nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: misunderstanding scale

From: Michael Thomas <mike () mtcc com>
Date: Mon, 24 Mar 2014 09:28:48 -0700
On 03/24/2014 09:20 AM, William Herrin wrote:

On Mon, Mar 24, 2014 at 3:00 AM, Karl Auer <kauer () biplane com au> wrote:

Addressable is not the same as
accessible; routable is not the same as routed.

Indeed. However, all successful security is about _defense in depth_.
If it is inaccessible, unrouted, unroutable and unaddressable then you
have four layers of security. If it is merely inaccessible and
unrouted you have two.
A distinction without a difference, IMHO. Either I can send you an incoming SYN or I can't.
The real battle here, IMHO, is to get the next gen CPE vendors to do the right thing. NANOG folks ought to be keeping tabs on the Homenet working group and then DEMAND that any 
CPE support its security, etc, baselines.

Mike
Previous By Date Next
Previous By Thread Next

Current thread: