misunderstanding scale

• Previous message (by thread): misunderstanding scale
• Next message (by thread): misunderstanding scale
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Mar 23, 2014 at 11:07 PM, Naslund, Steve <SNaslund at medline.com> wrote:
> I am not sure I agree with the basic premise here.   NAT or Private addressing does not equal security.

Hi Steve,

It is your privilege to believe this and to practice it in the
networks you operate.

Many of the folks you would have deploy IPv6 do not agree. They take
comfort in the mathematical impossibility of addressing an internal
host from an outside packet that is not part of an ongoing session.
These folks find that address-overloaded NAT provides a valuable
additional layer of security.

Some folks WANT to segregate their networks from the Internet via a
general-protocol transparent proxy. They've had this capability with
IPv4 for 20 years. IPv6 poorly addresses their requirement.

Regards,
Bill Herrin



-- 
William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

• Previous message (by thread): misunderstanding scale
• Next message (by thread): misunderstanding scale
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]