IPv6 adoption may be slowly growing but some security concerns are still bothering many network engineers. Bugs in new codes, lack of support for the new protocol from Internet service providers and vendors and adequate security training are among their top worries.
gogoNET, an organization of 90,000 networking professionals, recently polled its members on their major IPv6 security concerns.
Here are the top six IPv6 security risks identified by gogoNET:
Lack of training – According to network engineers their most serious concerns in the lack of IPv6 security training and education in the industry. Companies and industry organizations need to spend more time and money in IPv6 training because failure to secure the IPV6 systems “is like allowing a huge backdoor to exist,” according to Scott Hogg, director of advance technology services at Global Technology Resources Inc.
Security devices bypasses – Security products need to recognized IPv6 packets and apply controls when they do. Engineers are worried about unfiltered IPv6 and tunneled traffic that may allow rogue or unknown traffic through. Current security products, particularly those converted from IPv4 to IPv6, are not matured enough to handle current threats.
Little support for IPv6 – Before IPv6 can reach a level of security functionality and stability that IPv4 has attained, it needs thorough network and equipment tests especially from security product vendors. The issue is further complicated when an ISP does not have a native IPv6 connection.
For more information on the other three IPV6 security threats, click here