nanog mailing list archives
Re: Only 5x IPv4 /8 remaining at IANA
From: Mark Smith <nanog () 85d5b20a518b8f6864949bd940457dc124746ddc nosense org>
Date: Wed, 20 Oct 2010 14:50:24 +1030
On Mon, 18 Oct 2010 11:41:09 -0700 "George Bonser" <gbonser () seven com> wrote:
You are confusing SI with Packet Filters. The technologies are different and it is, also, important to understand this distinction as well.I don't think I am "confusing" the two. I am saying that I have seen people use them and think they are secure when they aren't. IPv6 is going to make it a little harder for people to make this mistake (or easier to make it, I haven't decided yet which way it will go) and you will see more people purchasing equipment that does real state inspection which is my reason for predicting an increase in firewall sales. They won't have that dynamic NAT that lulls some into a false sense of security. Also, I believe the "fire suit" approach will become more important to people rather than the "fire wall" approach with IPv6.
That's a great way of saying "host based security". With mobile Internet devices (smart phones, laptops (which outsold desktops last year apparently) etc.) becoming the dominant Internet access device, I think host based firewalling will become the primary "firewalling" mechanism. Network located firewalls will perform a secondary and assistant role, because hosts can't be sure they're there when the hosts have wired, wifi, bluetooth etc. interfaces that can all be actively connected to the Internet at the same time. Regards, Mark.
Current thread:
- Re: Only 5x IPv4 /8 remaining at IANA, (continued)
- Re: Only 5x IPv4 /8 remaining at IANA Curtis Maurand (Oct 18)
- Re: Only 5x IPv4 /8 remaining at IANA Owen DeLong (Oct 18)
- Re: Only 5x IPv4 /8 remaining at IANA Henning Brauer (Oct 18)
- Re: Only 5x IPv4 /8 remaining at IANA Jared Mauch (Oct 18)
- RE: Only 5x IPv4 /8 remaining at IANA George Bonser (Oct 18)
- Re: Only 5x IPv4 /8 remaining at IANA Owen DeLong (Oct 18)
- RE: Only 5x IPv4 /8 remaining at IANA Tony Hain (Oct 18)
- RE: Only 5x IPv4 /8 remaining at IANA George Bonser (Oct 18)
- Re: Only 5x IPv4 /8 remaining at IANA Owen DeLong (Oct 18)
- RE: Only 5x IPv4 /8 remaining at IANA George Bonser (Oct 18)
- Re: Only 5x IPv4 /8 remaining at IANA Mark Smith (Oct 19)
- Re: Only 5x IPv4 /8 remaining at IANA Valdis . Kletnieks (Oct 18)
- Re: Only 5x IPv4 /8 remaining at IANA Andrew Kirch (Oct 18)
- Re: Only 5x IPv4 /8 remaining at IANA ML (Oct 18)
- Re: Only 5x IPv4 /8 remaining at IANA Jens Link (Oct 19)
- Re: Only 5x IPv4 /8 remaining at IANA Valdis . Kletnieks (Oct 19)
- Re: Only 5x IPv4 /8 remaining at IANA David Freedman (Oct 19)
- Re: Only 5x IPv4 /8 remaining at IANA Matthew Walster (Oct 19)
- RE: Only 5x IPv4 /8 remaining at IANA John van Oppen (Oct 19)
- Re: Only 5x IPv4 /8 remaining at IANA Kevin Stange (Oct 19)
- Re: Only 5x IPv4 /8 remaining at IANA Julien Goodwin (Oct 19)