[160992] in North American Network Operators' Group
Re: Network security on multiple levels (was Re: NYT covers China
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Thu Feb 21 11:36:24 2013
In-Reply-To: <512649F8.5000303@brightok.net>
Date: Thu, 21 Feb 2013 11:35:03 -0500
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Jack Bates <jbates@brightok.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Thu, Feb 21, 2013 at 11:23 AM, Jack Bates <jbates@brightok.net> wrote:
> On 2/21/2013 12:03 AM, Scott Weeks wrote:
>>
>> I would sure be interested in hearing about hands-on operational
>> experiences with encryptors. Recent experiences have left me
>> with a sour taste in my mouth. blech!
>>
>> scott
>>
>>
>
> Agreed. I've generally skipped the line side and stuck with L3 side
> encryption for the same reason.
and... some (most?) line-side encryptors light the line up fullspeed
between the encryptors... if they are also attempting to suppress
traffic analysis... so that can be costly if you don't own the whole
pipe :)
