[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Host-based may be the way to go, but network controls are neccessary

To: "IETF-Multi6" <multi6@ops.ietf.org>
Subject: RE: Host-based may be the way to go, but network controls are neccessary
From: "Aldrin Isaac" <aisaac@bloomberg.com>
Date: Wed, 20 Nov 2002 16:33:05 -0500

% From: Erik Nordmark [mailto:Erik.Nordmark@sun.com]
%
% Hence my (so far) futile attempts to understand what policy
% control are needed or desired.


When I said that network controls are neccessary, I didn't mean some
complex policy server.  What I mean is that the network operator
should be able to decide which site-exits will service particular
parts of his network, and have the routing tools to forward packets to
those site exits in an optimal manner.  What I mean by optimal is (1)
no dead/stray packets (2) no timeouts (3) no IDS alarms going off
because a packet is sourced outside of what's configured in a firewall
rule,...... i.e. no guessing games on the part of the network
operator.

-- aldrin

Prev by Date: Re: Host-based may be the way to go, but network controls are neccessary
Next by Date: RE: Host-based may be the way to go, but network controls are neccessary
Previous by thread: RE: Host-based may be the way to go, but network controls are neccessary
Next by thread: RE: Host-based may be the way to go, but network controls are neccessary
Index(es):
- Date
- Thread