Endpoint Protection

 View Only

  • 1.  Why is IPv6 blocked in the default firewall policy?

    Posted Aug 23, 2010 05:59 PM
    I'm curious, is IPv6 blocked in the default Firewall policy because it is simply a best practice to disable services that are not in use, or because there are known vulnerabilities or issues that have been found as a result of having IPv6 enabled? 


  • 2.  RE: Why is IPv6 blocked in the default firewall policy?

    Posted Aug 23, 2010 06:43 PM
    Block IPv6 over IPv4 ( Teredo ) is blocked by default


    Teredo is a platform-independent
    protocol developed by Microsoft®, which is enabled by default in Windows Vista™. Teredo provides
    a way for nodes located behind an IPv4 NAT to connect to IPv6 nodes on the Internet. However, by
    tunneling IPv6 traffic over IPv4 UDP through the NAT and directly to the end node, Teredo raises
    some security concerns. Primary concerns include bypassing security controls, reducing defense in
    depth, and allowing unsolicited traffic. Additional security concerns associated with the use of
    Teredo include the ability of remote nodes to open the NAT for themselves, how it may benefit
    worms, ways to deny Teredo service, and the difficulty in finding all Teredo traffic to inspect.

    Block IPV6
    As SEP does not support IPV6.


  • 3.  RE: Why is IPv6 blocked in the default firewall policy?
    Best Answer

    Posted Aug 24, 2010 05:20 AM
    This will give you more info:

    http://technet.microsoft.com/en-us/library/bb726956.aspx



  • 4.  RE: Why is IPv6 blocked in the default firewall policy?

    Posted Aug 24, 2010 07:10 AM
    The Default Firewall Deny rule include blocking IPv6, IPv6 over IPv4.. The firewall blocks attacks that travel through IPv4, but not through IPv6. If you install the client on the computers that run Microsoft Vista, the Rules list includes several default rules that block the Ethernet protocol type of IPv6. If you remove the default rules, you must create a rule that blocks IPv6

     SEP includes the Symantec Client Firewall, which does not support IPv6. By default, the Symantec Client Firewall will block all incoming and outgoing IPv6 traffic. When you install Symantec Endpoint Protection suite on Windows Vista, it will disable Vista's built-in firewall (which supports IPv6). Thus, installing Symantec Endpoint Protection Suite on Windows Vista breaks IPv6.

    If you want to use Symantec Endpoint Protection Suite and have IPv6 working, you should not install the firewall component of Symantec Endpoint Protection Suite. In this case, you will need to use Windows' built-in firewall for both IPv4 and IPv6.



  • 5.  RE: Why is IPv6 blocked in the default firewall policy?

    Posted Aug 24, 2010 08:17 AM
    all of the above......... we've no need for it and it generates a bunch of extra garbage so personally, 4 us, I'm only happy to disable and block..........


  • 6.  RE: Why is IPv6 blocked in the default firewall policy?

    Posted Aug 24, 2010 09:47 AM
    Awesome, thanks guys.  I wish I could mark more than one as the solution, instead I will give your posts +1 vote.