Requirements for IPv6 Firewalls

• Previous message (by thread): Requirements for IPv6 Firewalls
• Next message (by thread): Requirements for IPv6 Firewalls
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Apr 18, 2014 at 1:40 PM, Simon Perreault <simon at per.reau.lt> wrote:
> Le 2014-04-18 13:35, William Herrin a écrit :
>> Your document specifies "Enterprise" firewalls. Frankly I think that's
>> wise. Consumer and enterprise users have very different needs and very
>> different cost points.
>
> Over here we have no use for IPv6 NAT. We have our own PI space. I
> suspect many other enterprises would be in a similar situation.
>
> I totally get your position, but I don't see how it can justify an
> Internet-wide requirement.

As I understand your document, you're trying to scope a set of minimum
required features for a firewall that will be able to describe itself
as "RFC whatever compliant." The idea is for folks working for large
enterprises to be able to use such a tag as a discriminator for
potential purchases. Since a pretty humongous number of them are using
NAT with IPv4 and are likely to want to do so with IPv6, leaving that
out of the required feature list seems counter-productive to your goal
of a document which has utility to them.

Besides, you have spam control and URL filtering in there. Do you
seriously propose that spam control and URL filtering rank above NAT
on the *firewall* requirements list?

Regards,
Bill Herrin



-- 
William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

• Previous message (by thread): Requirements for IPv6 Firewalls
• Next message (by thread): Requirements for IPv6 Firewalls
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]