ipv6 strategy and new world of the internet
TRANSCRIPT
April 14th, 20041© NTT Communications
IPv6, m2m-x & Net Appliance- New World of the Internet -
Toshiyuki Yamasaki NTT Communications
April 14th, 20042© NTT Communications
Abstract
••E2E, M2M secure communication is E2E, M2M secure communication is our dream.our dream.
••IPv6 is a necessary condition, but IPv6 is a necessary condition, but something is still missing on the net. something is still missing on the net.
••““m2mm2m--xx”” makes the dream real.makes the dream real.••(IPv6)+(m2m(IPv6)+(m2m--x)+(Net Appliance)= x)+(Net Appliance)= New World of the Internet.New World of the Internet.
This presentation contains graphic images of other companies’ products which are available to the public on their web sites.
April 14th, 20043© NTT Communications
NTT/VERIO Global IPv6 Backbone and ServicesNSPIXP6 PAIX S-IX AMS-IXLINXUK6XJPNAP6 EQUI6IX
JapanJapan
KoreaKorea
TaiwanTaiwan
HongKongHongKong
MalaysiaMalaysiaAustraliaAustralia
U.S.A.U.S.A.
SpainSpain
DE-CIX
FranceFrance
GermanyGermany
NetherlandNetherland
PARIX
EnglandEngland
NTT/VERIOGlobal Backbone
NTT/VERIONTT/VERIOGlobal BackboneGlobal Backbone
OCN Japan BackboneOCN Japan BackboneOCN Japan Backbone
IPv6&IPv4 dual ADSL
IPv6 over IPv4 tunnel
IPv6 native transit for ISPs
IPv6 wireless (coming soon)
• Global IPv6 networks covering Asia, US, Europe
• IPv4/IPv6 dual-stack backbone• Providing commercial IPv6 transit
services in Japan (Apr ’01-), in Europe (Feb ’03-), in U.S. and many other AP-Region countries (June ’03-)
• More than 3 years experience in commercial operation
• Major IPv6-IX ConnectionsIPv6 VPN & multicast
April 14th, 20044© NTT Communications
Network is ready, time to deploy service platforms
19991999 20002000 20012001 20022002 20032003 2004
Today
2004 20052005
Platform ServicesNet Appliance Communication (m2m-x)
P2P-VPN (security)Hotspot (mobility)
VPS server hosting (IPv4/IPv6 Dual)
Connectivity Services NTT/VERIO Dual TransitOCN Dual ADSL
NTT/VERIO IPv6 Transit Europe HK Other Asia Pacific, USA Japan
Trial CommercialOCN IPv6 Tunnel
Global Backbone
R&D Commercial dual stack
April 14th, 20045© NTT Communications
IPv4 days, IPv6 days
HomeNetN
AT/
FW
The InternetThe Internet
My CameraMy CameraRemote Access/ControlRemote Access/ControlRemote Access/Control
My phoneMy phone
GrandpaGrandpa’’s phones phone
My phoneMy phoneReal-time CommunicationRealReal--time Communicationtime Communication
IPv6 days (IPv6 days (onymousonymous, bi, bi--directional, private server)directional, private server)
Server????
Contents AccessContents AccessContents Access
IPv4 days (anonymous, oneIPv4 days (anonymous, one--way, public server)way, public server)
Public InfoPublic Info
M2M communicationsM2M communications
M2M = Machine-to-Machine,
April 14th, 20046© NTT Communications
Our dream…
To provide EndTo provide End--toto--End Secure CommunicationsEnd Secure Communications
HomeNetThe InternetThe InternetHome
Net
MobileNetwork
MobileNetwork
MobileGW
My CameraMy TV
My Phone
April 14th, 20047© NTT Communications
The Reality…
Firewall, NAT, tired configuration & operationFirewall, NAT, tired configuration & operation
HomeNetworkThe InternetThe InternetHome
Network
MobileNetwork
MobileNetwork
MobileGW
My CameraMy TV
My Phone
NAT/FWNAT/FW
AttackAttack
April 14th, 20048© NTT Communications
What’s m2m-x?
MachineMachine--toto-- Machine for Machine for any[thing|place|timeany[thing|place|time]]
SecureSecureSecure EasyEasyEasy Low CostLow CostLow Cost
HomeNetworkThe InternetThe InternetHome
Network
MobileNetwork
MobileNetwork
MobileGW
My CameraMy TV
My Phone
NAT/FWNAT/FW
AttackAttack
m2m-xManagement Servers
Secure Signaling ChannelSecure Signaling Channel
April 14th, 20049© NTT Communications
What’s m2m-x? Versatile Platform for M2M (Machine-to-Machine) secure communication
•• Machine Authentication and Visibility Control Machine Authentication and Visibility Control –– Only you can see where it is and access itOnly you can see where it is and access it
•• Dynamic Firewall and NAT Control Dynamic Firewall and NAT Control –– Only you can go through firewalls and Only you can go through firewalls and NATsNATs
•• Light configuration and processing for IPsec key exchangeLight configuration and processing for IPsec key exchange–– Low price and Easy operationLow price and Easy operation
HomeNetwork
HomeNetworkThe Internet (IPv6/IPv4)The Internet (IPv6/IPv4)
NAT/FW
m2m-xManagement Server
MobileMobile
NAT/FW
MobileGW
ID=5678ID=1234
Secure Signaling ChannelSecure Signaling Channel
Secure Data ChannelSecure Data Channel
? Invisible
Core Technology= SIP & IPsec-lite
April 14th, 200410© NTT Communications
DNS vs m2m-x (example: private server access)
WAN
FW/N
AT
X anybody can see the presence and address of your home server
AttackerAttacker
access list- - -- - -
My ServerMy ServerMy PDAMy PDA
WANWAN LANFW
/NAT
m2mm2m--xx
only you can see the presence and address of your home server
automatic and real-time access security control
×
X
automatic encryption management
access list- - -- - -
My PDAMy PDA
AttackerAttacker
My ServerMy Server
access management
X tiresome FW/ NAT configuration
X services are always open for anybody
X tiresome id/pass and access management
DNSDNS
WAN LAN
April 14th, 200411© NTT Communications
Telephone vs Internet, something is missing on the net
Telephone (Managed, User Friendly)Telephone (Managed, User Friendly)
TelcoA
TelcoA
Tel:03-xxxsignalingsignaling
Tel:06-xxxsignalingsignaling
TelcoB
TelcoB
trusttrust trusttrust trusttrust
signalingsignaling
Internet (Do It Yourself)Internet (Do It Yourself)
Rou
ter/
NATISP
A
ISPA
ISPB
ISPB
IP: ?? IP: ??
trusttrust trusttrust trusttrust
connectivityconnectivityonlyonly
connectivityconnectivityonlyonly
Rou
ter/
NAT
××
××
××
××
××
××
××trusttrust×× trusttrust××
SignalingSignalingSignaling Terminal IDTerminal IDTerminal ID Trust ChainTrust ChainTrust Chain
April 14th, 200412© NTT Communications
m2m-x IP Home Appliance Services
IPv4IPv4
PC
TodayToday TomorrowTomorrow
IPv6m2m-x
IPv6m2m-x
DTV
DTV CameraSensor
PVR
HomeSecurity
VisualCommunication Remote
Control
White goods
Server
April 14th, 200413© NTT Communications
m2m-x IP Home Appliance trials (2004.1Q-3Q)MultiMulti--Media CommunicationMedia Communication
(Sanyo)Personal VPNPersonal VPN
(NTT Com, Fujitsu, Toshiba, DIT)Ubiquitous PrintingUbiquitous Printing
(Ricoh)PS2 TVPS2 TV--PhonePhone
(Sony)
Hotline w/ TOY Control PortHotline w/ TOY Control Port(Takara)
IPv6m2m-x
(NTT Com)
IPv6m2m-x
(NTT Com)
HomeSecurity
HomeSecurity
VisualCommunication
VisualCommunication
UbiquitousOffice
UbiquitousOffice
Cyber ConferenceCyber Conference(Pioneer)Net ToyNet Toy
EMIT Home SystemEMIT Home System(Matsushita) Bluetooth Home SecurityBluetooth Home Security
(Toshiba)
April 14th, 200414© NTT Communications
Ubiquitous Open Platform Forum
• Home Appliance Manufactures and ISPs established “Ubiquitous Open Platform Forum” to accelerate Internet Home Appliance market (Feb. 10th, 2004)
– Manufactures: Hitachi, Matsushita Electric Works, Mitsubishi, Panasonic, Pioneer, Sanyo, Sony, Toshiba
– ISPs: NTT Com, KDDI, Fujitsu, NEC, Panasonic, Sony
• NTT Com is the first chairman and acts key rolls
April 14th, 200415© NTT Communications
m2m-vpn (ex. end-to-end secure CAD collaboration)
VPN todayVPN today(m2m non(m2m non--secure, star, static, DIY)secure, star, static, DIY)
VPN tomorrowVPN tomorrow(m2m secure, mesh, dynamic, managed)(m2m secure, mesh, dynamic, managed)
IPv6m2m-xVPNVPN
HQ @Tokyo
Have to buy static bandwidthHigh cost, Narrow band
HQ @Tokyo
All traffic goes directly M2M.Low cost, broad band
VPN and FW configurations are managed.Managed,Plug and Play
Sites have to be statically connected.Not Flexible
Invite new members to join VPN dynamically.Flexible
IPv6m2m-x
Sales Office @NY Sales Office @NYFoundry @Beijing Foundry @Beijing
April 14th, 200416© NTT Communications
New World of the InternetCollaborationCollaboration
DTVDTV
PVRPVR
Monitor CamMonitor Cam
Digital CamDigital Cam
IPv6IPv6
HomeNetwork
officeNetwork
DataCenter
Mobile AudioMobile Audio
MobileNetwork
CensorNetwork
More Machines, More Applications, More Machines, More Applications, More Customers, More Solution MarketsMore Customers, More Solution Markets
SecuritySecurity
IC CardIC Card MFPMFP
Building ManagementBuilding Management
Energy ManagementEnergy Management
Remote AssistanceRemote AssistancePDAPDA ContentsContents
April 14th, 200417© NTT Communications
Thank you!
mailto:[email protected]://www.v6.ntt.net http://www.ipv6style.jp