Scott Hogg, who is also the coauthor of the Cisco-approved and a regular contributor to Network World's Cisco Subnet , told FutureNet attendees that IPv6 could pose major security problems for their networks even if they hadn't yet deployed the new Internet layer protocol. This is because operating systems such as and Linux are already IPv6 capable and thus any networks that use these operating systems might be handling IPv6 traffic without their operators' knowledge. Additionally, one way that IPv6 addresses connect to each other over IPv4 networks is through encapsulating IPv6 data in IPv4 packets and then "tunneling" through the older network. Because the typical firewall is unable to unwrap these IPv4 capsules to inspect the traffic inside, Hogg said that they could be a way for hackers to break into networks.

"The firewalls don't look closely enough at encapsulated packets because the typical firewall today has nothing capable of opening up the capsule," he said. "Some vendors are starting to work together on this problem but they aren't there yet."

Hogg also said that creating dual-stack transition networks that run both IPv4 and IPv6 can create vulnerabilities for networks because they can become vulnerable to attacks with either IPv4 or IPv6 traffic. He said that any enterprise building a dual-stack network should make sure that it is secure before switching on any IPv6 capabilities. This means securing the network perimeter first, hardening network devices and building the IPv6 network first from the core and then out to the edges.

"In a lot of ways it's very similar to what you do to secure an IPv4 network," he said. "The migration strategy should be going from the core on out."