Skip to Content
IPv6 Security
book

IPv6 Security

by Scott Hogg, Eric Vyncke
December 2008
Intermediate to advanced
576 pages
15h 48m
English
Cisco Press

Overview

IPv6 Security

Protection measures for the next Internet Protocol

As the world’s networks migrate to the IPv6 protocol, networking professionals need a clearer understanding of the security risks, threats, and challenges this transition presents. In IPv6 Security, two of the world’s leading Internet security practitioners review each potential security issue introduced by IPv6 networking and present today’s best solutions.

IPv6 Security offers guidance for avoiding security problems prior to widespread IPv6 deployment. The book covers every component of today’s networks, identifying specific security deficiencies that occur within IPv6 environments and demonstrating how to combat them.

The authors describe best practices for identifying and resolving weaknesses as you maintain a dual stack network. Then they describe the security mechanisms you need to implement as you migrate to an IPv6-only network. The authors survey the techniques hackers might use to try to breach your network, such as IPv6 network reconnaissance, address spoofing, traffic interception, denial of service, and tunnel injection.

The authors also turn to Cisco® products and protection mechanisms. You learn how to use Cisco IOS® and ASA firewalls and ACLs to selectively filter IPv6 traffic. You also learn about securing hosts with Cisco Security Agent 6.0 and about securing a network with IOS routers and switches. Multiple examples are explained for Windows, Linux, FreeBSD, and Solaris hosts. The authors offer detailed examples that are consistent with today’s best practices and easy to adapt to virtually any IPv6 environment.

Scott Hogg, CCIE® No. 5133, is Director of Advanced Technology Services at Global Technology Resources, Inc. (GTRI). He is responsible for setting the company’s technical direction and helping it create service offerings for emerging technologies such as IPv6. He is the Chair of the Rocky Mountain IPv6 Task Force.

Eric Vyncke, Cisco Distinguished System Engineer, consults on security issues throughout Europe. He has 20 years’ experience in security and teaches security seminars as a guest professor at universities throughout Belgium. He also participates in the Internet Engineering Task Force (IETF) and has helped several organizations deploy IPv6 securely.

  • Understand why IPv6 is already a latent threat in your IPv4-only network

  • Plan ahead to avoid IPv6 security problems before widespread deployment

  • Identify known areas of weakness in IPv6 security and the current state of attack tools and hacker skills

  • Understand each high-level approach to securing IPv6 and learn when to use each

  • Protect service provider networks, perimeters, LANs, and host/server connections

  • Harden IPv6 network devices against attack

  • Utilize IPsec in IPv6 environments

  • Secure mobile IPv6 networks

  • Secure transition mechanisms in use during the migration from IPv4 to IPv6

  • Monitor IPv6 security

  • Understand the security implications of the IPv6 protocol, including issues related to ICMPv6 and the IPv6 header structure

  • Protect your network against large-scale threats by using perimeter filtering techniques and service provider–focused security practices

  • Understand the vulnerabilities that exist on IPv6 access networks and learn solutions for mitigating each

  • This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

    Category: Networking: Security

    Covers: IPv6 Security

    Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
    and much more.

    Read now

    Unlock full access

    More than 5,000 organizations count on O’Reilly

    AirBnbBlueOriginElectronic ArtsHomeDepotNasdaqRakutenTata Consultancy Services

    QuotationMarkO’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.
    Julian F.
    Head of Cybersecurity
    QuotationMarkI wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.
    Addison B.
    Field Engineer
    QuotationMarkI’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.
    Amir M.
    Data Platform Tech Lead
    QuotationMarkI'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
    Mark W.
    Embedded Software Engineer

    You might also like

    IPv6 Essentials

    IPv6 Essentials

    Silvia Hagen
    IPv6 for Enterprise Networks

    IPv6 for Enterprise Networks

    Shannon McFarland, Muninder Sambi, Nikhil Sharma, Sanjay Hooda
    Junos Security

    Junos Security

    Rob Cameron, Brad Woodberg, Patricio Giecco, Timothy Eberhard, James Quinn

    Publisher Resources

    ISBN: 9781587058387Purchase book