IPv6 in the Industry

The Urgency Behind IPv6

A couple of my buddies Shannon McFarland (Cisco) and Ed Horley (Groupware) did a great short video with Jeff Doyle (TCP/IP legend) on the urgency behind IPv6 in the service provider and the enterprise space.  Enjoy! Also located in Ed’s post here: http://www.howfunky.com/2013/07/enterprise-ipv6-video-with-jeff-doyle.html Check out Ed’s blog for some great IPv6 deployment tips – especially […]

The Urgency Behind IPv6 Read More »

2012 US Government IPv6 Mandate: The Day of Reckoning

Well, today is the day, or the last day I should say.  At midnight tonight, the US Government will have shut the books on yet another Fiscal Year.  Although, it’s not finances that has the technology industry glued to government tech news; it’s IPv6 adoption.  By the end of FY 2012, the entire US Government

2012 US Government IPv6 Mandate: The Day of Reckoning Read More »

Cisco IPv6 IOS Hardening – DoD Style

***Updated on 14 May 2014 – regarding NET-IPv6-022, See below*** Thousands of network engineers in the DoD out there looking at implementing IPv6 now have to address a few Security and Technical Implementation Guidance (STIG) items that they used to just annotate as “Not Applicable – NA.”  Now, IPv6 security is important.  If you are

Cisco IPv6 IOS Hardening – DoD Style Read More »

Why 802.1x is Not Enough: How to Implement SeND – Part 2

Last month I presented the case as to why 802.1x authentication is not enough for local network (wired or wireless) security (go back here to read).  In this post I will present an alternative: IPv6 Secure Neighbor Discovery (SeND).  If you have an IPv6 enterprise, small IPv6 deployment, or a little IPv6 lab then pay

Why 802.1x is Not Enough: How to Implement SeND – Part 2 Read More »

US Government IPv6 Enablement – 4-month Status Check

Well, it is now roughly four months until the U.S. Federal Government is supposed to have its publicly-facing network services enabled for IPv6 by 30 September 2012 according to the White House directive in 2010.  More specifically: Upgrade public/external facing servers and services (e.g. web, email, DNS, ISP services, etc) to operationally use native IPv6

US Government IPv6 Enablement – 4-month Status Check Read More »

Facebook is IPv6-enabled now – without a whitelist

UPDATE 22 May 2012 It looks as though Facebook is now 100% IPv6-enabled, without white-list filtering!  See the dig below: The Updated Dig mylaptop:~$ dig @8.8.8.8 AAAA www.facebook.com ; <<>> DiG 9.8.1-P1 <<>> @8.8.8.8 AAAA www.facebook.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36329

Facebook is IPv6-enabled now – without a whitelist Read More »

IPv6 RA Guard Implementation Advice

Bravo to Fernando Gont for getting out a great Internet Draft (soon-to-be RFC) on the Implementation Advice on IPv6 Router Advertisement (RA) Guard.  This has been one of the open, gaping wounds in the side of IPv6 enterprise deployment for years.  In fact, many of us in the IPv6 and IPv6 security fields love to

IPv6 RA Guard Implementation Advice Read More »

Scroll to Top