be enforced by stateful firewalls that allow outbound connections but block unsolicited inbound connections. Therefore, even if someone knew an end-user\u2019s global IPv6 address, they couldn\u2019t initiate a connection to that host.\nIPv6 has some specific methods of preserving end-user privacy by obscuring the Interface Identifier (IID), which is the part of the address that uniquely identifies the host.\u00a0 Organizations don\u2019t want to reveal any personal information by including the end user\u2019s device MAC address in the IID.\nMethods vary based on if the network is using protocols such as: stateless address autoconfiguration (SLAAC) or RDNSS with privacy extensions or using Stable SLAAC.\nFurthermore, when using DHCPv6 to lease IPv6 addresses to hosts, the IID is randomized, thus preserving the privacy of the end-user.