misunderstanding scale
Denis Fondras
xxnog at ledeuns.net
Sun Mar 23 19:35:31 UTC 2014
Hi all,
Le 23/03/2014 20:13, Mark Tinka a écrit :
> On Sunday, March 23, 2014 09:05:54 PM Cb B wrote:
>
>> i would say the more appropriate place for this policy is
>> the printer, not a firewall. For example, maybe a
>> printer should only be ULA or LLA by default.
>>
>
> I would support adding security at the host-level,
> especially because with a centralized firewall, internal
> infrastructure is usually left wide open to internal staff,
> with trust being the rope we all hang on to to keep things
> running.
>
When speaking of IPv6 deployment, I routinely hear about host security.
I feel like it should be stated that this is *in no way* an IPv6 issue.
May the device be ULA, LLA, GUA or RFC1918-addressed, the device is at
risk anyway.
If this is the only argument for delaying IPv6 deployment, this sounds
more like FUD to me ;-)
Denis
More information about the NANOG
mailing list