Wednesday, July 22, 2009

North American IPv6 Task Force: "At least half of U.S. CIOs have IPv6 on their networks"

Yet another interesting quote:

"At least half of U.S. CIOs have IPv6 on their networks that they don't know about, but the hackers do," says Yanick Pouffary, technology director for the North American IPv6 Task Force and an HP Distinguished Technologist. "You can't ignore IPv6. You need to take the minimum steps to secure your perimeter. You need firewalls that understand IPv4 and IPv6. You need network management tools that understand IPv4 and IPv6."


So, at least half of the U.S. companies have IPv6 enabled networks? I guess that's good news! Until now, I heard that too little US companies were doing IPv6, and it would take billions of dollars to get IPv6. Now we learn IPv6 is already there. Great!

So, 40 years later, we can all say "That's one small step for [a] man, one giant leap for mankind".


More interesting (or confusing?) Pv6 stuff here:

http://edge.networkworld.com/news/2009/071309-rogue-ipv6.html
http://www.itworld.com/networking/71015/five-biggest-ipv6-based-threats-facing-cios


Juniper: "look for IPv6 traffic and drop it"

Interesting quote from Juniper:

"What customers need to do within their intrusion-prevention systems or within their firewalls is to explicitly look for IPv6 traffic and drop it,'' says Tim LeMaster, director of systems engineering for Juniper's Federal group.

So Juniper is advising to drop IPv6 traffic?! Interesting point of view from a network hardware vendor; I would expect such a vendor to say "You need IPv6. Buy my stuff that does IPv6".

Oh, wait: maybe the reasoning is this: "You need to drop IPv6. Buy my stuff that can drop IPv6.".


See more "IPv6 is dangerous" stuff here:

http://edge.networkworld.com/news/2009/071309-rogue-ipv6.html
http://www.itworld.com/networking/71015/five-biggest-ipv6-based-threats-facing-cios