A Contribution to the January Newsletter – IPv6 and Security Trends

01/02/2013

RIPE-NCC (the Regional Internet Registry for Europe and the Middle East) exhausted its stock of IPv4 addresses in 2012, thus becoming the second RIR to reach the final stages of free IPv4 pool management. APNIC (the RIR for the Asia/Pacific region) had already exhausted its free pool back in 2011.

Current estimates indicate that ARIN and LACNIC will exhaust their IPv4 stocks in mid-2014. As the estimated exhaustion dates draw near, interest in IPv6 deployment grows – an effect that is evident in LACNIC’s assignment rate (during the first days of 2013, LACNIC reached 1500 IPv6 assignments) as well as in the IPv6 traffic measurements performed by various stakeholders.

In particular, IPv6 traffic measured by Google on its own services surpassed 1% of its total traffic for the first time. This might not seem much, yet it represents a yearly increase of more than 100%[1], a fact that clearly shows that IPv6 deployment for end users is becoming a reality.

In any case, it is likely that during 2013 we will witness the deployment of transition technologies in parallel with CGN (Carrier-Grade NAT) installations, most likely in those regions where IPv4 exhaustion is becoming a hard fact of life.

One of the highlights of 2012 was World IPv6 Launch Day. On 6 June 2012, some of the largest Internet content providers, among them Google, Facebook and Yahoo!, permanently enabled IPv6 on their public services.[2] The effect has been dramatic: more than 30% of dual-stack network traffic is now using IPv6.

This creates an economic incentive for deploying IP6. CGN equipment is expensive and introduces single points of failure within the operators’ networks, which is why any traffic that that can be sent natively over IPv6 represents a monetary saving for operators.

As to security, several emergent topics can be identified for 2013.

Security in the cloud will continue to be a hot topic for both enterprises and end users. Issues such as privacy of the data stored on the cloud and exposure to law enforcement- or court-ordered searches and seizures in different jurisdictions will be debated in the coming year.

Mobile application security will also present new challenges, particularly for companies trying to leverage mobile applications for corporate use. The potential impact of device loss or theft will surely motivate companies to start analyzing new data storage techniques for mobile devices.

Last but not least, we must highlight the emergence of threats to critical infrastructure, where critical infrastructure encompasses elements such as power generation facilities, water distribution plants, etc.

Carlos Martinez has been working as R+D Engineer at LACNIC since 2010. In addition to IPv6, he has been working on different projects such as Resource Certification (RPKI) and DNSSEC.

[1]Source: http://www.google.com/ipv6/statistics.html
[2]In 2011 they had already tested this functionality for a nentire day, an event called “World IPv6 Day.”