Internet Protocol version 6 (IPv6) is the next version of the protocol that is used for communications on
the Internet. IPv6 is a protocol that has been in existence for many years, but it has not yet replaced
IPv4. IPv4 has some limitations that were not anticipated when it was first created. Because IPv6 overcomes
many of these limitations, it is the only viable long-term replacement for IPv4.
While the migration to IPv6 has started, it is still in its early stages. Many international organizations
already have IPv6 networks, the U.S. federal organizations are working on their transitions to IPv6, and
others are contemplating what IPv6 means to them. However, many organizations already have IPv6
running on their networks and they do not even realize it. Many computer operating systems now
default to running both IPv4 and IPv6, which could cause security vulnerabilities if one is less secure
than the other. IPv6 security vulnerabilities currently exist, and as the popularity of the IPv6 protocol
increases, so do the number of threats.
When a security officer wants to secure an organization, he must be aware of all potential threats, even if
this threat is a ten-year-old protocol that represents less than 1 percent of the overall Internet traffic in
2008. Don’t be blinded by this 1 percent: This figure is doomed to increase in the coming years, and
chances are good that your network is already exposed to some IPv6 threats. It’s better to be safe than
sorry.
Just like the early deployment of many technologies, security is often left to the final stages of implementation.
Our intent in writing this book is to improve the security of early IPv6 deployments from day
one. Any organization considering or already in the midst of transitioning to IPv6 does not want to
deploy a new technology that cannot be secured right from the outset. The transition to IPv6 is inevitable,
and therefore this book can help you understand the threats that exist in IPv6 networks and give you
ways to protect against them. Therefore, this book gives guidance on how to improve the security of
IPv6 networks.