IPv6 support in firewalls

[Dave Piscitello <dave () corecom com>]

I suppose I should begin by answering "why the interest in IPv6?"
question. Simply put, we are running out of IPv4 addresses (yeah, I
know, the Sky is Falling, NAT will save us forever...). Based on current
  consumption rates, some folks speculate that the remaining addresses
not yet distributed by IANA will be exhausted by 2009.

More importantly, the space is horribly fragmented and it's becoming
increasingly difficult for RIRs to acquire and allocate large numbers of
IP addresses in contiguous blocks.

Whether you believe IPv4 address exhaustion is imminent or not, I choose
to consider a related concern. I'm not convinced we can even meet the
modest (that's as polite as I can be) security baseline we achieve with
IPv4 security products with available IPv6 security products. What
little I've learned in the short time I've spent asking security
companies  about IPv6 support isn't encouraging.

What do I want from you?

If you who have IPv6 in a production environment and are willing to
share some information about the firewall you're (presumably) using to
enforce security policy, please contact me offline? I've begun a study
of the state of security preparedness for IPv6 and would like to learn
what firewall you're using, how the feature set compares to IPv4, etc.

I'm mostly interested in commercial firewall software and appliances but
if you're using FreeBSD or other open source solution I'd be curious to
learn how large a user population you are supporting, hardware
considerations, etc.

If I get enough information, I'll post a summary message to the list.

Attachment: dave.vcf
Description:

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards