Default security functions on an IPv6 CPE

Yann GAUTERON yann at gauteron.me
Wed May 18 11:57:25 CEST 2011


2011/5/5 Thomas Schäfer <thomas at cis.uni-muenchen.de>

> Am 05.05.2011 16:21, schrieb Guillaume.Leclanche at swisscom.com:
>
>
>> ** A SP deliver the CPEs with a stateful IPv6 firewall providing the
>> same security features as an IPv4 NAPT, should it be turned ON or OFF
>> by default ?
>>
>
> It means only traffic (answers) asked by the user is allowed.
>
> I vote for ON.
>

+1

Consider that the vast majority of your end users will be unexperienced
ones. But leave the possibility to power users to configure the firewall as
they want.

Yann
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cluenet.de/pipermail/ipv6-ops/attachments/20110518/0a2d6991/attachment.htm>


More information about the ipv6-ops mailing list