Summary of Recommendations Avoid bypassing network security Disable Teredo in managed networks Prefer native IPv4 access to IPv6 Teredo Perform ingress and egress filtering on all teredo packets Clients to discard source routed packets Teredo blocking and content filtering In managed networks filter out Teredo connection requests If the network wishes to monitor IPv6 traffic, discourage use of Teredo Increased attack surface Restrict Teredo use to when it is required and turn it off otherwise |