It’s amazing to me that many of the Security companies I talk with have no idea about IPv6 or plans to address this significant change. It’s sort of like looking at the ocean and saying; wow, why is the water pulling back into the ocean – well you’d be wise get running now!
The signs are everywhere, i.e. proxy server mania -- will the real IP address please stand up! Sorry it can’t – it’s been translated 6x before it renders it self at the intended target. Additionally, this is a safe haven for criminals – What? You mean criminals can translate / mask their identity address x number of times making it nearly impossible to track back to the source or Phishing site – yup!
And what about those lagging gaps when talking over VOIP. Speaking over an IP circuit sometimes produces breaks in the conversation – why does it do that – it’s definitely not as good as a wired analog line? Well, quite frankly VOIP traffic looks the same as all IP traffic, with no such thing as priority IP packet shipping and added tax of layers of proxy servers the whole things gets a bit messy.
Aside from the scary aspects, lets get to the practical side of managing the change and what this means to corporations and opportunities for security companies. Don’t go too crazy -- bridges are already built managing the traffic between IPv4 & IPv6, so companies can still operate over IPv4 – BTW, no IPv5 exists. However, the real challenge is to take advantage of the features and benefits of IPv6. Like being able to identity each device on the network individually – or a hottub, automobile, cell phone, or home PC (trusted edge!), etc. Each device will have a unique identity / IP address no longer requiring proxy translation, so you get smooth sailing throughout the network, or how about a speed lane for priority traffic like voice and video packets.
This represents huge opportunities for emerging technology & security companies, especially startups whose development efforts are typically first in Go-To-Market schemes with products & services that no one else can claim. And the flip side, huge expense that corporations would rather not undertake.
So what’s the big change? Virtually all data networks are based on Internet Engineering Task Force (IETF), IPv4 and not only tie in the network protocols but all the interdependent Application Programming Interfaces (API’s) i.e. LDAP! – are your light’s blinking yet! It’s not an incremental update; it’s a complete stack replacement.
Why now? During the 90’s an explosion of internet device reveled limitations in IPv4, hence the need for NAT – Network Address Translation servers mapping and chaining IP addresses. This is no longer the case with IPv6 addressing schemes are now going from 32 to 128 bit. In addition, IETF made the administration easier to configure and manage networks, so we have a lot of good news to work with here. Mobility is especially enhanced, and if you look at any of the current IP projections & trends you know mobility is a key growth segment for services over the next five years. Other areas, phones, appliances, industrial, audio, video can now be IP enabled.
What is Microsoft doing in this space? Although not fully supported, IPv6 (Internet Protocol version 6) is ready for developer testing. Microsoft’s Customer Services and Support (CSS) will now help ISV’s with technology guidance and technical help testing IPv6 issues. The current Windows IPv6 implementations (XP SP2, Server 2003 & CE4.2) are not intended for production however does provide a test bed platform for learning, planning, development and testing. More and more Asian government contacts are mandating it as part of their check list requirements for vendors – maily because the US has 75% of the IPv4 addresses.
This migration effects network router, Ethernet based LANs, firewalls and Internet Service Providers (ISP’s) ATM & Frame Relay WANs and backbone carriers, as well as wireless carriers. To me, this has the making of a mini Y2k, however the legacy code is much more current, and therefore should be a much less burden some task of migrating & testing. Additionally, I see a huge opportunity for new services and capabilities opening up for new product & services.
For further detail see Directions on Microsoft “Independent Analysis of Microsoft technology & Strategy”
Cheers, Don.
Comments