Firewall Wizards mailing list archives
Re: IPv6
From: Timothy Shea <tim () tshea net>
Date: Sun, 26 Dec 2010 22:23:13 -0600
There is much additional complexity in IPv6 regardless of security architecture. And IPSec being "built in" is irreverent to the debate. Outside of our government contracts - not even remotely thinking about IPv6. Maybe in a few more years. t.s On Sun, Dec 26, 2010 at 2:20 PM, Devdas Bhagat <dvb () users sourceforge net>wrote:
On Sun, Dec 26, 2010 at 11:56:45AM -0500, Paul D. Robertson wrote:Is anyone doing anything interesting with v6 and firewalls? We're supposedly coming up on the year that v6 will break out, and most organizations I know still don't even route it.I am looking to start announcing IPv6 early next month. At this point, Linux and *BSD boxes support IPv6 in their firewall rulesets. There really shouldn't be much additional complexity with IPv6 in any good security architecture. It's just another routed protocol, with longer addresses and IPSec built in. At the beginning though, we are likely to see simple IPv6 routing with no AH/ESP. What will be infinitely more interesting will be the combinations of IPv4 to IPv6 mapping/NATing/routing which will happen. Devdas Bhagat _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
-- Tim Shea, CISSP 612-384-6810 tim () tshea net http://www.linkedin.com/in/timothyshea
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- IPv6 Paul D. Robertson (Dec 26)