In the summer of 1981, IBM released the IBM Personal Computer. That same summer, the standards body known as the IETF published a specification, RFC 791, for the Internet Protocol version 4 (IPv4). RFC 791 was written at the University of Southern California for the Defense Advanced Research Projects Agency (DARPA) “for use in interconnected systems of pack-switched computer communications networks.” In other words, IPv4 is a communications protocol that identifies, locates, and routes traffic between computers. Little did the world know that the PC and IPv4 would converge and the network of computers around the globe would take on its name – the Internet – from the “I” in IP.
The original IBM PC ran on an Intel 8088 chip at 4.77MHz, 16kB RAM, and a single floppy disk drive. Today, a mid-range Dell PC operates more than 3000 times faster, with 500,000 times the memory, and over 800,000 times the storage at the same $1500 price. During those same 32 years, IPv4 became the dominant protocol on the Internet, but it did not scale in the same way that the PC did. Mathematically, IPv4 addresses up to 4.3 billion “hosts” which is tech speak for computers. However, we have over 7 billion people in the world, many of whom use more than one IP address. The explosive growth of Internet-connected computers, smartphones, and other devices, has exhausted IPv4 addresses in North America, Europe, and Asia, with South America and Africa to follow in 2014. Worsening matters, the upcoming Internet of Things (a term coined by Kevin Ashton at MIT in 1999 in which ordinary, everyday objects such as coffeemakers and thermostats have an Internet identity) will exponentially increase the need for IP addresses.
IPv6 introduces 340 undecillion addresses to the Internet – that’s a 34 with 37 zeroes after it. This huge address space essentially places no practical limitation upon the Internet of Things, at least until we figure out how to connect Nano machines to the Internet. To a technologist like me, this evolution of technology sounds great until I remember that I work for Dell Security. More addresses means more things to hack…and these things are all around us. At the 2013 Black Hat information security conference, researchers demonstrated how to remotely unlock the locks on a networked home, control the broadcast and camera on a smartTV, and take the reins of an automated car, turning it into a weapon. The attack vectors are numerous, particularly as products are rushed to market and hackers seek to exploit their vulnerabilities.
Though IPv6 deployment is well underway, we are fortunately still early in the IPv6 adoption cycle as a defacto Internet standard. And although IPv6 has native security measures such as encryption and authentication, mandates to use them can lull the industry into a false sense of security, since encapsulating malicious payload (such as botnets) can make the malware invisible to the security filters in routers, switches and some firewalls. Dell SonicWALL Next Generation Firewalls (NGFW) implement the same network security mechanisms for IPv6 that have been proven to protect IPv4. For example, Dell NGFWs employ deep-packet inspection techniques that enable them to stop malware that has been encrypted to evade detection from other firewalls. Defending mechanisms for IPv6 networks are also available in the Dell SonicWALL Secure Remote Access product line, Email Security product line, and the newest version of the Global Management System, which manages and performs analytic reporting on security events for the entire Dell SonicWALL portfolio.
So how did I learn to stop worrying learn to love IPv6? It wasn’t to stick my head in the sand or to sweep the inevitable migration under the rug. Rather, as a Dell SonicWALL technologist, it was to make sure that our customers establish the best practices in preparing for IPv6 by deploying security policies on their firewalls, secure remote access appliances, and email security appliances that are tuned for IPv6. And as consumers of technology, it’s all of our jobs to insist that companies design technology with built-in IPv6 security measures. The Internet of Everything promises to revolutionize our lives; let’s work together to ensure a secure Internet, stop worrying, and learn to love IPv6.