IPv6 security

We need a new model for security for leaf sites, which is much more flexible than the firewalls nowadays
Otherwise most of the corporate IPv6 networks will continue to implement outgoing-only limitation (like one-way TCP filter), and there'll be no p2p apps deployment

Firewall model really needs to be revisited anyways
Does not solve email viruses and/or abuse from inside

Every nodes need to be secure by its own
OS vendors must take a security stance