Requirements for IPv6 Firewalls

• Previous message (by thread): Requirements for IPv6 Firewalls
• Next message (by thread): Requirements for IPv6 Firewalls
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 21 Apr 2014 12:10:31 -0400, Lee Howard said:

> "Methods used to meet the intent of this
> requirement may vary depending on the specific
> networking technology being used. For example,
> the controls used to meet this requirement may be
> different for IPv4 networks than for IPv6 networks."
> https://www.pcisecuritystandards.org/documents/PCI_DSS_v3.pdf
>
> Based on my experience with compliance auditors, they won't understand
> many of the words in this sentence, and will assume NAT and RFC1918.

So there's the *real* problem in a nutshell. People think we're supposed to
hobble our networks with crap design just because the auditors can't get their
industry's shit together.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 848 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140421/3d02b9a3/attachment.sig>

• Previous message (by thread): Requirements for IPv6 Firewalls
• Next message (by thread): Requirements for IPv6 Firewalls
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]