Previous Page
Next Page

Security

Software applications and network infrastructures are mission-critical elements in today's economy. Those who use these resources as well as those who intend to abuse them understand their value. Security is a broad term that encompasses all the steps taken to evaluate the risks these resources are exposed to and implement the measures to counter them. Examples of threats and countermeasures include the following:

  • Software application attacks, denial-of-service (DoS) attacks, virus distribution, and data security breaches

  • Network infrastructure attacks, attacks on the network elements

  • Interception of data exchanged across public domains

IP security is not only a concern for enterprise networks; it is a concern even at the smaller scale of home networks. Internet access is becoming part of our daily lives whether we use it for online banking, VoIP, or information gathering. Attackers take this window to the larger world to be their door into the privacy of our own lives.

In some contexts, security takes a network management and operational perspective, although in others it becomes a service. Both aspects are interesting, but in the end security has to be looked at and implemented in a holistic and consistent manner. For this reason, the topic is rather vast, and it grew to be this way through the relentless efforts of creative attackers. The reader can get a complete and detailed picture of the IPv4 network security challenges and solutions from books such as Sean Convery's Network Security Architectures.

Cisco SAFE Blueprint is a comprehensive set of references and design guides on securing various types of IPv4 networks and the services they deploy.

One of the most common misconceptions with respect to IPv6 is that it is more secure than IPv4. It is believed that when you eliminate NATs, IPv6 enables fully secured traffic to transparently cross the boundary between public and private domains. The peer-to-peer communications model reinstated by IPv6 enables the endpoints to secure their information exchange. This is a good idea if implemented by all endpoints. Otherwise, it could instill a false sense of security. Without having everyone participate in this new security paradigm, some RFC-obeying users might be left with a false sense of security. It all started with the good intentions of RFC 2401 that mandated the use of IP Security (IPsec) with IPv6. Although the mandated observance would bring without a doubt a higher level of security, its success would depend on a consistent and proper implementation of IPsec on all applications and networked devices. Until then, IPv6 is equally secure or insecure as its counterpart is. In fact, most IPv6 deployments to date do not leverage any encryption, and that makes them more vulnerable. The operational lessons learned from securing IPv4 networks and applications have yet to be all applied to IPv6, and this offers attackers extra opportunities during this transitional phase.

Overestimating how secure IPv6 is could be dangerous. However, it would be unfair not to mention the committed effort made by the networking community to anticipate and provision for protocol security holes in IPv6. For new protocols that could be built with embedded security from the start, the topic was deemed so important that it blocked the standardization process until it was properly addressed. A good example is Mobile IPv6 (MIPv6), which embedded security in the route-optimization process and provisioned for control steps to secure the binding-update process. For protocols already built on the structure of their IPv4 counterparts, dramatic changes were avoided for practical reasons, and only limited tweaks were implemented. An example in this category is OSPFv3, which replaced the Message Digest 5 (MD5) authentication with IPsec AH and ESP headers to provide integrity, authentication, confidentiality, and anti-replay protection of routing information exchanges.

Because of their similarities, IPv6 inherits the vulnerabilities of IPv4. For the common threats, the same countermeasures are applied. There are, of course, security improvements as well as new threats that stem from IPv6's idiosyncrasies, and these are discussed in Chapter 9, "Securing IPv6 Networks."

It is also important to address the entire area of IPv6 transition mechanisms. In this case, the various tunnel types open the door for IPv6 attacks, but more important, they provide opportunities to circumvent the security measures protecting the underlying IPv4 infrastructure. In addition, changes made to IPv4 security measures and devices to accommodate IPv6 migration mechanisms can weaken an IPv4's network defense. Standardization work is being done to address these security risks, but for the time being they remain a concern.

These topics are further discussed in Chapter 9. The final word in security risk assessment and best-practices recommendations will come from the operational experience that will be gained while managing large IPv6 deployments.


Previous Page
Next Page