Default security functions on an IPv6 CPE
Yann GAUTERON
yann at gauteron.me
Wed May 18 11:57:25 CEST 2011
2011/5/5 Thomas Schäfer <thomas at cis.uni-muenchen.de>
> Am 05.05.2011 16:21, schrieb Guillaume.Leclanche at swisscom.com:
>
>
>> ** A SP deliver the CPEs with a stateful IPv6 firewall providing the
>> same security features as an IPv4 NAPT, should it be turned ON or OFF
>> by default ?
>>
>
> It means only traffic (answers) asked by the user is allowed.
>
> I vote for ON.
>
+1
Consider that the vast majority of your end users will be unexperienced
ones. But leave the possibility to power users to configure the firewall as
they want.
Yann
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20110518/0a2d6991/attachment.html
More information about the ipv6-ops
mailing list