Date Published: December 9, 2021
Comments Due:
Email Questions to:
Author(s)
Douglas Montgomery (NIST), Murugiah Souppaya (NIST), William Barker (Dakota Consulting), Yemi Fashina (MITRE), Parisa Grayeli (MITRE), Joe Klein (MITRE)
Announcement
Publication of this project description begins a process to further identify project requirements, scope, and hardware and software components for use in a laboratory demonstration environment.
The National Cybersecurity Center of Excellence (NCCoE) will solicit participation from industry to develop an approach for addressing operational, security, and privacy issues associated with the evolution to IPv6-only network infrastructures. In addition, this project will demonstrate tools and methods for securely implementing IPv6, whether as a “greenfield” implementation in which there is no current IPv4 enterprise infrastructure, or as a transition from an IPv4 infrastructure to an IPv6-only network. This project will result in practice guides to encourage the secure transition to IPv6-only enterprise IT environments.
You can also help shape and contribute to this project. Join the Community of Interest by sending an email to ipv6-transition@nist.gov.
The NCCoE is planning a project to provide guidance and a reference architecture that address operational, security, and privacy issues associated with the evolution to IPv6-only network infrastructures. The project will demonstrate tools and methods for securely implementing IPv6, whether as a “greenfield” implementation in which there is no current IPv4 enterprise infrastructure, or as a transition from an IPv4 infrastructure to an IPv6-only network. While the focus is on enterprise networks, use case scenarios may address other technologies commonly found in modern enterprise environments such as hybrid public/private cloud services, mobile devices, remote/telework, and advanced transport services. The primary focus of the demonstration project will be on the security technologies, services, and recommended practices necessary to ensure that evolving enterprise IT environments to be IPv6-only can be accomplished in a secure and robust manner. This project will result in the publication of a NIST Cybersecurity Practice Guide, which can serve as a source of guidance and support for IPv6 acquisition, a reference for secure implementation requirements, and a source of test cases.
The NCCoE is planning a project to provide guidance and a reference architecture that address operational, security, and privacy issues associated with the evolution to IPv6-only network infrastructures. The project will demonstrate tools and methods for securely implementing IPv6, whether as a...
See full abstract
The NCCoE is planning a project to provide guidance and a reference architecture that address operational, security, and privacy issues associated with the evolution to IPv6-only network infrastructures. The project will demonstrate tools and methods for securely implementing IPv6, whether as a “greenfield” implementation in which there is no current IPv4 enterprise infrastructure, or as a transition from an IPv4 infrastructure to an IPv6-only network. While the focus is on enterprise networks, use case scenarios may address other technologies commonly found in modern enterprise environments such as hybrid public/private cloud services, mobile devices, remote/telework, and advanced transport services. The primary focus of the demonstration project will be on the security technologies, services, and recommended practices necessary to ensure that evolving enterprise IT environments to be IPv6-only can be accomplished in a secure and robust manner. This project will result in the publication of a NIST Cybersecurity Practice Guide, which can serve as a source of guidance and support for IPv6 acquisition, a reference for secure implementation requirements, and a source of test cases.
Hide full abstract
Keywords
internet; IPv6; IPv6-only; IPv6 transition mechanisms; network security; networking
Control Families
None selected
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
