Vulnerbilities of Interconnection

• Previous message (by thread): Vulnerbilities of Interconnection
• Next message (by thread): Vulnerbilities of Interconnection
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 12:44 PM 9/5/2002 -0400, sgorman1 at gmu.edu wrote:
>  One part that
>we are looking at are the vulnerbilites of interconnection facilites.

A quick point...Several folks have postulated that the internal 
(non-physical) threat dwarfs that of the physical threat, due to the lack 
of visibility, the difficulty of tracking and coordinating a response, and 
the millions of vulnerable systems world-wide capable of launching an 
internal attack. A physical attack (a hole in a wall for example) can 
typically be detected  and corrected in a matter of hours or days, while an 
effective internal attack could be varied in time and scope causing at 
least as much damage invisibly for a much longer period of time.

That said, a few years back I wrote the "Interconnection Strategies for 
ISPs" white paper, which speaks to the economics of peering using exchange 
points vs. using pt-to-pt circuits. It documents a clear break even point 
where large capacity circuits (or dark fiber loops) into an IX with fiber 
cross connects within a building are a better fit (financially) than 
pt-to-pt circuits.

A couple physical security considerations came out of that research:
1) Consider that man holes are not always secured, providing access to 
metro fiber runs, while there is generally greater security within 
colocation environments

2) It is faster to repair physical disruptions at fewer points, leveraging 
cutovers to alternative providers present in the collocation IX model, as 
opposed to the Direct Circuit model where provisioning additional 
capacities to many end points may take days or months.

Finally, I have seen a balancing act between how much it costs to protect 
against a disruption versus the cost of the disruption. In today's economy 
(unlike say a few years ago) more folks seem to be focused on doing this 
mathematically calculation rather than just picking full mesh interconnect 
topologies.

Bill

---------------------------------------------------------------------------------------------------------------
William B. Norton <wbn at equinix.com>                             650.315.8635
Co-Founder and Chief Technical Liaison                          Equinix, Inc.
Yahoo Instant Messenger ID: WilliamBNorton

• Previous message (by thread): Vulnerbilities of Interconnection
• Next message (by thread): Vulnerbilities of Interconnection
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]