Name: draft-le-mip6-firewalls-01
Title: Mobile IPv6 and Firewalls
State: Active
Authors: Franck Le
Group: Individual Submissions (none)
Date: 2004-07-20
Firewalls are an integral aspect of a majority of IP networks today given
the state of security issues, threats and vulnerabilities to data networks.
IP networks today are predominantly based on IPv4 technology and hence
firewalls have been designed for these networks. IPv6 networks are growing
at a slow rate. Firewalls for IPv6 networks are still maturing and in
development. The IETF has recently standardized Mobile IPv6 which adds
mobility support to IPv6. Given the fact that Mobile IPv6 is a recent
standard, most firewalls available for IPv6 networks today do not support
Mobile IPv6. Unless firewalls are aware of Mobile IPv6 protocol details,
these security devices will hamper large-scale deployment of the protocol.
This document presents in detail some of the issues that people deploying
IPv6 networks which include firewalls should consider when expanding the
scope to support Mobile IPv6 as well. The issues are not only applicable to
firewalls protecting corporate networks, but are also applicable in 3G
mobile networks such as GPRS/UMTS and cdma2000 networks where packet
filters are implemented in the GGSN in GPRS/UMTS networks and the PDSN in
cdma2000 networks. The goal of this Internet draft is to highlight the
issues with firewalls and Mobile IPv6 and act as an enabler for further
discussion. Issues identified here can be solved by developing appropriate
solutions in the MIP6 WG.
[sh-index] Back to list of manuals
|
| |
