You might not know it, but IPv6 traffic may already be running on your network.
Although many content and Internet providers won’t officially turn on IPv6 capabilities until June 6, which has been declared World IPv6 Launch Day, some end user devices, desktop operating systems and network routers are already running what some call a “shadow network” on enterprise systems.
Blue Coat Systems Inc. says that’s the reason why organizations using its PacketShaper network monitoring appliances need to upgrade to latest version of its operating system.
Version 9 gives application and content-level visibility and control into IPv6, the company says, to detect file-sharing and possible malware using the new protocol.
The problem, according to Steve House, the company’s senior director of product management, is that most enterprise network security is geared towards IPv4. Canny staffers may realize they can get away with leveraging that hole to engage in corporately-frowned on activity like downloading music and videos.
More seriously, criminals may try to take advantage by sneaking malware in that can tunnel out using IPv6 carrying corporate data.
By changing PacketShaper’s classification engine, version 9 can identify 35 IPv6 services, including FTTP, HTTP, ICMP, SSL and CIFS, House said.
In the near future Blue Coat will release more services as plug-ins, he added.
Interestingly, House said Blue Coat came across the importance of this capability during beta testing. The main capability it was going to tout for version 9 was performance gains.
But two of the five corporations beta testing the new release were surprised to find as much as three per cent of their internal traffic used IPv6. By comparison, about one per cent of global Internet traffic is IPv6-based.
Industry analysts told Blue Coat the difference was likely coming from devices that prefer IPv6 traffic, such as desktop PCs running Windows 7, tablets or handset using Apple Inc. iOS and Android-based devices, abetted by IPv6-enabled routers.
“We know this is a trend on the early side,” House said. “A lot of enterprises don’t think or don’t know they have IPv6 traffic, so it’ll be very interesting for them.”
On the performance side, Blue Coat has done some software tuning of PacketShaper’s classification algorithms and made other changes to give what it says is a substantial performance boost.
Most environments will see aggregate throughput increase from 2- to 3-Gigabits per second to up to 5 Gbps, House said.
The company’s top model, the PacketShaper 120000 or 10000 could see up to 8 Gbps on certain application traffic running between data centres, such as replication of a database.
