IP v6 Security

Bo Nilso bnilso@csc.com
Fri, 20 Jul 2001 22:21:23 +0200


Hi!

Have listen to the mails about DOS attacs on IPv6 network.

I have a more general question: Is there any FIREWALL SW for IP v6? Fuego
does not have it, Checkpoint does not state to have any product, Cisco
12.2T is not anything to use on their PICS FW (as far as I have heard).
Have anybody else seen anything around? Have anybody geard ANYTHING about
products in pipeline?

In general, IP v6 fans state security is good in IPv6 due to IPSEC. But
that creates a tunnel between endpoints. Seen from an individual person
viewpoint, I can protect my data transfers and dialogues from being tapped
into. Seen from a Company perspective, Tunnels are not good, unless you
know what is in it. You need some point in the net, in your gate to the
world (Internet or other outside connections), where you can allow/deny
services, based on a company IT Security policy.

I appriciate an answer to my initial question, as it is part of my
professional work. A discussion in general on security, FW´s and tunnels is
also interesting.

BosseN
-----------------------------------------------------------------
AVS:
Bo Nilsö, CSC Sweden, Linköping
Mail: bnilso@csc.com
Phone: +46 (0) 13 465 3631
-------------------------------------------------------------------