You Are Using IPv4 To Access This Site
Your IP Address is: 38.103.63.55

[moonv6] RE: [nav6tf] Firewall Service as V6 deployment enabler

New Message	Reply	Date view	Thread view	Subject view	Attachment view

From: Bound, Jim (Jim.Bound@hp.com)
Date: 12/12/05

Next message: Joya Subudhi: "[moonv6] IPv6 News - Weekly Summary"
Previous message: Bound, Jim: "[moonv6] NAv6TF Technology Report - IPv6 Firewall"

moonv6 post from "Bound, Jim" <Jim.Bound@hp.com> Chuck, thanks for the mail all good data. /jim

> -----Original Message-----
> From: Charles Sellers [mailto:csellers@verio.net]
> Sent: Sunday, December 11, 2005 1:32 PM
> To: Bound, Jim
> Cc: nav6tf@ipv6forum.com; moonv6@io.iol.unh.edu
> Subject: Re: [nav6tf] Firewall Service as V6 deployment enabler
>
> Bound, Jim wrote:
>
> >Folks, this is very good news.
> >
> >http://www.networkworld.com/news/2005/120805-ipv6-firewall.php
> >
> >
>
> Yes, it is something we announced last Wednesday at USIPv6
> Summit. NOw
> that I can talk about it, yes, we can DIY. However, the managed
> services part we don't need, unless someone is willing to build the
> service piece of this, which is provideded by NTT/Verio's
> partner Virtela.
>
> >NB: Ben and Shrihari I am wondering if we could work with Verio and
> >others and determine if we can emulate the service on Moonv6 without
> >great cost to NAv6TF?
> >
> >
> The actual firewall is nothing more than Cisco and
> Netscreen's v6 ACLs.
> Easy to implement. Policy development is where you want to
> spend some
> time to make sure it will do what you want the firewall to do.
>
> Jim, BTW, I am also a CISSP #(46415) and have worked on the
> architecture
> and design of several of Verio's security products (Global IP-VPN and
> IntelliSecurity) from the architecutre, design, testing, business
> process development and first article deployment for our
> colocation data
> centers (before we sold off most of them), Broadband access
> (before that
> BU was sold off) and web hosting BUs. I design security into the
> architecture and designs instead of adding on afterwards.
>
> The firewall product mentioned in the article, and what you
> would like
> to incorporate into MetroNet6 are good for fixed locations. We also
> need to keep in mind that we will need to implement something
> similar on
> the mobile devices, e.g. cell phones, PDAs, embedded systems, mobile
> routers, etc. If these devices are running Microsoft XP or better, a
> Unix OS, or IOS we should be able to provide firewall
> services in v6.
> for Cell phones, PDAs, and some embedded system devices (i.e.
> TINI OS)
> there may not be a solution available at this point.
>
> Chuck
>
> >NB: Geof and George this may be useful to think about for
> MetroNet6 too.
> >
> >/jim
> >
> >
> >
>
>
>

New Message	Reply	Date view	Thread view	Subject view	Attachment view

This archive was generated by hypermail 2.1.7 : 12/01/06 EST