Security in an IPv6 Environment: 1st Edition (Hardback) book cover

Security in an IPv6 Environment

1st Edition

By Daniel Minoli, Jake Kouns

Auerbach Publications

288 pages | 56 B/W Illus.

Purchasing Options:$ = USD
Hardback: 9781420092295
pub: 2008-12-16
SAVE ~$22.00
Currently out of stock
$110.00
$88.00
x
eBook (VitalSource) : 9780429119873
pub: 2016-04-19
from $55.00


FREE Standard Shipping!

Description

Analyze Key Security Mechanisms and Approaches with this practical primer, the first book on the market to cover critical IPv6 security considerations.

Dan Minoli, author of over 50 books on telecommunications and networks, and Jake Kouns, Chairman, CEO and CFO of the Open Security Foundation, discuss IPv6 security vulnerabilities, considerations, and mechanisms, and survey approaches for ensuring reliable and controlled IPv6 migration. The authors pool knowledge from industry resources, RFCs, and their own considerable security experience, discussing key IPv6 features, security issues, and potential exploitation of IPv6 protocol. They examine use of firewalls and encryption, and the fundamental topic of IPSec in IPv6 environments.

Protect Networks from New and Growing Threats

An increasing amount of mission-critical commercial and military operations are supported by distributed, mobile, always-connected, hybrid public-private networks, especially IPv6-based networks. The number of attackers or inimical agents continues to grow, and all computing environments must feature high-assurance security mechanisms. Even administrators in pure IPv4 environments require at least a rudimentary understanding of IPv6 security principles to safeguard traditional networks. This comprehensive book explains why security savvy approaches are indispensible and includes considerations for mixed IPv4 and IPv6 migration environments. More than an exhaustive treatment of IPv6 and security topics, this text is a point of departure for anyone adjusting to this technological transition and subtending security considerations.

About the Authors

Daniel Minoli, director of terrestrial systems engineering for SES Americom, has done extensive work with IPv6, including four books on the subject.

Jake Kouns (CISSP, CISA, CISM), director of information security and network services for Markel Corporation, is also co-founder and president of the Open Security Foundation.

Table of Contents

Introduction, Overview, and Motivations

Introduction and Motivations

IPv6 Overview

Overview of Traditional Security Approaches and Mechanisms

Basic IPv6 Protocol Mechanisms

IPv6 Addressing Mechanisms

Address Types

Addresses for Hosts and Routers

IPv6 Addressing (Details)

IANA Considerations

Creating Modified EUI-64 Format Interface Identifiers

64-Bit Global Identifier (EUI-64) Registration Authority

More Advanced IPv6 Protocol Mechanisms

IPv6 and Related Protocols (Details)

IPv6 Header Format

IPv6 Extension Headers

Packet Size Issue

Flow Labels

Traffic Classes

Upper-Layer Protocol Issues

Semantics and Usage of the Flow Label Field

Formatting Guidelines for Options

IPv6 Infrastructure

Routing and Route Management

Configuration Methods

Dynamic Host Configuration Protocol for IPv6

More on Transition Approaches and Mechanisms

Security Mechanisms and Approaches

Security 101

Review of Firewall-Based Perimeter Security

IPv6 Areas of Security Concerns: Addresses

Documented Issues for IPv6 Security

Basic IPv6 Security Considerations

IPv6 Flow Labels Issues

ICMPv6 Issues

Neighbor Discovery Issues

Routing Headers

DNS Issues

Minimum Security Plan

IPsec and Its Use in IPv6 Environments

Overview

IPsec Modes

IP Authentication Header (AH)

IP Encapsulating Security Protocol (ESP)

Supportive Infrastructure: IPsec Architecture

Related Observations

Firewall Use in IPv6 Environments

Role of Firewalls for IPv6 Perimeters

Packet Filtering

Extension Headers and Fragmentation

Concurrent Processing

Firewall Functionality

Related Tools

Security Considerations for Migrations/Mixed IPv4-IPv6 Networks

Transition Basics

Security Issues Associated with Transition

Threats and the Use of IPsec

NATs, Packet Filtering, and Teredo

Use of Host-Based Firewalls

Use of Distributed Firewalls

About the Authors

Daniel Minoli, director of terrestrial systems engineering for SES Americom, has done extensive work with IPv6, including four books on the subject.

Jake Kouns (CISSP, CISA, CISM), director of information security and network services for Markel Corporation, is also co-founder and president of the Open Security Foundation.

Subject Categories

BISAC Subject Codes/Headings:
COM043000
COMPUTERS / Networking / General
COM053000
COMPUTERS / Security / General
COM060000
COMPUTERS / Internet / General