• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Raz-Lee Supports IPv6 with IBM i Security Software

    October 22, 2013 Alex Woodie

    Raz-Lee Security last week announced it’s now supporting IPv6 addresses with its IBM i network security software suite. The change, which the company says involved extensive development work on three related products, should address concerns of IBM i shops that IPv6 connected devices won’t be properly interrogated by their IBM i network security software, and could create a vulnerability in the network protection scheme.

    Raz-Lee can now support the 128-bit hexadecimal IP addresses that are used in the IPv6 scheme within three components of its iSecurity suite, including: Firewall, its network security and exit point monitoring solution; Audit, which is used for monitoring security and the QAUDJRN; and AP-Journal, which is used to audit database changes and protect applications.

    The Israeli security company says iSecurity supports three types of IP addresses in iSecurity, including IPv6, IPv4, and IP-v4-mapped IPv6 addresses. The company says it implemented IPv6 support in the same manner as it is supported in IBM i, which has supported IPv6 since i5/OS V5R2 shipped over a decade ago. That is, “while IPv4 addresses are handled with subnet masks, IPv6 addresses are handled with a separate prefix length field,” the company says.

    This gives iSecurity the capability to properly identify Internet-connected devices with IPv6 addresses, and to separate them from 32-bit IPv4 or IPv4-mapped IPv6 addresses. This is important, the company says, because without the capability to properly identify IP addresses, it raises the possibility of mistakes being made in the IBM i security layer, such as blocking authorized devices or letting unauthorized devices have access.

    Raz-Lee CEO and CTO Shmuel Zailer claims Raz-Lee is the first IBM i network security software provider to support IPv6; the claim appears to be correct. While IPv6 addresses are not in widespread use at the moment–they accounted for only about 2 percent of traffic to Google in September–they are growing quickly, as the last IPv4 addressed was assigned in 2011.

    Raz-Lee developers had to take several things into account when it added IPv6 support to Firewall, Audit, and AP-Journal. They had to increase field sizes, making them 40 characters wide in some cases. They also had to add new fields, for family address, IPv6, and prefix length, Zailer said. “Also, the use of a different set of APIs is required. And of course the IPv4 mapped IPv6 address set will also be supported in parallel,” he said via email.

    Zailer questioned how other security software companies treat IPv6 addresses. The usual approach is to IPv6 addresses is to “strip the prefix and refer to it as IPv4. This is good but partial,” Zailer says.

    Other packages take other approaches. “One competitor decided to use generic* notification for IPs so an IP range becomes 192.71.12.1*. This very strange notification does not allow the actual flexibility of subnet mask, and was found impossible to communicate with the network people who spoke a ‘different language,'” Zailer said. “A second competitor uses a range notification such as 192.71.12.1 – 192.71.12.8. This by itself is very hard to manage as some ranges can overlap other ranges, while normally using a subnet mask, an IP range cannot ‘cross the border’ of another set.”

    The lack of actual IPv6 support can lead to troublesome situations, Zailer said. “In the best scenario, [it will] omit the check, and in the worst scenario, misinterpret it and use the first 32 of the 128 bits as a IPv4 address,” he said.

    George Alexander, a Raz-Lee technical documentation specialist, says the way that some IBM i security software packages “tolerate” IPv6 addresses could spell real trouble. “This kind of algorithm can lead to malicious entries not being detected, or even worse, being approved,” he said via email.

    Raz-Lee is hoping that IPv6 support gives it a competitive advantage. “IPv6 is the inevitable wave of the future. Big companies are either already there or seriously considering it,” Zailer said. For more information, see www.razlee.com.

    RELATED STORIES

    Raz-Lee Delivers New IFS Object Security for IBM i

    McAfee Works with Raz-Lee to Monitor DB2 for i

    IPv6: Internet Protocol of the Future, Currently in V5R2



                         Post this story to del.icio.us
                   Post this story to Digg
        Post this story to Slashdot

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags:

    Sponsored by
    WorksRight Software

    Do you need area code information?
    Do you need ZIP Code information?
    Do you need ZIP+4 information?
    Do you need city name information?
    Do you need county information?
    Do you need a nearest dealer locator system?

    We can HELP! We have affordable AS/400 software and data to do all of the above. Whether you need a simple city name retrieval system or a sophisticated CASS postal coding system, we have it for you!

    The ZIP/CITY system is based on 5-digit ZIP Codes. You can retrieve city names, state names, county names, area codes, time zones, latitude, longitude, and more just by knowing the ZIP Code. We supply information on all the latest area code changes. A nearest dealer locator function is also included. ZIP/CITY includes software, data, monthly updates, and unlimited support. The cost is $495 per year.

    PER/ZIP4 is a sophisticated CASS certified postal coding system for assigning ZIP Codes, ZIP+4, carrier route, and delivery point codes. PER/ZIP4 also provides county names and FIPS codes. PER/ZIP4 can be used interactively, in batch, and with callable programs. PER/ZIP4 includes software, data, monthly updates, and unlimited support. The cost is $3,900 for the first year, and $1,950 for renewal.

    Just call us and we’ll arrange for 30 days FREE use of either ZIP/CITY or PER/ZIP4.

    WorksRight Software, Inc.
    Phone: 601-856-8337
    Fax: 601-856-9432
    Email: software@worksright.com
    Website: www.worksright.com

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Sponsored Links

    BCD:  Recorded Webinar: How to Simplify RPG or PHP Mobile Development with jQuery
    SEA:  Authority on Demand (AOD) controls user permissions while responding to emergencies.
    Four Hundred Monitor Calendar:  Latest info on national conferences, local events, & Webinars.

    More IT Jungle Resources:

    System i PTF Guide: Weekly PTF Updates
    IBM i Events Calendar: National Conferences, Local Events, and Webinars
    Breaking News: News Hot Off The Press
    TPM @ EnterpriseTech: High Performance Computing Industry News From ITJ EIC Timothy Prickett Morgan

    Integrated Systems Drove $1.2 Billion In Sales In Q2, Says IDC Responsive Web Design

    Leave a Reply Cancel reply

Volume 13, Number 30 -- October 22, 2013
THIS ISSUE SPONSORED BY:

CCSS
Databorough
SEA - Software Engineering of America
Essextec
TECA Data

Table of Contents

  • Raz-Lee Supports IPv6 with IBM i Security Software
  • Robot/CONSOLE Gets IASP Support, Is Now Ready for PowerHA
  • RPG Toolkit Updated for TR7 Capabilities
  • Halcyon Tidies Up Journal Receivers, Tightens Up QAUDJRN
  • Townsend Stores Encryption Keys in the Cloud
  • Magic Adds Mobile Device Management to Mix
  • Tectrade to Sell LaserVault UBD in Europe
  • Jack Henry Debuts Outsourced Call Center Service
  • IBS Bundles All Enterprise Apps Into Business Suite 2014
  • Micro Focus Finally Goes GA with RUMBA for iPad

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • How Committed Is Big Blue To The IBM Cloud?
  • Immutable Copies Are Only As Good As Your Validation
  • Guru: IBM i *USRPRF Security
  • ERP Transitions Loom for SAP on IBM i Customers
  • Inflation Pumps Up Global IT Spending, Supply Chain Deflates It
  • COMMON Set for First Annual Conference in Three Years
  • API Operations Management for Safe, Powerful, and High Performance APIs
  • What’s New in IBM i Services and Networking
  • Four Hundred Monitor, May 18
  • IBM i PTF Guide, Volume 24, Number 20

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2022 IT Jungle

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.