Don't Worry, IPv6 Won't Break Your Existing IPsec VPN, Part 1

By Daniel P. Dern<a href="http://vpnhaus.ncp-e.com/wp-content/uploads/2011/10/300px-151221-ivebroken_ohinternet1.jpg"><img class="alignright size-full wp-image-2343" title="300px-151221.I'VE+BROKEN_OH+INTERNET!!!1" src="http://vpnhaus.ncp-e.com/wp-content

What does the coming of IPv6 mean for companies relying on IPsec for secure site-to-site and remote VPN connections to the company network?

"Nothing would change," says Rainer Enders, CTO, Americas, for NCP engineering. "From an end-user point of view, there is zero impact at the application layer. Using IPv6 instead of IPv4 will be transparent to the user."

What does this mean for IT admins responsible for provisioning and administering IPsec VPNs and VPN capability? "You still have to have your VPN application in place, and that application has to be managed, monitored, and controlled," says Enders. "You want to make sure you have the right technology deployed, for instance at the operating system, patch, and security level."

IPv6 increases the need to have the appropriate security technology for VPNs and other networking activity, Enders notes. "Static firewalls work fairly well in an IPv4 environment, because there are other layers of protection, such as private addresses. However, with IPv6, the world is 'flatter' and much better connected. So IT admins will want a managed-client firewall, and take more security precautions, to focus more on protecting devices."

Stay tuned for Part 2 on how a company can add IPv6 support.

back to overview