IPv6 guide provides path to secure deployment of next-generation Internet protocol

Jan 06, 2011

As the day draws nearer for the world to run out of the unique addresses that allow us to use the Internet—now predicted to happen by the end of 2012—researchers at the National Institute of Standards and Technology (NIST) have issued a guide for managers, network engineers, transition teams and others to help them deploy the next generation Internet Protocol (IPv6) securely.

Guidelines for the Secure Deployment of IPv6 (NIST Special Publication 800-119), describes the features of IPv6 and the possible related impacts, provides a comprehensive survey of mechanisms to deploy IPv6 and suggests a deployment strategy for a secure IPv6 environment.

The ballooning popularity of devices, such as smart phones and netbooks, tied to the Internet is rapidly depleting the number of so-called IP addresses available under the current Internet Protocol version 4 (IPv4), so the networkers of the world are preparing to move to the next generation, IPv6. Among other improvements, IPv6 has a vastly greater number of potential addresses—several billion per each of the world's current population of about 6.9 billion people.

To ensure that the federal government is prepared for IPv6, the Office of Management and Budget has mandated federal agencies to begin deploying the new protocol. NIST developed the IPv6 security guidelines in support of the Federal Information Security Management Act (FISMA). The publication is designed to help federal agencies avoid possible security risks that could occur during IPv6 deployment. It also could be useful for the private sector and other organizations.

"The pervades every aspect of computer communications," explains lead author Sheila Frankel, "so deploying IPv6 is a major task." With detailed planning, she says, organizations can navigate the process smoothly and securely. Most organizations will be operating IPv6 and IPv4 concurrently.

"Security will be a challenge, however, because organizations will be running two protocols and that increases complexity, which in turn increases security challenges," Frankel says. SP 800-119 describes the security challenges organizations may face as they deploy IPv6. Those challenges include fending off attackers that have more experience than an organization in the early stages of IPv6 deployment and the difficulty of detecting unknown or unauthorized IPv6 assets on existing IPv4 production networks. The publication provides information to be considered during the deployment planning process and makes recommendations to mitigate IPv6 threats.

Explore further: White House updating online privacy policy

More information: SP 800-119, Guidelines for the Secure Deployment of IPv6, may be downloaded in pdf format from csrc.nist.gov/publications/nistpubs/800-119/sp800-119.pdf . An index to the NIST 800-series special publications on computer security is available at csrc.nist.gov/publications/PubsSPs.html .

add to favorites email to friend print save as pdf

Related Stories

NIST issues draft IPv6 technical profile

Feb 01, 2007

The National Institute of Standards and Technology (NIST) yesterday issued a draft profile that will assist federal agencies in developing plans to acquire and deploy products that implement Internet Protocol version 6 (IPv6). ...

IEEE-USA President urges action on adoption of 'new internet'

May 25, 2006

Just as "visionaries" of the Age of Enlightenment in 18th century Europe pursued progress through rationality, the developers of the 21st Century's "New Internet" will "benefit the public good by balancing the needs of users ...

IPv6: Challenge to Internet freedom?

Mar 20, 2006

A China-backed Internet technical standard reportedly might allow the traceability of Internet users, especially those opposing government policies.

Making sure the internet delivers

Jul 04, 2008

European researchers have developed affordable test suites that businesses can use to check whether their software will work with the next-generation internet.

Recommended for you

White House updating online privacy policy

2 hours ago

A new Obama administration privacy policy out Friday explains how the government will gather the user data of online visitors to WhiteHouse.gov, mobile apps and social media sites. It also clarifies that ...

Net neutrality balancing act

21 hours ago

Researchers in Italy, writing in the International Journal of Technology, Policy and Management have demonstrated that net neutrality benefits content creator and consumers without compromising provider innovation nor pr ...

Twitter rules out Turkey office amid tax row

Apr 16, 2014

Social networking company Twitter on Wednesday rejected demands from the Turkish government to open an office there, following accusations of tax evasion and a two-week ban on the service.

How does false information spread online?

Apr 16, 2014

Last summer the World Economic Forum (WEF) invited its 1,500 council members to identify top trends facing the world, including what should be done about them. The WEF consists of 80 councils covering a wide range of issues including social media. Members come ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

Skultch
not rated yet Jan 06, 2011
The ballooning popularity of devices, such as smart phones and netbooks, tied to the Internet is rapidly depleting the number of so-called IP addresses available under the current Internet Protocol version 4 (IPv4)


Bullcrap! Not ONE of these devices uses a publicly routeable IP. NOT ONE!!!

Show me a network admin that shares his precious IPv4 addresses with DHCP to the public and I'll show you a slack-jawed boob.

IPv4 and NAT can AND WILL keep us going well past 2012.

More news stories

Venture investments jump to $9.5B in 1Q

Funding for U.S. startup companies soared 57 percent in the first quarter to a level not seen since 2001, as venture capitalists piled more money into an increasing number of deals, according to a report due out Friday.

Hackathon team's GoogolPlex gives Siri extra powers

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

White House updating online privacy policy

A new Obama administration privacy policy out Friday explains how the government will gather the user data of online visitors to WhiteHouse.gov, mobile apps and social media sites. It also clarifies that ...

Scientists tether lionfish to Cayman reefs

Research done by U.S. scientists in the Cayman Islands suggests that native predators can be trained to gobble up invasive lionfish that colonize regional reefs and voraciously prey on juvenile marine creatures.

Leeches help save woman's ear after pit bull mauling

(HealthDay)—A pit bull attack in July 2013 left a 19-year-old woman with her left ear ripped from her head, leaving an open wound. After preserving the ear, the surgical team started with a reconnection ...