This topic provided an introduction of the Internet Protocol version 6. It included an overview of the protocol, its capabilities, and implementation, as well as design considerations for networked systems.
Internet Protocol version 6 (IPv6), sometimes referred to as IP Next Generation (IPng), is the new standard for internet communications, replacing the previous Internet Protocol version 4 (IPv4) standard that has been in use since 1981. IPv6 was published in 1998 and has been operational since 1999.
The interest in IPv6 is motivated by the larger number of addresses available with IPv6, since the last block of IPv4 addresses was assigned in February 2011.
IPv6 is important because it is a global network technology that has been operational for over a decade and because it is coming to NSA and its technology programs. It is impacting all Agency missions and applications in some manner. As NSA implements IPv6 with its own IT infrastructure, and programs must transition their systems, understanding IPv6 will become increasingly important to developers, managers, analysts, and staff across the Global Cryptologic Enterprise. IPv6 applies to user workstations, servers, campus area networks, data center networks, and the wide area network.
|Strengths||IPv6 provides significant improvements over its predecessor including increased address space, improved subnetting, improved routing, auto-configuration, multiple transition options, broad product support, non-interference with IPv4.|
|Weaknesses||The absence of interoperability between the protocols limits the ability of an IPv6 host to communicate with the IPv4 internet. The world-wide investment in IPv4 hinders the transition to IPv6 because it will require support for both protocols for the near future. The IPv6 security model requires changes in conventional security architectures.|
|Opportunities||Adopting IPv6 provides the Agency with the opportunity to develop experience with IPv6 ahead of most of the world, which has been slow to adopt the new protocol.|
|Threat||Early adapters have had over 10 years to learn the new protocol including its capabilities and vulnerabilities. Some of these adapters may have hostile intents against the US. IPv6 ships enabled in new products and can auto-configure itself on a network. Some scenarios could pose an unanticipated exposure.|