Typically, we think of network IP addresses as a technical topic — not something a security director or security operations manager would be too concerned about. Not so fast…there are several reasons why the envisioned upgrade to the Internet’s main communications protocol, from the current IPv4 (Internet Protocol version 4) to IPv6, warrants attention with regard to physical security systems and their networks.
The World IPv6 Day tests — organized by the Internet Society and held on June 8, 2011 — were a large-scale experiment aimed at identifying problems associated with implementing IPv6, and getting a “sneak peek” at what the upgrade to IPv6 might look like across the Internet. This was not a single pass-or-fail scenario. It was a joint test by about 400 companies (including Google, Yahoo, Microsoft, Verizon, Facebook and others you know) to “turn on” IPv6 in their Internet servers and in the Internet backbone, to find out just what might happen as some Internet users tried to connect to the servers using IPv6, while the bulk of Internet users continued using IPv4.
It is necessary for the Internet to move to IPv6 addressing because IPv4 Internet addresses are running out, and some regions of the Internet have already run out of IPv4 addresses and have moved to IPv6. (Please see www.bpforip.com/article_ipv6.html for maps, charts and a 6-minute video about the differences between IPv4 and IPv6.)
IPv4 and IPv6 are not directly compatible — the difference has been compared to having two separate Internets. Users and companies assigned IPv6 addresses by their Internet Service Providers will not be able to connect to services that only use IPv4. Likewise, businesses that can only obtain IPv6 addresses (this starts first in Asia and eventually happens in the United States) will not be able to transact with customers on IPv4-only networks. This is not a theoretical situation. Case in point: in March of this year, Nortel Networks, the bankrupt networking hardware vendor, sold 666,624 IPv4 addresses to Microsoft for $7.5 million.
Yes, workarounds exist that can buy time and enable IPv4 systems and devices to interact with IPv6 systems and devices. But they impose constraints that cut off many benefits that come along with IPv6 capabilities, such as lowered network and system performance. They also require putting money into technology that will be thrown away in just a few years.
It is a situation where “doing it right the first time” makes sense from just about every perspective. That includes what we do with our networked security systems and devices.
Security Systems Impact
IPv4 has 4.3 billion IP addresses, while IPv6 has 340 trillion trillion trillion addresses. IPv6 fits the vision of an Internet where “any device could connect directly to any other device in the world.”
For security practitioners, devices on your security network need that direct device-to-device, system-to-system, and system-to-device level of capability and interoperability. You will need it if you want to engage in the level of real-time risk analysis and real-time communications and notification responses (via the corporate network and the Internet) that will be called for during the next decade. It is a given that your current security systems technology is almost completely unready for this near-term future.
Look at the impact that cell phone video and text messaging have on policing, and on capturing safety and security incidents that appear on the Internet and TV. Consider the role that text messaging, mobile e-mail and cell phone communications play in day-to-day security operations. For many universities, a fair portion of the student population is likely to know about a campus violence situation before Security can get its wits wrapped around it, thanks to text messaging, Twitter, and so on. This was not the case eight years ago.