nanog mailing list archives
Re: BGP and Firewalls...
From: "Dobbins, Roland" <rdobbins () arbor net>
Date: Thu, 8 Dec 2011 03:43:34 +0000
On Dec 8, 2011, at 1:36 AM, Leo Bicknell wrote:
I don't think you're looking at defense in depth in the right way,
Actually, it sometimes seems as if nobody in the industry understands what 'defense in depth' really means, heh. 'Defense in depth' is a military term of art which equates to 'trading space for time in order to facilitate attrition of enemy forces'. It does not have any real relevance to infosec/opsec; unfortunately, its original meaning has been corrupted and so it is widely (and incorrectly) used in place of the more appropriate 'combined arms approach' or 'jointness' or 'mutual support' or 'layered defense' metaphors. Hannibal's tactics at Cannae are generally cited as the canonical (pardon the pun) example of actual military defense in depth. ;> ----------------------------------------------------------------------- Roland Dobbins <rdobbins () arbor net> // <http://www.arbornetworks.com> The basis of optimism is sheer terror. -- Oscar Wilde
Current thread:
- BGP and Firewalls... Gregory Croft (Dec 07)
- Re: BGP and Firewalls... Christopher Morrow (Dec 07)
- RE: BGP and Firewalls... Gregory Croft (Dec 07)
- RE: BGP and Firewalls... Holmes,David A (Dec 07)
- Re: BGP and Firewalls... Leo Bicknell (Dec 07)
- Re: BGP and Firewalls... Dobbins, Roland (Dec 07)
- Re: BGP and Firewalls... Cameron Byrne (Dec 07)
- Re: BGP and Firewalls... Justin M. Streiner (Dec 07)
- Re: BGP and Firewalls... -Hammer- (Dec 08)
- RE: BGP and Firewalls... Gregory Croft (Dec 07)
- Re: BGP and Firewalls... Christopher Morrow (Dec 07)
- Re: BGP and Firewalls... Christopher Morrow (Dec 07)
- Re: BGP and Firewalls... Dobbins, Roland (Dec 07)
- Message not available
- Re: BGP and Firewalls... David (Dec 09)