ABSTRACT

Fundamental Filtering of IPv6 Network Traffic   [open pdf - 190KB]

"This paper begins a series of IPv6 TIPs to assist network defenders with the security implications of IPv6 deployment. This document will not duplicate existing published documentation concerning the theoretical aspects of IPv6-based network security, but will focus more on the first steps of a 'HowTo' for network defenders. You will find non-vendor-specific provisioning of IPv6-based network traffic filtering via basic types of traffic blocking suggestions, identification of deprecated addresses, a brief discussion on ICMPv6, tunneling, and additional topics to consider when developing an IPv6 implementation strategy. Implementing IPv6 introduces a myriad of challenges, including providing security at network borders as well as internal controls. By design, IPv6 enables each host's direct connection to the internet with a completely routable address."

Report Number:
Technical Information Paper: TIP-12-225-01
Author:
Publisher:
Date:
2012-06-19
Copyright:
Public Domain
Retrieved From:
United States Computer Emergency Readiness Team: http://www.us-cert.gov/
Format:
pdf
Media Type:
application/pdf
URL:
Help with citations