IPv6 security

IPv6 Security – Server Operating Systems

The DoD has done an excellent job in annotating the best security practices for operating systems for years with its Security Technical Implementation Guides, or STIGs.  In fact, STIGs for networking systems like routers, IDS/IPS, switches, devices, etc have been updated to reflect the new reality: IPv6.  However, with STIGs on the operating system there […]

IPv6 Security – Server Operating Systems Read More »

Cisco IPv6 IOS Hardening – DoD Style

***Updated on 14 May 2014 – regarding NET-IPv6-022, See below*** Thousands of network engineers in the DoD out there looking at implementing IPv6 now have to address a few Security and Technical Implementation Guidance (STIG) items that they used to just annotate as “Not Applicable – NA.”  Now, IPv6 security is important.  If you are

Cisco IPv6 IOS Hardening – DoD Style Read More »

Why 802.1x is Not Enough: How to Implement SeND – Part 2

Last month I presented the case as to why 802.1x authentication is not enough for local network (wired or wireless) security (go back here to read).  In this post I will present an alternative: IPv6 Secure Neighbor Discovery (SeND).  If you have an IPv6 enterprise, small IPv6 deployment, or a little IPv6 lab then pay

Why 802.1x is Not Enough: How to Implement SeND – Part 2 Read More »

Why 802.1x is Not Enough: Use IPv6 SeND – Part 1

There’s been much debate in the IPv6 community regarding the abysmal support or IPv6 Secure Neighbour Discovery (SeND).  To get you up to speed on what IPv6 Secure Neighbour Discovery is think IPv6 + 802.1x-like + ARP security + PKI environment.  Later in this blog I’ll show you how to set up an IPv6 SeND

Why 802.1x is Not Enough: Use IPv6 SeND – Part 1 Read More »

Scroll to Top