FarsightedNews

Home Page

Only in FarSighted

Spotlight on SNIA

Analyst Watch

Events

June 2008

March 2008

November 2007

August 2007

May 2007

February 2007

Home » About SNIA » SNIA News » FarSighted » » AUGUST 2007 » »

IDC's Government Insights Predicts IPv6 Will Be the Wildcard Catalyst for Government Enterprise-level Security Improvements

A recent report released by Government Insights, an IDC company, predicts that the federal migration toward IPv6 could become the wildcard catalyst for government security improvements.

"Because many agencies will be operating in dual mode during the transition, they will need to configure and support both their IPv4 and IPv6 networks at the same time," says Shawn McCarthy, director, government vendor programs. "If firewalls or intrusion detection systems are not properly configured to recognize IPv6 traffic, IP packet switching networks can be exploited to deliver malicious software, or MalWare. Such configuration should be supervised at an enterprise level, but many agencies are not set up for that at the moment," he adds.

In this report, U.S. Government Security Budgets by Agency: Spending is Brisk, But Important Management Elements are Missing, McCarthy outlines various major security projects and security spending levels for each federal agency. The report predicts that as agencies take a true risk management approach to their security vulnerabilities, the inherent security hole in dual mode support will force them to deploy enterprise-wide configuration management tools. This report recommends that agencies make security automation software part of their IPv6 network transition plan, and use this software to set and monitor configuration settings.

"By standardizing and enforcing security configurations and managing access controls across multiple systems, government agencies will not only address the IPv6 issue, but also simultaneously address multiple other network security shortcomings such as patch management, software programming, interface requirements, and monitoring configuration settings for accidental or malicious changes," adds McCarthy. "On the other hand, if the security issues of dual-mode are ignored, then the government's IPv6 transition sill become an even larger enterprise-wide security headache."