IPv6 Structure Will Require New Security Policies and Tactics

Two things to think about with the IPv6 transition: email spam and firewall / security policies:

Blacklists and greylists are another area of concern, as there is only one maintained list at this time. Until reputation systems and blacklists become more common on IPv6, it will be difficult to filter out spam messages. Even so, the way reputation systems and blacklists are generated may need to be rethought, according to Li. An IPv6 address has two parts, the prefix assigned by the individual network, and the access assignment value dynamically generated by each device. As a result, a device can have its IPv6 address refreshed as often as every 24 to 48 hours, Li said. It’s not the same as just blocking out a specific set of numbers, he said.

[…]

Organizations have to test the firewall to ensure the new policies handle IPv6 correctly. Internet service providers can’t treat IPv6 like it’s the same as IPv4 with just more addresses, Asaf Greiner, vice-president of Commtouch, told eWEEK. IPv6 offers hierarchical addressing, where the addresses can be assigned to a single device, as well as to multiple devices within a group, he said.

via IPv6 Structure Will Require New Security Policies and Tactics – Security – News & Reviews – eWeek.com.

Be Sociable, Share!

Leave a Reply