Network security on multiple levels (was Re: NYT covers China cyberthreat)

• Previous message (by thread): Network security on multiple levels (was Re: NYT covers China cyberthreat)
• Next message (by thread): Network security on multiple levels (was Re: NYT covers China cyberthreat)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Isn't this a strong argument to deploy and operate a network independent
of the traditional switch circuit provider space?

On 2/20/13 11:22 AM, "Jay Ashworth" <jra at baylink.com> wrote:

>----- Original Message -----
>> From: "Owen DeLong" <owen at delong.com>
>
>> Many DACS have provision for "monitoring" circuits and feeding the
>> data off to a third circuit in an undetectable manner.
>> 
>> The DACS question wasn't about DACS owned by the people using the
>> circuit, it was about DACS inside the circuit provider. When you buy a
>> DS1 that goes through more than one CO in between two points, you're
>> virtually guaranteed that it goes through one or more of {DS-3 Mux,
>> Fiber Mux, DACS, etc.}. All of these are under the control of the
>> circuit provider and not you.
>
>Correct, and they expand the attack surface in ways that even many
>network engineers may not consider unless prompted.
>
>Cheers,
>-- jra
>-- 
>Jay R. Ashworth                  Baylink
>jra at baylink.com
>Designer                     The Things I Think                       RFC
>2100
>Ashworth & Associates     http://baylink.pitas.com         2000 Land
>Rover DII
>St Petersburg FL USA               #natog                      +1 727 647
>1274
>
>

• Previous message (by thread): Network security on multiple levels (was Re: NYT covers China cyberthreat)
• Next message (by thread): Network security on multiple levels (was Re: NYT covers China cyberthreat)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]