Overview
ABSTRACT
This paper provides some description of IPv6 deployment strategies in mobile environment taking into account that IPv4-only applications must still be reachable by mobile users. In particular, double stack and IPv6-only strategies are described in-depth.
Then impacts of these strategies on security architectures are considered. These impacts are structured as follows: First, some analysis of main threats is carried out and then some inherent IPv6 protocol vulnerabilities are given.
Finally some first recommendations are provided so that mobile operators can protect their infrastructure and services against main risks conclude this paper.
Read this article from a comprehensive knowledge base, updated and supplemented with articles reviewed by scientific committees.
Read the articleAUTHOR
-
David BINET: IP Network Architect – Orange
INTRODUCTION
The services offered on mobile networks are increasingly based on the establishment of IP connections. This is due not only to the explosion in data services, but also to the deployment of LTE/EPC architectures, generally referred to as 4G, which rely solely on a "packet" network core. This evolution in terms of mobile network services and architecture should be seen in the context of a shortage of "public" IPv4 addresses, i.e. those that can be routed on the Internet. This is particularly the case on the American and Asian continents, and even in Europe in the very near future, and less critically in Africa and Latin America. Most of the major operators are therefore working on deploying the new version of the IPv6 protocol, some through commercial rollouts (T-Mobile, Verizon, Orange Poland, to name but a few), others through experimentation and some through contributions to standardization work (IETF, 3GPP, GSMA).
The integration of IPv6 into mobile networks can be based on a number of different strategies, including the choice of offering IPv6 connectivity as a complement to IPv4 connectivity, or providing customers with IPv6-only connectivity. Whichever option is chosen, one of the conditions is of course to maintain a quality of experience that is independent of the type of connectivity, and the operator must in particular ensure that the customer will be able to access all services, including those based on an IPv4-only protocol stack. The integration of IPv6 in mobile networks is naturally based on standardized building blocks, notably from the IETF, but takes into account a number of specificities linked to the mobile environment and in particular to the radio resources to be preserved. This article presents the techniques for introducing the IPv6 protocol into mobile networks, as well as the specifics of using dual-stack or IPv6-only connectivity.
The introduction of IPv6, while impacting the core network, terminals and applications, also means updating security architectures. These "security" impacts will be considered as follows in this article. The main vulnerabilities of mobile networks are described in 3 . These vulnerabilities are based not only on mobile network architectures and, in particular, the various interconnections with other networks, but also on analyses...
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!
The Ultimate Scientific and Technical Reference
KEYWORDS
vulnerability | IP/MPLS networks | mobility | risk | | mobile networks | IP networks
CAN BE ALSO FOUND IN:
This article is included in
Networks and Telecommunications
This offer includes:
Knowledge Base
Updated and enriched with articles validated by our scientific committees
Services
A set of exclusive tools to complement the resources
Practical Path
Operational and didactic, to guarantee the acquisition of transversal skills
Doc & Quiz
Interactive articles with quizzes, for constructive reading
Introducing IPv6 to mobile networks
Bibliography
Websites
• World IPv6 launch – measurements http://www.worldipv6launch.org
• Arbor Special Report – Worldwide Infrastructure Security Report https://www.netscout.com/arbor-ddos
• Secure Works – Assess your risk from an advanced persistent...
Exclusive to subscribers. 97% yet to be discovered!
You do not have access to this resource.
Click here to request your free trial access!
Already subscribed? Log in!
The Ultimate Scientific and Technical Reference