For a long time, an “IPv6 is more secure” myth persisted because the IPv6 protocol required that Internet Protocol Security (IPsec) be implemented. Or at least it did, until Request for Comments (RFC) 6434 was adopted in 2011. (Since obsoleted in 2019 by RFC 8504.) Deploying and maintaining IPsec can be difficult for many reasons. This article describes some persistent misconceptions about IPv6 security. This publication from the National Security Administration (NSA) provides multiple configuration examples to facilitate the correct use of IPsec. This presentation describes a deployment of IPv6 multicast in conjunction with IPsec.
“Security” should not be used as a strong reason to consider deploying IPv6. More information on IPsec is available in this article and this later article from Salient CRGT (previously Command Information, Inc., now part of GovernmentCIO LLC). Since the Salient CRGT articles on this topic were published, this article from Nephos6 commented on the ramifications of what would become RFC6434.