Schneier: ISPs should bear security burden
Greg Boehnlein
damin at nacs.net
Wed Apr 27 12:13:51 UTC 2005
On Wed, 27 Apr 2005, Fergie (Paul Ferguson) wrote:
> Oh, please.
>
> If you think that the Internet should remain an "every man
> for himself", wild wild west, Ok Corral, situation (not my
> words, mind you), then you better get with the powers that
> will steam-roll all of us if we let it -- money and marketing.
>
> This ain't no science project anymore.
>
> Bruce is right -- right as rain -- I don't give two damns
> whether you think it is an issue of marketing, or protecive
> self-advertising. The issue is that the _consumers_ want it,
> that's what they'll pay for, and it is the ISP's perogative
> to either honor that wish, or lose the business.
>
> We owe to our customers, and we owe it to ourselves, so let's
> just stop finding excise to side-step the issue.
>
> Sound about right?
No. Not at all.
I agree that if customers are willing to pay for managed security services
that ISP's should provide them. However, an ISP that does not provide them
is not lazy and irresponsible, as characterized in the article.
As for security, intelligent ISPs will be monitoring their network and
will have sensors in place to alert them to abnormal traffic (NetFlow,
Snort, SNMP Traps, Log watchers) patterns and take action, but that does
NOT extend to enforcing a security policy on the public without their
consent.
If the public agrees to it, and requests it, that is one thing.
Universally filtering packets because it makes our lives easier is
another. No one said this business would be easy.
--
Vice President of N2Net, a New Age Consulting Service, Inc. Company
http://www.n2net.net Where everything clicks into place!
KP-216-121-ST
More information about the NANOG
mailing list