Chances are, if you're reading this around the time I am writing it, that your computer is not exposed to an IPv6 network. You're most likely on an IPv4 (classic) network. You can easily tell by trying the quick IPv6 test on this page.

Even if you're not on the new network stack yet, change is happening, and systems have to be adapted to make sure not only that the new network works (most - but not all - modern hardware and software "understands" IPv6), but also that when you do actually start to operate in an IPv6 world, that you are properly secured.

In an effective security world, you need to put protections in place soon enough, meaning before the threat appears. You have to protect proactively, without waiting for bad guys to exploit a network or system. In the case of the IPv4 to IPv6 transition, that means making sure things like intrusion prevention and detection systems, firewalls, and other software and devices that function in the network layer even know how to "talk" the IPv6 language.

A number of current security applications just don't know how, so now is the time for a call to action: IPv6-enable your technology right now, to prevent opportune threats in the future. Don't get caught with your pants down.

Kim Zetter wrote a good article on the subject the other day at WIred. "The Ghost in Your Machine: IPv6 Gateway to Hackers" outlines quite well the potential threat imposed by a lack of readiness from a security perspective. It's not all bleak and terrible news, but as the article makes clear, now is the time to fix the problem, before something bad happens.

Probably the most difficult aspect of understanding the potential issues introduced by an environment not ready for IPv6 is the lack of awareness among IT folk in general as to how IPv6 works, how it's used, and the services (quite good ones, I might add - take a look at how IPsec is baked right in, for example) integral to the protocol.

What's it take to get from here to there? Being prepared with real, solid and accurate information is probably the most important step. Not many of us are naturally wired to take action before something bad happens. As an IT guy, I can tell you this: In the real world, most IT people don't learn what they need to know until after they need to know it. A lazy learning methodology just won't work in this case.

For IT professionals, do not assume that just because you were able to pick up your IPv4 knowledge over a long weekend of studying and tinkering that you'll be able to do the same with IPv6 - That's just not the case. IPv6 is more complex and has a lot more parts to understand. If you haven't learned it by now, for shame. Some of you have a little time left. Get on the ball, and gain the deep understanding you need to do your job properly.

For application and hardware vendors that haven't yet dealt with the IPv6 change, you're running late. While many vendors of firewall software, switched, home routers, etc. have made the proper changes, there are also many that have not. Even worse, there are a variety of IPv4-to-IPv6 workarounds that can relatively easily be put in place by unknowing people (read: the IT guys mentioned above) that circumvent firewalls and other protections that are relied upon for good security. Bad design, convenient at the time, disaster waiting to happen. Prevent this.

If you're an individual computer user or owner, what is the status of your software vendors with regard to dealing with IPv6 network traffic? Are you running the latest firewall software, current router firmware? Do the latest versions protect you in an IPv6 world?

IPv6 is a great move, and in time it will dramatically change for the better how computers and devices interact. That is, if we don't manage to screw it all up in the process.

Now is the time. IPv6 is here, Go forth. Learn, analyze and secure.