nanog mailing list archives
Re: IPv6 - real vs theoretical problems
From: William Herrin <bill () herrin us>
Date: Fri, 7 Jan 2011 21:49:15 -0500
On Fri, Jan 7, 2011 at 9:00 PM, Dobbins, Roland <rdobbins () arbor net> wrote:
On Jan 8, 2011, at 8:54 AM, William Herrin wrote:I presume you don't intend us to conclude that a bastion host firewall provides no security benefit to the equipment it protects.If it's protecting workstations, yes, it has some positive security value - but not due to NAT.
Hi Roland, I see. Would I misstate your view if I characterized it as: "A bastion host firewall which simulates identical IP addresses on both sides provides at least as effective security as an otherwise identical firewall which does not." Regards, Bill Herrin -- William D. Herrin ................ herrin () dirtside comĀ bill () herrin us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
Current thread:
- RE: IPv6 - real vs theoretical problems, (continued)
- RE: IPv6 - real vs theoretical problems George Bonser (Jan 11)
- Re: IPv6 - real vs theoretical problems Jack Bates (Jan 11)
- Re: IPv6 - real vs theoretical problems Joel Jaeggli (Jan 25)
- Re: IPv6 - real vs theoretical problems Owen DeLong (Jan 11)
- Re: IPv6 - real vs theoretical problems Jima (Jan 12)
- Re: IPv6 - real vs theoretical problems Ted Fischer (Jan 12)
- Re: IPv6 - real vs theoretical problems Owen DeLong (Jan 12)
- Re: IPv6 - real vs theoretical problems Dobbins, Roland (Jan 07)
- Re: IPv6 - real vs theoretical problems William Herrin (Jan 07)
- Re: IPv6 - real vs theoretical problems Dobbins, Roland (Jan 07)
- Re: IPv6 - real vs theoretical problems William Herrin (Jan 07)
- Re: IPv6 - real vs theoretical problems Sam Stickland (Jan 08)
- Re: IPv6 - real vs theoretical problems Dobbins, Roland (Jan 08)
- Re: IPv6 - real vs theoretical problems Jeff Wheeler (Jan 06)
- Re: IPv6 - real vs theoretical problems sthaug (Jan 07)
- Re: IPv6 - real vs theoretical problems Devon True (Jan 07)
- Re: IPv6 - real vs theoretical problems Randy McAnally (Jan 07)
- Re: IPv6 - real vs theoretical problems Owen DeLong (Jan 07)