nanog mailing list archives
Re: Accepting a Virtualized Functions (VNFs) into Corporate IT
From: Rich Kulawiec <rsk () gsp org>
Date: Mon, 28 Nov 2016 13:44:25 -0500
On Mon, Nov 28, 2016 at 09:53:41AM -0800, Kasper Adel wrote:
Vendor X wants you to run their VNF (Router, Firewall or Whatever) and they refuse to give you root access, or any means necessary to do 'maintenance' kind of work, whether its applying security updates, or any other similar type of task that is needed for you to integrate the Linux VM into your IT eco-system.
Thus simultaneously (a) making vendor X a far more attractive target for attacks and (b) ensuring that when -- not if, when -- vendor X has its infrastructure compromised that the attackers will shortly thereafter own part of your network, for a value of "your" equal to "all customers of vendor X". (By the way, this isn't really much of a leap on my part, since it's already happened.) ---rsk
Current thread:
- Accepting a Virtualized Functions (VNFs) into Corporate IT Kasper Adel (Nov 28)
- Re: Accepting a Virtualized Functions (VNFs) into Corporate IT Mark Tinka (Nov 28)
- Re: Accepting a Virtualized Functions (VNFs) into Corporate IT Denis Fondras (Nov 29)
- Re: Accepting a Virtualized Functions (VNFs) into Corporate IT Alexander Harrowell (Nov 29)
- Re: Accepting a Virtualized Functions (VNFs) into Corporate IT Mark Tinka (Nov 29)
- Re: Accepting a Virtualized Functions (VNFs) into Corporate IT Denis Fondras (Nov 29)
- Re: Accepting a Virtualized Functions (VNFs) into Corporate IT Mark Tinka (Nov 28)
- Re: Accepting a Virtualized Functions (VNFs) into Corporate IT Jared Mauch (Nov 28)
- Re: Accepting a Virtualized Functions (VNFs) into Corporate IT Mark Tinka (Nov 28)
- Re: Accepting a Virtualized Functions (VNFs) into Corporate IT Leo Bicknell (Nov 29)
- Re: Accepting a Virtualized Functions (VNFs) into Corporate IT Rich Kulawiec (Nov 28)
- Re: Accepting a Virtualized Functions (VNFs) into Corporate IT Brett Frankenberger (Nov 28)
- Re: Accepting a Virtualized Functions (VNFs) into Corporate IT James Downs (Nov 28)