IPv6 Security

Overall rating: 4.50 Instructor: 4.69 Materials: 4.72 more …

IPv6 security challenges are almost identical to their IPv4 counterparts. There are layer-2 attacks, denial-of-service attacks, eavesdropping and session hijacking attacks, and routing security challenges.

This webinar describes the major IPv6 security challenges, the countermeasures you can take, and Cisco IOS features that can help you build secure IPv6 infrastructure. It covers the following topics:

  • Typical IPv6 security issues and attack vectors;
  • First-hop (layer-2) vulnerabilities;
  • Denial-of-service attacks, including the attacks specific to IPv6 protocol stack;
  • User authentication and authorization;
  • Routing security;
  • Dual-stack- and tunneling-related exposures;
  • IPv6 security in enterprise networks.
In November 2019 we'll have a live session with Christopher Werny talking about practical IPv6 security in enterprise networks.

Availability

This webinar is part of IP version 6 roadmap and accessible with standard subscription

Start now Access content

Contents

The technology part of the webinar covers these topics:

  • Typical IPv6 security issues
  • IPv6 attacks with strong IPv4 similarities
  • First-hop IPv6 vulnerabilities and prevention mechanisms
  • Secure Neighbor Discovery (SeND) and Binding Integrity Guard (RFC 6620)
  • Denial of service attacks
  • Local and remote neighbor discovery attacks
  • Attacks using IPv6 extension headers
  • User authentication and authorization challenges
  • Routing security
  • Dual-stack and tunneling-related exposures

In the second half of the webinar Christopher Werny will try to move you away from common attitudes in enterprise space ranging from "we're all doomed" to "no worries, we can do the same as before, just with longer addresses". Neither one of these constitutes a reasonable approach, and Christopher will help you figure out what aspects of IPv6 security are relevant, and how you can prepare your organization to deploy IPv6 in a secure but at the same time operationally feasible manner.

About the Authors

Eric VynckeEric Vyncke is a Distinguished Engineer based in the Brussels office of Cisco Systems. His main current technical focus is about security and IPv6. He has designed several secured hosting services, large IPsec networks, and other security related designs.

In his work for the IETF, he co-authored RFC 3585 and 5514 and is active in V6OPS, 6MAN and OPSEC working groups. His recent works are related to IPv6 including co-authoring a book on IPv6 Security.

He is also a visiting professor for security topics at the University of Mons, and an adjunct professor at HEC, the business school of University of Liège, Begium.

He holds a CISSP certification and speaks frequently at international conferences.

Ivan PepelnjakIvan Pepelnjak (CCIE#1354 Emeritus) has been designing, deploying, operating and troubleshooting IP-based enterprise and service provider networks since 1990. He’s the author of EIGRP and MPLS books published by Cisco Press, numerous articles and highly praised webinars, including Building Large IPv6 Service Provider Networks, IPv6 Security and IPv6 Transition Mechanisms.

His blog, where you'll find numerous data center- and IPv6-related articles, is usually considered one of the best technology-focused internetworking blogs.

More about Ivan Pepelnjak

Christopher WernySince 2006 Christopher Werny has been working for ERNW and is the head of ERNW’s network security team. He has been involved in network security implementation and assessment projects in several very large environments and is widely regarded as one of the main specialists for IPv6 and IPv6 security. Since 2009, he has dedicated a lot of time in IPv6 Research and the security implications of the new protocol.

Target Audience

If you’re planning to design, deploy or operate an IPv6 network, you simply have to attend this webinar, regardless of whether you’re working in an enterprise or service provider environment.

Happy Campers

Tweets

Listened to @ioshints webinar on #ipv6security I highly recommended it to others
@exactnetworks