Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

SIEM Systems and IPv6 Migration

Q1 Labs : 20 September, 2011  (Technical Article)
Q1 Labs advises testing security products for compatibility with IPv6 environments as the adoption threshold draws nearer due to the expansion of IP address consuming mobile IT products
SIEM Systems and IPv6 Migration
Q1 Labs has urged organisations to look how Security Information and Event Management (SIEM) systems as well as IPS and IDS are configured as firms move to IPv6-based networks.

“Not all security software and appliances are set-up to deal with fully IPv6 or hybrid environments straight off the bat,” explains Chris Poulin, CSO for Q1 Labs. “All of Q1 Labs’ products have been IPv6 compliant for several years, but that is not the case with all vendor solutions; we are advising our partners and customers to make sure that log sources are properly reporting IPv6 data in every environment.”

Poulin, who spent eight years in the US Air Force managing global intelligence networks and developing software believes that many organisations still don’t fully appreciate the IPv6 problem. Internet Protocol Version 6 (IPv6) is designed to succeed Internet Protocol version 4 (IPv4) and was ratified by the Engineering Task Force (IETF) in 1998.  The outgoing IPv4 has a theoretical hard limit of 4.3-billion addresses, which is quickly filling up, especially with the growth in smart phones and tablets expected to hit a billion units by the end of the year.

Even though the new protocol has a 128-bit address range (340-undecillion limit) and additional features, adoption of IPv6 is still sluggish. “The move is a significant project for any IT department and security needs to be on the check-list of things to test before making the move,” Poulin urges. “SIEM is actually a good place to test if IPv6 security procedures are feasible and working correctly.”

IPv6 security risks include bugs in code, protocol weaknesses and poor implementations by security and network vendors due to minimal familiarity with the new standard. “Attacks using an IPv6 tunnel on a hybrid network are examples of new threats that might be missed unless organisations start to prepare now for the inevitable change.”

Poulin believes that any SIEM that is not v6 compliant is a potential liability.” Vendors that fail to provide documentation on configuring for IPv6 are failing to serve customers,” he cautions. “The current pace of change is relatively slow but it is likely to speed up as large service providers and trading platforms move to IPv6 over the next few years, which could mean that IT departments are suddenly dumped with a project to move with minimal notice – it would be wise to start checking now before the call comes,” Poulin adds.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo