IPv4 address exhaustion combined with rise in IPv6 devices means security professionals need to understand and mitigate potential risks from emerging hybrid networks
The rapid switch over from IPv4 to IPv6 has prompted the SANS Institute to run a special one-day class at the end of its upcoming SANS Gulf Region event.
Dave Shackleford, a SANS analyst, instructor, and course author, as well as a GIAC technical director will run the Security 546: IPv6 Essentials in Dubai this October in a course designed not just for implementers of IPv6, but also for those who just need to learn how to detect IPv6 and defend against threats that unintentional IPv6 use may bring.
“IPv6 is being implemented at a rapid pace across the region as we start to exhaust the IPv4 address space,” comments Shackleford, “Even if your organisation does not feel the same urgency of IP address exhaustion, you may have to connect to these IPv6 resources as they become more and more important to global commerce.”
Internet Protocol Version 6 (IPv6) is designed to succeed Internet Protocol version 4 (IPv4) and was developed by the Internet Engineering Task Force (IETF) and ratified in 1998. The new protocol adds additional features as well as offering a 128-bit address range. Its future adoption is almost certain as available IPv4 addresses are likely to be exhausted within 18 months based on current consumption rates.
IPv6 is enabled by default in Windows 7 and is implementations for OSX and Linux. In many of the recent operating system updates, it has been turned on by default and is also inherent in devices running Apple’s IOS such as iPads as well as some Google Android devices with IPV6 also enabled by default.
Security 546: IPv6 Essentials introduces network administrators and security professionals to the basic concepts of IPv6 and provides an ideal refresher to other SANS courses such as the SEC503 Intrusion Detection in Depth.
Shackleford highlights that the growth of mixed IPv4 and IPv6 networks, in some cases without the knowledge of IT security teams, can introduce a variety of potential security risks. Attacks designed to exploit IPv6 enabled devices could also be missed by intrusion detection systems that have not been correctly configured to deal with IPv6 traffic.
“Before IT professionals meet these IPv6 challenges out in the field, it is highly advisable to gain a good understanding of the technology, risks and methods of defending against attacks.” Shackleford advises, “The addition of the IPv6 Essentials course at our Gulf event is a direct result of a recent spike in requests for other attendees and we are rapidly filling up so it is advisable that individuals that are interested in attending should register within the next few weeks,” he adds