Default security functions on an IPv6 CPE
remi.despres at free.fr
Fri May 13 09:03:41 CEST 2011
Le 13 mai 2011 à 07:16, Ted Mittelstaedt a écrit :
>>> The support calls from people unfamiliar with the technology are
>>> always cheaper than the support calls from people unfamiliar with
>>> the technology who have just been gunned.
>> Again, that's my point. Many users of IPv6 will call hotlines when
>> some applications that work in some homes don't work in some others.
>> The ISP that gunned applications that take advantage of e2e address
>> transparency in IPv6 may be surprised to be called, but the
>> responsibility is its own.
> The ISP will get called no matter what.
> They will get called when the end user wants to open a hole in their IPv6 firewall
> They will get called when the end user wants to make sure there are
> no holes in their IPv6 firewall and close all of them.
> Either way you setup the CPE the ISP will get called.
> But, the users who got an open IPv6 firewall and as a result got
> their machine rooted,
(a machine whose internal firewall has been insufficient)
> when their calls come in they will take a lot
> more time and be much more costly.
We have a different expectation here, neither of us with a proof to be right.
More information about the ipv6-ops