Appendix G: Network Security and IPv6
Internet Protocol Version 6 (IPv6) is the next-generation protocol designed to replace IPv4. The primary difference between IPv6 and IPv4 is that IPv6 supports a greater number of IP addresses and is designed to meet the demand from Internet-capable devices in the future. Unlike IPv4, which uses 32-bit addressing, IPv6 addresses are 128-bits to handle the increased demand for IP addresses.
Network Security 6.0 is IPv6-tolerant. That means that Network Security can "tolerate" IPv6 addresses in every exit point managed by Network Security 6.0.
Network Security and IPv6 tolerance
A system can have both IPv6 and IPv4 address types active. However, when Network Security detects an IPv6 client address, the IPv6 address will be "tolerated" by converting it to an IPv4 address. Whenever possible, the IPv4 address will be the address associated with the client.
If no IPv4 address can be determined, but a valid IPv6 address is supplied, Network Security uses a default address (for example, 192.168.255.0). The default IP address is generated so you can make a decision on how to set rules.
If no valid address can be determined, Network Security uses second default address (for example, 1.0.0.0).