Re: IPv6 Firewalls

["J. Oquendo" <sil () infiltrated net>]

Joseph S D Yao wrote:
> On Tue, Jan 30, 2007 at 09:43:52PM -0500, J. Oquendo wrote:
> ...
>   
> > A lot of vendor information on this, etc. can be summarized over at 
> > http://www.moonv6.org/ (or at least the hype of it)
> >     
> ...
>
>
> This is why I asked: at some point last year, those guys said NO
> firewalls were IPv6-ready yet.
>
>
>   
From their last tests 
(http://www.moonv6.org/project/july2006/Moonv6_2006_Whitepaper.pdf) it 
seemed they accomplished a lot of their tasks. They didn't include the 
list of vendors that tested though:


// PAGE 7

Firewall deep-inspection functionality of application traffic in a mixed 
IPv4/IPv6 environment was validated and compared with the same test 
scenarios in an IPv4 oenvironment. A realistic protocol mix was 
configured to simulate the forwarding and blocking capabilities in an 
actual network.

A critical concern that must be addressed in an IPv4/IPv6 transition 
environment is equivalent quality of the user experience. If a security 
device performs adequately wIPv4, it should also sustain comparable 
performance levels when processing mixed IPv4/IPv6 and pure IPv6 
traffic. Responding to that concern, the 2006 Moonv6 Transition Test 
Suite included performance tests that compared security devices IPv6 and 
mixed IPv4/IPv6 performance. These tests used real-world application mix 
traffic to measure the metrics. The tests successfully validated that 
security devices casustain adequate performance and QoE levels in 
transition IPv4/IPv6 environments.

// END PAGE

--
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
sil . infiltrated @ net http://www.infiltrated.net 

The happiness of society is the end of government.
John Adams

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature