RE: Port numbers and IPv6(was: I-D ACTION:draft-klensin-iana-reg-policy-00.txt)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> Host and application security are not the job of the network. 

They are the job of the network interfaces. The gateway between a
network and the internetwork should be closely controlled and guarded.

Nobody is really proposing embedding security into the Internet backbone
(at least not yet). But the backbone has always had controls enforced
such as ingress and egress filtering. Most people think that carriers
should not be allowing people to inject bogons.

Modern security architectures do not rely exclusively on application
security. If you want to connect up to a state of the art corporate
network the machine has to authenticate. In the future every hub, every
router, every NIC will be performing policy enforcement. 

De-perimeterization is not really about removing the firewalls, it is
really about making every part of the *network* into a security control
point. 




_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]