What do you want your ISP to block today?

Rob Thomas robt at cymru.com
Wed Sep 3 21:30:35 UTC 2003


Hi, Johannes.

] Its hard these days. But I HIGHLY recommend for everyone to get out of
] your server closets, enjoy the sun, and talk to non-techies once in a
] while. Or: spend a couple hours answering the front end customer support
] calls if you can't remember where you parked your car.

While non-techies can be a support challenge, I find the greatest
challenges and demands come from the very techie customers.  These
are the same customers that don't want to hear "the outage happened
because we put a new filter on the peering router...to protect you
from outages caused by worms!"

Although it sounds logical to say "some filters are better than no
filters," this presumes that "some filters" have no adverse side
effects.  We all know better.  Bugs aren't restricted only to
products from Redmond, typos happen, and the performance hit can
be quite painful.  You say that putting these filters in place
will reap financial reward?  Where is the data to support that
theory?  Most contracts include credit or refund clauses if the
link goes down or if the performance doesn't meet a certain level.
Failure to meet these clauses results in credits to the customer,
refund to the customer, or the customer leaving for a competitor.
Convincing a business to take a risk - a *fiscal* risk - isn't as
easy as saying "this will stop worms."  All of the cost data I've
seen related to worms is either clearly overblown or is based on
a paucity of data.  I'm not saying these things don't have a cost;
I am saying that the cost hasn't been realistically quantified.

Of course all of this is hand-waving until the market places
security above other requirements, such as increased performance
and shiny new features.

Thanks,
Rob.
-- 
Rob Thomas
http://www.cymru.com
ASSERT(coffee != empty);




More information about the NANOG mailing list