Duncan urges companies to implement IPv6 on their networks and to put appropriate security controls such as deep packet inspection in place so that they can manage IPv6-related vulnerabilities.
"Enterprises need to make sure that their security vendors can protect against these specific IPv6 vulnerabilities,'' he says. He urges companies to get their systems and network engineers trained in IPv6 and to develop an IPv6 cybersecurity plan.
Duncan says that enterprise network managers are gaining in awareness of IPv6 but that they aren't focused enough on the related security issues. "There's not as much focus on IPv6 security as there is with IPv4 security," he says.
Donnan says this is a worry because U.S. companies are vulnerable to IPv6 attacks sent by countries such as China.
"There is state-sponsored hacker activity, and they are very savvy about IPv6," Donnan says.
Carriers and enterprises are migrating to IPv6 because the Internet is running out of addresses using IPv4. The free pool of unassigned IPv4 addresses expired in February, and in April the Asia Pacific region ran out of all but a few IPv4 addresses being held in reserve for startups. The American Registry for Internet Numbers, which doles out IP addresses to network operators in North America, says it will deplete its supply of IPv4 addresses this fall.
IPv4 uses 32-bit addresses and can support 4.3 billion devices connected directly to the Internet, but IPv6 uses 128-bit addresses and can connect up a virtually unlimited number of devices: 2 to the 128th power. IPv6 offers the promise of faster, less-costly Internet services than the alternative, which is to extend the life of IPv4 using network address translation devices.
Read more about lan and wan in Network World's LAN & WAN section.