Many of the tech changes we see on the market have taken years to test and develop. This is also true for IPv6, the next-generation of Internet networking technology. Now, most hosting providers and corporations have changed over to IPv6 because it provides a solution to the lack of IP addresses of the old IPv4 technology. However, there are still some issues that companies face when shifting from the this old technology to the newer IPv6.
What is IPv6?
To explain IPv6 you need to understand what IPv4 is. This is the IP address technology used to access the Internet. It is used by computers, smartphones, cameras, and any other connecting device. It is a 32-bit system, that follows the xxx.xxx.xxx.xxx system (where the xs are replaced with numbers) and identifies each and every device that connects to the Internet. This system is capable of generating up to 4.3 billion addresses, thought to be more than sufficient at the time of its founding for all the devices that connect to the web. However, the explosive growth of the Internet, and the connectivity potential of so many types of devices, everything from tablets to refrigerators, 4.3 billion has become too small number. To replace this outdated system IPv6 was developed with 340 undecillion numbers, which is more than enough to cover our existing IP needs.
Once implemented IPv6 offers many advantages. For one, it offers a completely different scheme of IP addresses, which means that you will have many IP addresses to choose from. Or if you so desire, you will no longer have a network border and could use a single IP address from anywhere in the world.
Additionally IPv6 offers businesses the opportunity of having many more security benefits such as Internet protocol security (IPsec), a higher level of data protection with better encryption and safer protocols for mobile devices.
However, the hierarchy for IPv6 is different to that of IPv4, and if corporations adopt it using the same way they did IPv4 they may end up running parallel frameworks, and risk undermining security measures made for either protocol. This could easily happen without the company even realizing it, as any businesses using Windows Server 2008, Windows 7, OS X or even simple applications like Skype could automatically be using the IPv6 framework. Without careful implementation, businesses could end up running both IPv4 and IPv6 in parallel, and without knowing it, nullify security measures they use with either protocol.
The Security Issues
Most end-users will see no significant difference. Their computers will continue to connect to the Internet much as they always have. However, this change is very significant for large companies needing to switch over to the IPv6 framework – and needing to have high security measures set in place at all times. Many worry about the security holes this change could cause when they move over to the new version 6. Currently, the number of IPv6 attacks is not large, but security research suggests that they have already seen widespread malware that is IPv6 based, and which can bypass existing protection and firewalls. This malware is expected to cause more damage as more businesses adopt the new IPv6 structure.
Danger seems more eminent for businesses that don’t have their network defenses up to date, as the addition of new IP addresses, though beneficial, can leave companies vulnerable to the attack of cyber criminals; especially as these thieves will also have access to more IP addresses, and can switch from one to another frequently; making it difficult to track them.
Added to this is the fact that the security controls implemented for IPv4, which blacklist malicious IP addresses, will no longer function. This could be a big problem as almost 90% of the security filtering tools rely on IP blacklists. Once everyone moves to the new IPv6 structure, criminals can quickly change their IP address and cause havoc on the existing security measures.
Another potential security pitfall may be the lack of skills IT personnel have in working with the new IPv6 system. Those that specialize in security measures, are most familiar with protecting IPv4 systems. When they move to the new IPv6 infrastructure, they will be unfamiliar with this new territory – and this could produce significant security holes when transitioning.
How to Transition?
To make the transition with the least amount of problems, businesses should turn off any device, server or system already working off IPv6, until they are ready for any security issue that could arise from the new protocol. They should update all security controls on the network. Once these are updated, then they should tunnel the data into the new IPv6 structure.
Administrators should also remain on the lookout for any rogue devices, any rogue IPv6 traffic or tunnels while transmitting the information over.
In the End
Businesses have been ignoring the transition for years, but now need to start planning for it. The transition is not an easy one, and requires a lot of preparation, planned security and backup implementation, as doing it incorrectly can leave to large security holes in corporate IT infrastructures