Course 853:
IPv6 Security Overview

(2 days)


Course Description

This course is an overview of the security features, risks, and countermeasures in IPv6. Through demonstrations and hands-on exercises, the participant sees the different IPv6 security features in action. After generic IPv6 threat approaches are reviewed, specific approaches and countermeasures for headers, routing, fragmentation, ICMP, and neighbor discovery are presented. Transition to IPv6 brings its own set of security problems and these are addressed in Chapter 4 of the course. The course concludes with a review of IPv6 security best practices.

Learning Objectives

  • List IPv6 Security Features
  • Know the threats and countermeasures to IPv6 headers
  • Know the risks in different transitions strategies and approaches to mitigation
  • Introduction to IPv6 security best practices

Who Should Attend

Anyone needing to understand security in IPv6.

Suggested Prerequisites

To receive maximum benefit from this course, the participant should have a background in IPv6 equivalent to that provided by Course 850: IPv6 Fundamentals or Course 854: IPv6 Programming.

Course Outline

Chapter 1: IPv6 Basics

  • Comparison of IPv6 and IPv4
  • Why Is IPv6 Required?
  • New Features in IPv6
  • Address Space of IPv6

Chapter 2: IPv6 Security Features

  • IPv6 IPSec
  • Addresses
    • Privacy Addresses
    • Temporary Addresses
    • Cryptographically Generated Addresses (CGA)
  • SEcure Neighbor Discovery (SEND)
  • Mobile IPv6 Security
  • Dynamic Routing Security
  • IPv6 and Firewalls

Chapter 3: IPv6 Security Threats

  • Comparison of IPv4 and IPv6 Threats
  • Specific IPv6 Threats: Examples and Countermeasures
    • Extension Header Threats
    • Router Header and Routing Protocol Abuse
    • Fragmentation Threats
    • ICMPv6 Threats
    • Neighbor Discovery Threats
  • Scanning in IPv6
  • IPv6 DNS Threats

Chapter 4: IPv6 Transition Security Threats

  • Transition Security Problems
  • Dual Stack Threats
  • Mitigating Dual Stack Threats
  • Tunneling Threats
    • 6to4 Threats
    • ISATAP Threats
    • Teredo Threats
  • Transition Security Best Practice

Chapter 5: IPv6 Security Best Practice

  • Creating an IPv6 Security Policy
  • Summary of IPv6 Security Best Practice

Please Contact Your ROI Representative to Discuss Course Tailoring!