Businessman jumping across broken span of bridge

When moving to IPv6, beware the risks

Opening up networks and systems to the next generation of Internet Protocols entails some risk, which agencies should be aware of and prepared to mitigate as they comply with Office of Management and Budget Mandates to enable IPv6.

More Info

Will IPv4 be obsolete sooner than expected?

The U.S. government is leading the transition to IPv6 and use of the new protocols is growing; one observer predicts IPv4 will be obsolete by the end of the decade. Read more.

The National Institute of Standards and Technology identifies the likely risks and remedies in its Special Publication 800-119, “Guidelines for Secure Deployment of IPv6.”

“IPv6 can be deployed just as securely as IPv4, although it should be expected that vulnerabilities within the protocol, as well as with implementation errors, will lead to an initial increase in IPv6-based vulnerabilities,” the guidelines say.

Likely security challenges of IPv6 deployment include:

  • The possibility that attackers might have more expertise with IPv6 than an organization in the early stages of deployment.
  • Difficulty in detecting and managing unknown or unauthorized IPv6 assets on existing IPv4 production networks.
  • The added complexity of operating parallel IPv4 and IPv6 networks.
  • A lack of IPv6 maturity in security products.
  • The proliferation of IPv6 and IPv4 tunnels can complicate defenses.

To meet these challenges, agencies should increase staff knowledge of and experience with IPv6 and plan for a phased deployment of the new protocols, NIST says. If IPv6 has not been formally deployed in a network, agencies should block all IPv6 traffic at the firewall, both incoming and outgoing.

About the Author

William Jackson is a Maryland-based freelance writer.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected