[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Ciena 6200 clue?

Subject: Ciena 6200 clue?
From: jeffshultz at wvi.com (Jeff Shultz)
Date: Wed, 03 Jul 2013 13:03:46 -0700
In-reply-to: <CDF9FAC1.97F1F%[email protected]>
References: <CDF9FAC1.97F1F%[email protected]>

On 7/3/2013 1:00 PM, Paul Stewart wrote:
> On 2013-07-03 3:57 PM, "Brandon Ross" <bross at pobox.com> wrote:
>>
>> Everyone knows that attacks against your management interface come
>> from devices not on your management network.  By removing the
>> default gateway feature, Ciena is improving the security of your
>> network.
>>
>> It's time we created a BCOP specifying that default gateway
>> functionality be disabled or removed in all network deployments, in
>> the interest of security.  Security improvements realized in the
>> last few years by dropping all ICMP and TCP DNS at firewall
>> boundaries, not to mention universal deployment of NAT, were just
>> the first few steps to creating a much more secure Internet.
>>
>> Once disablement of default gateway functionality has been become
>> a common practice, the natural reduction in traffic on the Internet
>> should allow most operators to achieve enormous cost savings by
>> powering off all of their equipment.
>>
> Awesome - sorry, can't resist?. :)
>

Ah, somehow my eyeballs glazed over the excellent sarcasm that was made
evident in the last paragraph....

Either way, my point remains: I want the option. I suspect I'm not alone...

-- 
Jeff Shultz

References:
- Ciena 6200 clue?
  - From: paul at paulstewart.org (Paul Stewart)

Prev by Date: Ciena 6200 clue?
Next by Date: Leap Second
Previous by thread: Ciena 6200 clue?
Next by thread: Ciena 6200 clue?
Index(es):
- Date
- Thread