Default security functions on an IPv6 CPE
thomas at cis.uni-muenchen.de
Thu May 5 16:34:50 CEST 2011
Am 05.05.2011 16:21, schrieb Guillaume.Leclanche at swisscom.com:
> As a service provider, we deliver CPEs to our broadband customers as
> part of the service. We're currently enabling v6 on our network, and
> before going into production we have an open question regarding
> security that we're not able to answer internally, so let's check the
> community :
> ** A SP deliver the CPEs with a stateful IPv6 firewall providing the
> same security features as an IPv4 NAPT, should it be turned ON or OFF
> by default ?
It means only traffic (answers) asked by the user is allowed.
I vote for ON.
> (and of course it's user configurable afterwards, that's not the
The advanced user will find the way.
There’s no place like ::1
Thomas Schäfer (Systemverwaltung)
Centrum für Informations- und Sprachverarbeitung
Schellingstraße 10 Raum J407A
80799 München ☎ +49/89/2180-9706 ℻ +49/89/2180-9701
More information about the ipv6-ops