Security over SONET/SDH

• Previous message (by thread): Security over SONET/SDH
• Next message (by thread): IPv6 adoption in the past few days
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> --- morrowc.lists at gmail.com wrote:
> From: Christopher Morrow <morrowc.lists at gmail.com>
> On Tue, Jun 25, 2013 at 2:02 PM, William Allen Simpson
> <william.allen.simpson at gmail.com> wrote:
>
> :: ...in addition to everything else "What security protocols
> :: are folks using to protect SONET/SDH?  At what speeds?"
>
> : Correct.
>
> : But the answer appears to be: none.  Not Google.  Not any
> : public N/ISP.
>
>
>> would they say if they had?
> -------------------------------------------
>
>
> Yes, especially in light of the current news regarding
> internet privacy.  Could you imagine the advertising
> they'd be able to do to prospective customers?


--- sam at wwcandt.com wrote:

The sticky problem remains for any communications carrier, we are looking
for a technical solution to a legal problem.

I believe that if you encrypted your links sufficiently that it was
impossible to siphon the wanted data from your upstream the response would
be for the tapping to move down into your data center before the crypto.

With CALEA requirements and the Patriot Act they could easily compel you
to give them a span port prior to the crypto.

Regardless of how well built our networks are internally and externally we
still must obey a court order.
------------------------------------------------------------------



I'm speaking about blocking non-court ordered (in whatever country the 
circuits cross) sniffing of traffic in the middle by anyone.  There is
no legal problem there.  They do not follow the laws in this country,
or in others, and we need to protect ourselves.

scott

• Previous message (by thread): Security over SONET/SDH
• Next message (by thread): IPv6 adoption in the past few days
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]