IPv6 first hop security on a budget?

• Previous message (by thread): IPv6 first hop security on a budget?
• Next message (by thread): IPv6 first hop security on a budget?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Not suggesting there is no use case of RA Guard, DHCP6 Snooping, ICMP6
snooping, as I deployed IPv4 equivalent pretty much the day they were
available on 3560.

You might want to consider de-perimeterisation. Do you offer way to
connect to intranet from Internet? If so, why not use same method in
office, and have equivalent 0 trust on office infra? Additional
benefit is OPEX reduction by not having users submit tickets 'X works
from VPN but not from office' and vice versa.

On 6 May 2017 at 08:27, Joel Whitehouse <code at joelwhitehouse.com> wrote:
> What's a good budget option for switching a small lab or office ipv6 with RA
> Guard, DHCP6 snooping, and ICMP6 snooping?



-- 
  ++ytti

• Previous message (by thread): IPv6 first hop security on a budget?
• Next message (by thread): IPv6 first hop security on a budget?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]