RE: Do we still need Gi Firewall for 3G/UMTS/HSPA network ?

["Lee, Steven (NSG Malaysia)" <kin-wei.lee () hp com>]

Hi Charles/Skywing, is Verizon filter the unsolicated inbound traffic on the firewall or on the border router?

Regards,
Steven Lee 

-----Original Message-----
From: Charles Wyble [mailto:charles () thewybles com] 
Sent: Friday, April 10, 2009 6:09 AM
To: Skywing
Cc: NANOG list
Subject: Re: Do we still need Gi Firewall for 3G/UMTS/HSPA network ?

Yep verizon does indeed filter all unsolicated inbound traffic to the 
EVDO network. It can be a blessing or a curse. :)

Skywing wrote:
> Verizon filters unsolicited inbound traffic for their EVDO customers in my experience.
>
> - S
>
> -----Original Message-----
> From: Roland Dobbins <rdobbins () cisco com>
> Sent: Thursday, April 09, 2009 09:32
> To: NANOG list <nanog () nanog org>
> Subject: Re: Do we still need Gi Firewall for 3G/UMTS/HSPA network ?
>
>
> On Apr 9, 2009, at 11:48 PM, Lee, Steven (NSG Malaysia) wrote:
>
> > Please share your thought and thanks in advance :)
>
> No, IMHO.  Most broadband operators don't insert firewalls inline in
> front of their subscribers, and wireless broadband is no different.
>
> The infrastructure itself must be protected via iACLs, the various
> vendor-specific control-plane protection mechanisms, and so forth, but
> inserting additional state in the middle of everything doesn't buy
> anything, and introduces additional constraints and concerns.
>
> -----------------------------------------------------------------------
> Roland Dobbins <rdobbins () cisco com> // +852.9133.2844 mobile
>
>    Our dreams are still big; it's just the future that got small.
>
>                    -- Jason Scott