IPv6 Firewall on CPEs - Default on or off
sthaug at nethelp.no
sthaug at nethelp.no
Wed Nov 28 13:02:02 CET 2012
> > 2. Should the protection level be the same for all users?
> >
> > - I think we all agree that if the ISP does not provide a CPE, then
> > there should be no firewall. Right?
>
> That would surprise me greatly. Why would a CPE-less user be any less
> needing of a firewall than one who was provided with a CPE?
Maybe because that's how it works for lots of DSL users today?
(ObDisclaimer: My employer has been in the DSL business for around
10 years. What's typically sold is a DSL connection which is simply
terminated in a bridge type "modem" - usually with one DSL port and
one Ethernet port. No firewall whatsoever.)
> It might make some sense to argue that "professional" users need less
> protection by default, but the absence or presence of a CPE does not
> give any indication whatsoever of how clueful (or -less) the user is.
My experience is that a product which includes firewalling is usually
*sold* specifically as such.
Steinar Haug, AS 2116
More information about the ipv6-ops
mailing list