misunderstanding scale

Denis Fondras xxnog at ledeuns.net
Sun Mar 23 19:35:31 UTC 2014


Hi all,

Le 23/03/2014 20:13, Mark Tinka a écrit :
> On Sunday, March 23, 2014 09:05:54 PM Cb B wrote:
> 
>> i would say the more appropriate place for this policy is
>> the printer, not a firewall.  For example, maybe a 
>> printer should only be ULA or LLA by default.
>>
> 
> I would support adding security at the host-level, 
> especially because with a centralized firewall, internal 
> infrastructure is usually left wide open to internal staff, 
> with trust being the rope we all hang on to to keep things 
> running.
> 

When speaking of IPv6 deployment, I routinely hear about host security.
I feel like it should be stated that this is *in no way* an IPv6 issue.
May the device be ULA, LLA, GUA or RFC1918-addressed, the device is at
risk anyway.

If this is the only argument for delaying IPv6 deployment, this sounds
more like FUD to me ;-)

Denis




More information about the NANOG mailing list