Abstract: IPv6,as the alternative of IPv4,contains numerous features and improvements that make it attractive from a security perspective,but it is by no means the panacea for security.This paper presents the design and implementation of a distributed intelligent firewall system based on IPv6,which is able to secure the network layer and application layer of IPv6 networking.By the system,the typical attacks coexisting in both IPv4 and IPv6,the emerging IPv6 specific ones such as security threats related to ICMPv6,can be blocked by the rule set of network layer.Similarly,with the rule set of application layer,any illegal or reactionary Web page content in HTML source codes can be totally prevented from sneaking into the Intranet.The initiative drift mechanism ensures the legitimacy and civilization of the Web environment within the whole IPv6 networking.