Today I want to give you a little teaser about my upcoming talk at the IPv6 Security Summit about First-Hop-Security on HP devices. In the past I presented on about First-Hop-Security in the Cisco realm and in virtualized environments. Until recently, Cisco was mostly the only vendor who had a sufficient implementation of various IPv6 security features on their access-layer switches, but HP closed the gap considerably and it’s time to have an in-depth look at their implementation of those features.
In order to make sure that everyone is on the same page, I will give a short introduction to First-Hop-Security in general and what kind of attacks those features try to mitigate. We will continue with an overview on what kind of features are supported on various HP platforms as well as detailed configuration examples for the most recent software versions (Comware 5 and Comware 7). I will demonstrate (live with some HP switches) the effectiveness of those features, we will determine whether these features can be circumvented (we did quite some lab testing ;)) and of course we’ll discuss operational aspects (expanding on this post). The last part consists of a summary, an outlook on what will come in the next 12-18 months and recommendations from our side which features one should use.
We still have some free seats so don’t miss out on this awesome event (I know I am biased, but others can surely approve ;))! Looking forward to see you in Heidelberg in March.
Have a nice week everybody!