IPv6 Distributed Security: Problem Statement

The deployment of IPv6 enabled devices and networks brings some issues, which must be addressed by security administrators in order to guarantee at least the same level of security obtained nowadays with IPv4 and network-based security schemes, allowing at the same time all the IPv6 advantages and possibilities. The most important issues are the rediscovery of end-to-end communication, the availability of IPsec in all IPv6 stacks, the increase in the number and type of IP devices and also the increase in the number of nomadic devices. The security policies and architectures currently applied in Internet with IPv4, do not longer apply for end-to-end security models which IPv6 needs. We will outline the advantages and drawbacks of both security schemes: network-based and distributed and will try to identify IPv6 issues that justify the need of a distributed security model for IPv6.