North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
RE: Proper authentication model
> -----Original Message----- > From: Steve Gibbard [mailto:firstname.lastname@example.org] > Sent: Wednesday, January 12, 2005 5:35 PM > To: Hannigan, Martin > Cc: NANOG list > Subject: RE: Proper authentication model > > > On Wed, 12 Jan 2005, Hannigan, Martin wrote: > [ snip ] > > Obviously, if you are the local telco this isn't really out > of band, but > works well for others who aren't sharing the local telco's > infrastructure. > > Is it as secure as having your own diverse-path management network of > private point to point circuits? Probably not, but with sufficient > firewalling and encryption on the tunnels, it's good enough, and cheap > enough that it's possible to talk ISP owners into paying for it. I don't know if this specifically relates to any local telco, but there are some clear reasons on why to go through the excercise of having a true out-of-band network. I don't disagree that smaller ISP's may not neeed such a thing nor do I suggest that it offers a significant ROI to the smaller guys.