I do not know anyone who has prepared a list of which IDS/IPS products support IPv6 and to what extent. It sounds like a golden opportunity for NSS to expand on their already world-class testing process and reports ;)
The vendors that support it will likely take this opportunity to chime in. For our part, ISS supports IPv6. We recognize, report, and protect against attacks within IPv6 itself as well as fully decode the protocol to support all the different tunneling modes we have been able to discover: Native 6, 6 in 6, 6 in 4, 4 in 6, 6 over UDP (Teredo), 6 over GRE, 6 in GTP, 6 in 4 in GTP, 6 in 4 over GRE, etc. Any of our algorithms that trigger on traffic transmitted over IPv4 would also trigger if the traffic were transmitted over IPv6 or any of the various tunnel configurations. Paul -----Original Message----- From: David Williams [mailto:[EMAIL PROTECTED] Sent: Sunday, October 30, 2005 9:53 AM To: [email protected] Subject: IPv6 support in IDS/IPS products Hi list, I've read that some IDS/IPS vendors can monitor IPv6, but not completely. For example, they might be able to alert on the presence of IPv6 traffic, but they can't actually do full analysis because they can't parse the headers correctly. Especially for things like IPv6 tunneled over IPv4, or IPv6 tunneled over IPv6, etc. Does anybody have a list of which vendors support what, and to what extent? thanks, D ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------ ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
