IPv6 Security Technical Briefing

Understanding the new security issues introduced by IPv6 and the actions that you should take

• half day • £495/$900 • world-wide


You will learn:

  • The current status of IPv6
  • The security features of IPv6
  • IPv6 security risks
  • The differences in IPv4 and IPv6 security
  • The risks associated with IPv6 transition mechanisms.
  • How to mitigate the security risks associated with IPv6.
  • How to build IPv6 firewalls.
  • IPv6 security best practice.

 


Briefing Benefits

IPv6 is now widely available. In some organisations and parts of the world IPv6 is in common use.

Whilst you may not have implemented IPv6 in your network yet, you still need to secure your network against abuse using IPv6 protocols.

Modern network operating systems, including Windows Vista and Windows Longhorn, use IPv6 in preference to IPv4 and have IPv6 turned on by default.

You need to ensure that your network is IPv6 secure and that you are ready for any future implementation of IPv6.

 


Who should attend?

This course is ideal for IT security experts, network administrators, network support personnel, network designers, networking consultants, IT managers and IT directors.

Prerequisites

A knowledge of general networking concepts is assumed. Experience of IPv4 is necessary

 


Briefing Contents

IPv6 Basics

  • Comparison of IPv6 and IPv4
  • What is IPv6?
  • Why is IPv6 required?
  • Address Space
  • Is there an address shortage?
  • IPv6 improvements over IPv4
  • New features in IPv6
  • The benefits of IPv6
  • Motivations to implement IPv6
  • IPv6 status summary
  • Timescale predictions

IPv6 Security Features

  • Security features in IPv6
  • IPv6 IPSec
  • Privacy addresses
  • Temporary addresses
  • Cryptographically Generated Addresses (CGA)
  • SEcure Neighbor Discovery (SEND)
  • Mobile IPv6 security
  • Dynamic routing security
  • Examples of IPv6 security

IPv6 Security Threats

  • Summary of IPv6 threats
  • Comparison of IPv6 with IPv4 threats
  • Threats common to IPv4 and IPv6
  • IPv6 specific security threats
  • End-to-end transparency
  • Scanning in IPv6
  • IPv6 extension header threats
  • IPv6 router header abuse
  • IPv6 fragmentation threats
  • ICMPv6 threats
  • Neighbor discovery threats
  • ND threat examples
  • Cryptographically Generated Addresses (CGA)
  • SEcure Neighbor Discovery (SEND)
  • SEND and CGA
  • Mitigating ICMPv6 threats

IPv6 Transition Security Threats

  • IPv6 transition mechanisms threats
  • Transition mechanisms
  • Transition security problems
  • Dual stack threats
  • Mitigating dual stack threats
  • Tunnelling threats
  • 6to4 threats
  • Mitigating 6to4 threats
  • ISATAP threats
  • Mitigating ISATAP threats
  • Teredo threats
  • Mitigating Teredo threats
  • Other mechanisms
  • IPv6 DNS threats
  • Transition security best practice

IPv6 Firewalls

  • Configuring IPv6 firewalls
  • IPv6 firewall filtering rules
  • Filtering ICMPv6
  • IPv6 extension headers
  • Implementing IPv6 Ingress filtering
  • Assigned IPv6 addresses
  • Status of IPv6 firewalls
  • Deploying IPv6 firewalls

IPv6 Deployment Risks

  • IPv6 pilots
  • IPv6 DNS server
  • Addressing schemes
  • Deploying ICMPv6
  • End-to-end transparency
  • IPSec transport mode
  • Reduced functionality
  • Operational issues
  • ND proxies
  • Training

IPv6 Security Best Practice

  • Creating an IPv6 security policy
  • Summary of IPv6 security best practice

 


Certifications

All Erion IPv6 courses are certified by the IPv6 Forum. Erion also has its own IPv6 certification programme.

Certified IPv6 Certification
Certified Course IPv6 Forum
Certified Security Course IPv6 Forum

 


The Lecturers

All our lecturers are practising network consultants with extensive experience of IPv6 networking on Unix and Windows in large commercial environments. They are ideally suited to bringing you an up to date analysis of the status of IPv6.

Erion is the world's leading IPv6 training company.

 


Locations

Our courses are available world-wide in our virtual classrooms accompanied by virtual labs. We also deliver on-site training and public training at venues around the world.

Please contact us if you are looking for training in your area.

 

  • Aberdeen, Scotland, UK
  • Basingstoke, England, UK
  • Edinburgh, Scotland, UK
  • Glasgow, Scotland, UK
  • Inverness, Scotland, UK
  • Leeds, England, UK
  • London, England, UK
  • Manchester, England, UK
  • Sheffield, England, UK
  • Europe - various locations
  • Ljubljana, Slovenia
  • Malaysia - various locations
  • Boston, USA
  • San Francisco, USA
  • New York, USA
  • Washington DC, USA
  • USA - various locations