Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. Tribal Telecom 2015.

Published byDomenic Hicks Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. Tribal Telecom 2015."— Presentation transcript:

1 © 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. Tribal Telecom 2015 IPv6 Forum: Infrastructure Scott Hogg, CTO GTRI, Chair Emeritus RMv6TF, IPv6 COE Infoblox CCIE #5133, CISSP #4160

2 © 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. Even if an organization hasn’t started using IPv6 yet, they already have some IPv6 running on their networks and didn’t realize it. –We all use Linux, Apple OS X (iOS), Android, BSD, and Microsoft Windows 7/8/Win2K8/Win2012 systems. –They all come with IPv6 capability enabled by default and prefer IPv6 connectivity. –They may try to use IPv6 first and then fall-back to IPv4. –Or they may create IPv6-in-IPv4 tunnels to Internet resources to reach IPv6 content. –These techniques take place regardless of user input or configuration or notification. IPv6 support is pervasive in our networking equipment, operating systems, and many software and services. IPv6 Support is Pervasive

3 © 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. IPv6 has been under development for 20 years. –IPv6 has had time to mature and become gracefully adopted. –IPv6 will never be “finalized” just like IPv4 keeps evolving. Security researchers and attackers have been actively exploring IPv6, they still look for weaknesses in IPv4. All leading vendors have had to publish patches due to IPv6- related security vulnerabilities. The industry will continue to discover and fix new IPv6 vulnerabilities as they are discovered. Keeping our software patched and updated is critical. IPv6 Security Evolution

4 © 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. Larger IPv6 address space, no need for NAT ICMPv6 and the Neighbor Discovery Protocol (NDP) DHCPv6 and IPv6 address management IPv6 Extension Headers (Option Headers) Visibility to our dual-protocol network connections –Dual-protocol security operations (SIEMs) –Content filtering of dual-protocol connections New Conventions in IPv6

5 © 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. Dual-stack (Dual-protocol) is the predominant migration strategy (add IPv6, eventually turn off IPv4). During this phase we have twice as much work to do. –IP address management, dual-protocol network devices, DNS, DHCP, servers, firewalls, testing, configuration, troubleshooting http://www.networkworld.com/article/2222870/cisco-subnet/dual- stack-will-increase-operating-expenses.html –You are only as strong as the weakest of the two stacks. IPv6 Deployment Models IPv4IPv6

6 © 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. We will still have... on IPv6 networks –Spam and phishing –Malware and command & control networks –DDoS attacks, botnets –Application vulnerabilities –Network and OS infrastructure threats Many of the same techniques we use to secure IPv4 networks are applicable to securing IPv6 networks –Firewalls, IPS, Unicast RPF, bogon filtering, RTBH, content filtering, sandboxes, endpoint security, DLP, SIEMs, NAC IPv6 (Same old, Same old)

7 © 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. IPv6 is already embedded in many of our systems. IPv6 is no more or less secure than IPv4, our security focus should be at the applications and in our software. One way to control IPv6 is to enable it and be aware of it. We all must learn about IPv6 and strive to achieve equal capabilities for IPv6 as with IPv4. Ask our vendors about IPv6-capable products and assess “feature parity”. IPv6 Security Summary

8 © 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. IPv6 Security, By Scott Hogg and Eric Vyncke, Cisco Press, 2009. –ISBN-10: 1-58705-594-5, ISBN-13: 978-1-58705-594-2 ARIN IPv6 Info Center –https://www.arin.net/knowledge/ipv6_info_center.html Internet Society (ISOC) Deploy360 Programme –http://www.internetsociety.org/deploy360/ipv6/ Rocky Mountain IPv6 Task Force –http://www.rmv6tf.org/ Infoblox IPv6 Center of Excellence (COE) –https://community.infoblox.com/taxonomy/term/281 NetworkWorld Blog –http://www.networkworld.com/blog/core-networking-and-security/ IPv6 References

9 © 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. Thank You Scott Hogg 303-949-4865 | shogg@gtri.com @scotthogg

Download ppt "© 2015 Global Technology Resources, Inc. All Rights Reserved. Contents may contain confidential information and are not to be copied. Tribal Telecom 2015."

Similar presentations

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 4: Routing Concepts Routing Protocols.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 4: Routing Concepts Routing Protocols.
IPv6 Deployment CANTO Nate Davis, Chief Operating Officer 13 August 2014.

IPv6 Deployment CANTO Nate Davis, Chief Operating Officer 13 August 2014.
 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.

 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.
T HE E XPERIENCE OF T RANSITION TO IP V 6 Sudan University of Science & Technology.

T HE E XPERIENCE OF T RANSITION TO IP V 6 Sudan University of Science & Technology.
IPv6: Paving the way for next generation networks Tuesday, 16 July 2013 Nate Davis Chief Operating Officer, ARIN.

IPv6: Paving the way for next generation networks Tuesday, 16 July 2013 Nate Davis Chief Operating Officer, ARIN.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
IPv4 to IPv6 Migration strategies. What is IPv4  Second revision in development of internet protocol  First version to be widely implied.  Connection.

IPv4 to IPv6 Migration strategies. What is IPv4  Second revision in development of internet protocol  First version to be widely implied.  Connection.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.
Prof. Dr. Sureswaran Ramadass Director National Advanced IPv6 Centre (NAv6) Universiti Sains Malaysia Prof. Dr. Sureswaran Ramadass Director National Advanced.

Prof. Dr. Sureswaran Ramadass Director National Advanced IPv6 Centre (NAv6) Universiti Sains Malaysia Prof. Dr. Sureswaran Ramadass Director National Advanced.
IPv4 Depletion IPv6 Adoption 3 February 2011 0 /8s Remaining.

IPv4 Depletion IPv6 Adoption 3 February /8s Remaining.
Implementing IPv6 Module B 8: Implementing IPv6

Implementing IPv6 Module B 8: Implementing IPv6
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—7-1 Address Space Management Transitioning to IPv6.

© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—7-1 Address Space Management Transitioning to IPv6.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Introduction to IPv4 Introduction to Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Introduction to IPv4 Introduction to Networks.
17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.

17/10/031 Summary Peer to peer applications and IPv6 Microsoft Three-Degrees IPv6 transition mechanisms used by Three- Degrees: 6to4 Teredo.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture14: DHCP Switched Networks Assistant Professor Pongpisit Wuttidittachotti,

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture14: DHCP Switched Networks Assistant Professor Pongpisit Wuttidittachotti,
© 2015 Global Technology Resources, Inc. All Rights Reserved. Contents herein contain confidential information not to be copied. Successfully Deploying.

© 2015 Global Technology Resources, Inc. All Rights Reserved. Contents herein contain confidential information not to be copied. Successfully Deploying.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing and Switching Essentials.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing and Switching Essentials.
Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.

Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.
IPv4 Depletion and IPv6 Adoption Today Community Use Slide Deck Courtesy of ARIN May 2014.

IPv4 Depletion and IPv6 Adoption Today Community Use Slide Deck Courtesy of ARIN May 2014.

Similar presentations

Ads by Google