Three Dependencies for Secure IoT Adoption - Part 3

The first two blogs discussed protecting our privacy and data, our personal safety, and the recommended cryptographic systems to protect these assets. This week’s blog discusses migrating from IPv4 to IPv6.

IPv6 or bust! da7a:1055:0:900d:90d::1:dead

Another factor to consider for implementing the Internet of Things is to migrate from IPv4 to IPv6 and, optionally, Mobile IPv6 which is defined in RFC 3775. There are practical reasons to migrate away from IPv4:

  • The IPv4 address space is exhausted, as it only allows 4.3 billion unique IP addresses to connect to the Internet. IPv6 connects 340 undecillion devices and things to the Internet!
  • IPv6 mandates the IP Security (IPsec) component, which uses the Authentication Header (AH) to provide authenticity for transported packets, and the Encapsulating Security Payload (ESP) extension header, which encrypts packets traversing the network.
  • IPv6 is enabled by default on Android OS versions 4.4 and 5.0, iOS version 4.1 and newer, Windows Phone 8.1, Windows Vista and newer, and Mac OS X 10.7 and newer.
  • Telecommunications carriers deploying IPv6 to their customers include AT&T (40%), Verizon Wireless (62%), T-Mobile (43%) and Deutsche Telekom (20%).
  • 10% of today's Internet traffic to popular websites like Google, Facebook, Youtube, Yahoo, LinkedIn and Wikipedia are using IPv6.

The benefit of Mobile IPv6 is roaming mobile devices as IPv6 nodes could change their point of attachment to the IPv6 Internet without having to change their address. This allows the device to maintain its previously connected link while changing locations.

As part of the transition to IPv6, a lot of companies will be configuring their devices and things for dual IP stack mode which is defined in RFC 4213. This means having both IPv4 and IPv6 addresses on these network end nodes. This introduces the potential for security threats by attacking either the IPv4 or IPv6 host address. Consider disabling IPv4 as soon as the node is migrated, and enable firewall rules or access control lists that block IPv4 traffic to migrated devices or things.

To Sum Things Up

The broad scope of the Internet of Things and its applications holds the promise for greatly improving our lives, expanding our connected infrastructure, and strengthening our economy in the future. The scale of its implementation is great. Ensuring the protection of our private data and personal safety are the basis for its quicker adoption and overall success. The secure management of these mobile devices will play a critical role in the implementation of the Internet of Things.

See also: Part 1 and Part 2 of this blog series.

James Saturnio

Senior Solutions Architect at MobileIron

About the author

James Saturnio is a Senior Solutions Architect for the Technical Marketing Engineering team at MobileIron. He immerses himself in all things cybersecurity with equal parts mobility and IoT technologies. He has been with MobileIron for 5 years. Previously, he worked at Cisco Systems for 19 years where he started out as a Technical Assistance Center (TAC) engineer, then a software engineer, and as a Technical Leader in the Security Technology and Internet of Things (IoT) business units. He was the main architect for the IoT security framework that is still being used today by Cisco’s IoT customers.