When Internet Protocol version 4 (IPv4) was designed in the 1970s the internet in no way resembled what it does today. Mainstream use, global growth and security issues were not predicted as it was used largely in academic and research circles. More than two billion users, nearly one third of the world's population, are now connected to the internet. Considering most users have more than one device connected to the internet and every device has an IP address, the addresses have now all been fully allocated to the regional internet registries. The internet has simply outgrown IPv4.
The depletion of available addresses is forcing organisations to look at alternatives, and there is only one available — IPv6. Government mandates, especially from the US, are pressuring technology vendors to provide full support for IPv6. Companies serving government customers, such as defence contractors, managed service providers and internet service providers, need to transition to IPv6 to be in compliance. Companies in industries building large-scale networks, such as web firms and communications providers, need to implement IPv6 systems and networks to enable business growth and innovation.
If you're implementing IPv6 networks, it isn't safe to assume that your current security controls, policies and processes will protect your IPv6 as well as your IPv4 environment. Most security companies have lagged networking companies in introducing full-fledged IPv6 support.
Even if you aren't implementing an IPv6 network, you still need to be concerned about the transition. Most OS and many new printers and other network devices are IPv6 enabled, offering a dual-stack configuration to support IPv6 traffic in addition to IPv4. As IPv6-enabled consumer devices such as smartphones and tablets enter your network, you now have two communication channels to worry about. You need to know that your security controls and policies uniformly support IPv4 and IPv6. So how can you be sure your network remains protected as the industry moves towards IPv6?
Start by asking your IT security vendors the following questions:
Have their solutions satisfied industry required standards? Like the US government mandate that technologies it purchases must demonstrate compliance with IPv6, similar requirements may emerge in other parts of the world.
Can vendors demonstrate that their solutions work comparably with IPv4 and IPv6 traffic? For example, in the case of IPS/IDS solutions, does the product identify and block IPv6- and IPv4-based attacks?
Does their solution support a wide variety of tunnelling mechanisms? Tunnelling mechanisms are transition technologies that enable IPv6 hosts and routers to communicate over IPv4 networks.
Can their solutions operate and be managed over an IPv6 network? You should be able to designate an IPv6 IP address to a vendor device and manage it via IPv6 in order to deploy it on an IPv6 network.
In the case of vulnerability assessment, network discovery and IPS/IDS tools, are the vendors' security tools reliant on active vulnerability scanning? Active scanning tools may become crippled under the weight of the incredibly large number of IPv6 addresses available to search.
In the case of firewall policies and access control lists that are configured to block all ‘IP' traffic, do they in fact block IPv6 traffic as well as IPv4? Some network appliances require extra configuration to deal with IPv6 and use the term ‘IP' to only refer to IPv4.
Thus, identifying controls, solutions and policies that support IPv6 alongside IPv4 is essential to maintaining your organisation's security.
Sign up for the Daily Briefing
Get the latest news and updates straight to your inbox
Network Links
GN StoreDownload our app
© Al Nisr Publishing LLC 2026. All rights reserved.