nanog mailing list archives
Re: misunderstanding scale
From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Mon, 24 Mar 2014 14:19:41 -0400
On Mar 24, 2014, at 13:17 , William Herrin <bill () herrin us> wrote:
On Mon, Mar 24, 2014 at 1:05 PM, Patrick W. Gilmore <patrick () ianai net> wrote:On Mar 24, 2014, at 12:21, William Herrin <bill () herrin us> wrote:
Some folks WANT to segregate their networks from the Internet via a general-protocol transparent proxy. They've had this capability with IPv4 for 20 years. IPv6 poorly addresses their requirement.NAT i s not required for the above. Any firewall can stop incoming packets unless they are part of an established session. NAT doesn't add much of anything, especially given that you can have one-to-one NAT.Hi Patrick, What sort of traction are you getting from that argument with enterprise security folks who object to deploying IPv6 because of NAT?
The _good_ security people complain about deploying NAT in v4 or v6, because they don't think it is "security". What sort of traction do you get with security people when you tell them NAT == "security in depth"? If you mean "do people who get hired by $CORPORATION and do not know anything about security get upset when you tell them something they did not know?" The answer is "frequently, yes". I'm not sure what that has to do with the discussion at hand, though. -- TTFN, patrick
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
Current thread:
- Re: misunderstanding scale, (continued)
- Re: misunderstanding scale Timothy Morizot (Mar 24)
- RE: misunderstanding scale Naslund, Steve (Mar 24)
- Re: misunderstanding scale Owen DeLong (Mar 24)
- RE: misunderstanding scale Alexander Lopez (Mar 24)
- Re: misunderstanding scale Mark Andrews (Mar 24)
- Re: misunderstanding scale Valdis . Kletnieks (Mar 25)
- Re: misunderstanding scale Owen DeLong (Mar 24)
- Re: misunderstanding scale Lee Howard (Mar 25)
- Re: misunderstanding scale Patrick W. Gilmore (Mar 24)
- Re: misunderstanding scale William Herrin (Mar 24)
- Re: misunderstanding scale Patrick W. Gilmore (Mar 24)
- Re: misunderstanding scale Laszlo Hanyecz (Mar 24)
- Re: misunderstanding scale Owen DeLong (Mar 24)
- Re: misunderstanding scale Owen DeLong (Mar 24)
- Re: misunderstanding scale George Herbert (Mar 24)
- Re: misunderstanding scale Owen DeLong (Mar 24)
- Re: misunderstanding scale Mark Andrews (Mar 24)
- Re: misunderstanding scale Jimmy Hess (Mar 25)
- Re: misunderstanding scale Owen DeLong (Mar 24)
- Re: misunderstanding scale Mark Tinka (Mar 24)
- Re: misunderstanding scale Mark Andrews (Mar 23)