[136904] in North American Network Operators' Group
Re: quietly....
daemon@ATHENA.MIT.EDU (Owen DeLong)
Sun Feb 6 11:23:59 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <000101cbc608$769782b0$63c68810$@org>
Date: Sun, 6 Feb 2011 08:22:55 -0800
To: "Lee Howard" <lee@asgard.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
>
> Firewalls merely constrict it. Not that I advocate against the use of
> firewalls;
> in fact, I think I'm agreeing with you, and extending the argument a little
> further,
> that we should move from NAT to firewalls, then from stateful firewalls to
> secure hosts and network security appliances.
>
> Lee
>
I would be fine with that. However, in terms of the art of the possible
with the tools available today, IPv6 has no need of NAT, but, firewalls
cannot yet be safely removed from the equation.
Owen
