<br><div class="gmail_quote">2011/5/5 Thomas Schäfer <span dir="ltr"><<a href="mailto:thomas@cis.uni-muenchen.de">thomas@cis.uni-muenchen.de</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Am 05.05.2011 16:21, schrieb <a href="mailto:Guillaume.Leclanche@swisscom.com" target="_blank">Guillaume.Leclanche@swisscom.com</a>:<div class="im"><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
** A SP deliver the CPEs with a stateful IPv6 firewall providing the<br>
same security features as an IPv4 NAPT, should it be turned ON or OFF<br>
by default ?<br>
</blockquote>
<br></div>
It means only traffic (answers) asked by the user is allowed.<br>
<br>
I vote for ON.<br></blockquote></div><br>+1<br><br>Consider that the vast majority of your end users will be unexperienced ones. But leave the possibility to power users to configure the firewall as they want.<br><br>Yann<br>