IPv6 is coming whether you and your organization have adequately planned for it or not. IPv6, all its new features and functionality, resulting security issues, as well as a number of other enterprise issues, should be considered in your preparation. Consider these 10 things companies and government agencies should do now to be prepared for this inevitability.
1. Take a Net-centric View – Understand How IPv6 affects Your Organization
In our opinion this action is the most important. You must understand what IPv6 will mean to your operation. What are its implications at a high level? Viewing your operation in a network centric world means that before you do anything you must understand how IPv6 will impact your operation. What are the possibilities, opportunities, threats, what does network centric really mean? IPv6 has business model implications and you need to understand them.
2. Establish the Goals, Path and Timeline for Your Transition
Once you have set a network centric view take a practical look at the steps to get there, set some goals, set some time lines and build a network centric roadmap. When you have an endpoint then you can define what it is you aim to achieve by implementing IPv6, what members of your organization will be involved, and their roles, and timelines to get there.
3. Inventory your Equipment
Take the time to inventory your equipment. This is generally part of good practice, but gather the additional metrics needed to assess your network for v6 capability. Once you have a clear inventory of your equipment, building a transition plan based on what you already have – and what will be needed going forward – will be easier.
4. Identify your Software and Services and How they Need to Change
Identify current software and services that are running on your network and understand the gap analysis for v6 transition. Work with your vendors and provide documentation of your plans to your vendor community to create a collaborative plan for IPv6. Understand the timelines for “IPv6 capable”. Establish upgrade strategies, and map out alternative methods to work around varying vendor IPv6 readiness.
5. Develop an Addressing Plan and Understand the Implications for Your Network Architecture
Most IPv4 networks have been designed to minimize the consumption of addresses -- with IPv6 this goes away. The massive IPv6 address pool combined with a networking paradigm where everything will be connected warrants a completely new IP address allocation strategy. Understand and then build a new addressing plan, and generally this will result in a new and different network architecture.
6. Set up a v6 Test Environment
Any IPv6 integration effort will require testing of new architectures, hardware and applications before attempting to place those solutions in a production environment. Development of an IPv6 test environment will help build your IPv6 experience quotient and reduce impacts to IT services during deployment.
7. Devise and Implement a Security Policy
One significant change with IPv6 is in security. At a high level, IPv6 will usher in a paradigm change in security from the current “physical” security model with firewall and penetration prevention at the edge, to a “policy” security model. The policy model is a defense in-depth strategy to security where individual devices or classes of devices will connect, most likely in an ad-hoc, mobile way and establish a trusted relationship on the network based on policy criteria such as credentials, virus protection, and authentication. Moreover, since IPv4 and IPv6 will co-exist for a long time, security policy has to address this co-existence in specific ways to defend against all the prior IPv4 threats and account for the new IPv6 threats.
8. Establish an IPv6 Education Plan
IPv6 is not simply IPv4 with additional addresses. It is a feature-rich IP protocol that allows you to build networks and the applications with enhanced features. Misinformation is the biggest problem with IPv6. Your organization needs to understand IPv6 thoroughly. Make a commitment to this understanding and establish a plan to develop the IPv6 skill set your organization needs. Include all levels of the organization; do not limit your education to just network engineers and IT staff, but include managers and officers of the company.
9. Develop an IPv6 Procurement Strategy and Policy
IPv6 transition will take time. Start today by setting in place a sound procurement strategy. Plan that everything you buy will be connected to the network -- beyond everything that consumes power to every item that can collect or decimate information. IPv6 value is about connecting to your goods and service, products and customers wherever they exist. Establish the network connectivity roadmap and work with your vendors today to collaborate on specifications for connectivity. This will take time, and starting today will advance you toward the competitive advantage of “everything connected.”
10. Establish a Mitigation Strategy
Be realistic. There are many items that will never make the transition. They are old, unsupported or little used, or just not worth it. The object of a mitigation strategy is to recognize this in advance and establish a process to deal with these devices in a single consistent way to avoid having multiple solutions to a single problem. It is good practice and it helps socialize the diversity of IPv6 transition.
11. Don’t Be in Denial
Number 11 of the top 10 is another reminder that IPv6 is coming. Even if your organization is not thinking about IPv6 or even if you are deliberately NOT planning to leverage IPv6. You must begin to address IPv6 in some ways. Vista is here and Windows Server “Longhorn” is coming -- and they are v6 by default. Today you can buy v6 capable phones over the counter that will wirelessly try to connect v4 or v6 and then start attempting to tunnel to the v6 Internet. The drivers are all around us. Ten years ago you started using email and today network penetration is still accelerating. Network innovation is just beginning. IPv6 is more prevalent than you realize. Take a common sense approach and a hard look at your organization and the points on this list.