Deploy360 5 June 2014

Video: Balancing End-user IPv6 Security and End-to-end Connectivity (RIPE 68)

Andrew Mcconachie
By Andrew McconachieFormer Intern

How do we balance security and functionality for end-users? Should IPv6 customer premise equipment(CPE) have a firewall enabled by default? In this lightning talk from Ragnar Anfinsen, learn about efforts within the Internet Engineering Task Force (IETF) to create a Best Current Practice document addressing this problem. Ragnar gives an update on where the IETF is on this question, and then solicits input from the audience and the operator community. The current version of the Internet draft, draft-ietf-v6ops-balanced-ipv6-security, can be found in the IETF document repository.

Ragnar’s talk, entitled “Balancing End-user Security and End-to-end Connectivity” is now available for viewing from the RIPE 68 site, and the slides are available for download.


After watching, check out our page on deploying IPv6 and IPv6 security to learn more about deploying IPv6 securely.

If you are not sure where to start with IPv6, check out our “Start Here” page with suggestions for different types of networks and users.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...