IT product manufacturers and enterprises that have not prepared for the IPv6 transition may be in for a few unpleasant surprises, says an official for an independent testing laboratory that is offering IPv6 certification testing.

At least half of the vendors that sell IT equipment to the government aren't prepared for a July 1, 2010 deadline which requires them to show IPv6 compliance to obtain any new contracts, says Guy Snyder, secure communications program manager for the ICSA Labs , an independent division of Verizon Enterprise Solutions that offers vendor-neutral testing and certification of security products.

Snyder believes IPv6 compliance is even less of a priority for enterprises that have stopped listening to warnings from service providers and others that exhaustion of IPv4 addresses is expected as early as 2011. That could be both a problem and an opportunity for telecom service providers, which are likely to be a first line of defense if businesses are forced to scramble to comply.

Telecom service providers are stepping up to this challenge with assessments and other managed service offerings. (See Is IPv6 Finally on the Verge?)

ICSA Labs is advising hardware and software vendors that sell to government agencies to make sure their equipment is tested for IPv6 compliance, and not assume they are ready.

"There have been products out that have been IPv6-ready or have been working with IPv6 for a while," Snyder says. "But a lot of vendors haven't modified their product to work against the IPv6 profile that NIST [the National Institute of Standards and Technology (NIST) ] wrote." That profile requires compliance with all of the Internet Engineering Task Force (IETF) standards for IPv6, which includes about 150 Requests for Comments (RFCs) that are "musts," Snyder says. Failure to comply with each and every one of those RFCs will prevent a product from being IPv6 approved by NIST.

Vendors may also be unaware of the full range of equipment covered, Snyder adds. In addition to obvious networking gear such as routers and switches, the NIST requirement also impacts printers and fax machines, and anything that might be connected to a network.

Snyder says he sees very few private enterprises getting ready for the IPv6 transition.

"I don't think they are going to get ready for it," he says. "This isn't like Y2K; they aren't preparing, even though D-day is coming and many predict we are going to run out of addresses in 2011. A lot of bad things are going to happen before they start getting ready."

— Carol Wilson, Chief Editor, Events, Light Reading