Re: Arguing against using public IP space

[Joe Greco <jgreco () ns sol net>]

> On Nov 14, 2011, at 9:24 AM, Joe Greco wrote:
> > Getting fixated on air-gapping is unrealistically ignoring the other thre=
> ats out there.
>
> I don't think anyone in this thread is 'fixated' on the idea of airgapping;=

No, but it's clear that there are many designers out there who feel this
is the way to go.  That's why it's a good idea to cover the ground anyways.

>  but it's generally a good idea whenever possible, and as restrictive a com=
> munications policy as is possible is definitely called for, amongst all the=
>  other things one ought to be doing.

I think the part people forget about is that last part, "amongst all the
other things one ought to be doing."

> It's also important to note that it's often impossible to *completely* airg=
> ap things, these days, due to various interdependencies, admin requirements=
>  (mentioned before), and so forth; perhaps bastioning is a more apt term.

If it didn't turn into a situation where everyone's bastardizing^Wbastioning
your network in insecure ways.

... JG
-- 
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.