[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Enterprise Analysis DSTM Issue

To: v6ops@ops.ietf.org
Subject: Re: Enterprise Analysis DSTM Issue
From: Tim Chown <tjc@ecs.soton.ac.uk>
Date: Thu, 11 Aug 2005 12:10:18 +0100
In-reply-to: <Pine.LNX.4.61.0508111400060.32226@netcore.fi>
Mail-followup-to: v6ops@ops.ietf.org
References: <936A4045C332714F975800409DE09240C47B2F@tayexc14.americas.cpqcorp.net> <D717BC67-C0ED-47A0-9675-38E7B833145E@cisco.com> <20050809211354.GD27778@login.ecs.soton.ac.uk> <3E118202-8B18-4173-953D-419A2BBD3F74@cisco.com> <20050810131243.GN14462@login.ecs.soton.ac.uk> <3C78953C-C6AF-41A8-A878-80C2B77B8964@kurtis.pp.se> <20050811105144.GC21632@login.ecs.soton.ac.uk> <Pine.LNX.4.61.0508111400060.32226@netcore.fi>
User-agent: Mutt/1.4i

On Thu, Aug 11, 2005 at 02:05:13PM +0300, Pekka Savola wrote:
> 
> So, if I get this correctly, the fear is about attacks on the 
> network infrastructure (routers, etc.), not on the end hosts ?

Yes, I think so.
 
> Because as long as you WILL have v6 connectivity through [v4-in-v6 
> tunneling] on the end hosts, you will STILL have the same security 
> problems?  You've just shifted them around to a different place in the 
> topology.
> 
> But if the assumption is that an enterprise/university could run 
> entirely v6-only core (routers, switches, what have you, without 
> [v4-in-v6 tunneling] for their management or whatever), yes, there 
> might be small differences.
> 
> My assumption has always been that the network admins should be 
> capable of secuiring the routers, switches, etc. properly (in any 
> case, the same degree they could do so with v6), but maybe my optimism 
> isn't shared everywhere..

Seems so.

As I said, I'm just relaying comments that I have heard.

-- 
Tim/::1

References:
- Enterprise Analysis DSTM Issue
  - From: "Bound, Jim" <Jim.Bound@hp.com>
- Re: Enterprise Analysis DSTM Issue
  - From: Fred Baker <fred@cisco.com>
- Re: Enterprise Analysis DSTM Issue
  - From: Tim Chown <tjc@ecs.soton.ac.uk>
- Re: Enterprise Analysis DSTM Issue
  - From: Fred Baker <fred@cisco.com>
- Re: Enterprise Analysis DSTM Issue
  - From: Tim Chown <tjc@ecs.soton.ac.uk>
- Re: Enterprise Analysis DSTM Issue
  - From: Kurt Erik Lindqvist <kurtis@kurtis.pp.se>
- Re: Enterprise Analysis DSTM Issue
  - From: Tim Chown <tjc@ecs.soton.ac.uk>
- Re: Enterprise Analysis DSTM Issue
  - From: Pekka Savola <pekkas@netcore.fi>

Prev by Date: Re: Enterprise Analysis DSTM Issue
Next by Date: Re: Enterprise Analysis DSTM Issue
Previous by thread: Re: Enterprise Analysis DSTM Issue
Next by thread: RE: Enterprise Analysis DSTM Issue
Index(es):
- Date
- Thread