Most U.S based enterprises have not yet officially moved their networks to IPv6. That doesn’t mean that there isn’t IPv6 traffic on their networks and that’s where potential problems might exist. Traffic that isn’t monitored and managed represents a security risk.
To help solve the problem of IPv6 visibility, networking equipment vendor Blue Coat this week announced an updated version of their PacketShaper network visibility system software technology.
“PacketShaper can now classify and control specific applications running over IPv6,” Steve House, senior director of Product Marketing and Management, told EnterpriseNetworkingPlanet. “PacketShaper has been a great platform for getting visibility in applications and content types running over the network, so customers can then turn around and take control.”
The PacketShaper technology was originated by Packeteer, a company that Blue Coat acquired in 2008 for $268 million. PacketShaper is comprised of the PacketShaper hardware appliance portfolio and the PacketShaper operating system that runs on top.
House noted that in their beta tests with customer deployments, they had multiple cases where customers discovered IPv6 traffic on their respective networks that they previously were not aware of.
“IPv6 is out there, it’s still a small percentage of overall traffic, but it’s out there,” House said. “It’s not something you should be worried about overrunning the network, but you need to understand it the same way you understand IPv4 traffic, to make sure nothing bad is going on.”
By expanding visibility into IPv6 traffic, PacketShaper appliances will have to scan the larger packet headers that come with IPv6 addresses. In order to prevent performance degradation, Blue Coat has also improved performance. Previous PacketShaper appliances had a limitation of 2 gigabytes per second (Gbps) of traffic throughput and with the PacketShaper 9.1 release that has been expanded up to 5 Gbps.
Inspecting IPv6 traffic is not just a simple matter of making the PacketShaper IPv6-aware, there is also application specific work that needed to be done, as well.
“We have to look at each new application and see how the startup differs in IPv6 verses an IPv4 world,” House said. “Each application was a bit of work to make sure we understood it.”
The packet formats and headers for IPv6 are different which is where the work came in to understand the difference from IPv4 traffic.
Moving forward for future releases, the current roadmap calls for a shift in the bare metal operating system that the PacketShaper OS runs on. Currently, it’s a proprietary real-time OS, but that is set to change. Blue Coat has a historical relationship with the FreeBSD open source operating system for other elements of their portfolio.
“We plan to move to a 64 bit Linux or FreeBSD operating system and, over time, we will be offering virtual solutions,” House said.