[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03



>> I also support that remote control of packet filtering should be
>> standardized.
>
>> IMO, its scope should cover both:
>> - CPE control by hosts
>> - control of ISP provided filtering devices by customer sites.
>
>I have to disagree. An ISP is not supposed to do filtering in the first
>place.
>
>Also, in real life, filtering by ISP is typically one of:
>
>- NAT contingency, in which case it cannot be controlled directly,
>- not meant to be controlled by the user
>  (e.g. blocking SMTP, NetBIOS, or other protocols, spoof 
>protection...)

In cellular environments filtering of the downlink carbage to increase battery lifetime of handhelds is an important function.

However, if the firewall is there to save batteries and not to enforce any special policies, it might be more willing to be controlled?

Best regards,

	Teemu