[163473] in North American Network Operators' Group
RE: PRISM: NSA/FBI Internet data mining project
daemon@ATHENA.MIT.EDU (R. Benjamin Kessler)
Sun Jun 9 11:38:41 2013
From: "R. Benjamin Kessler" <Ben.Kessler@zenetra.com>
To: Ryan Malayter <malayter@gmail.com>, NANOG <nanog@nanog.org>
Date: Sun, 9 Jun 2013 12:20:46 +0000
In-Reply-To: <CD94CB07-67B9-462C-A5F5-3200EF680B77@gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Saturday, June 08, 2013 6:44 PM, Ryan Malayter [mailto:malayter@gmail.co=
m] wrote:
> Speaking from the content provider dide here, but we've always run IPsec =
on DCIs and even "private" T1s/DS3s back in the day.
> Doesn't everyone do the same these days? I find it hard to imagine passin=
g any audit/compliance process without doing so.
> "Private lines" or "dedicated fiber" always pass through much public, unm=
anaged, and unmonitored space infrastructure. And we know better=20
> than to trust our providers to never screw up and mis-route traffic.
I see that there is actually a beast that will do encryption of multiple 10=
G waves between Cisco ONS boxes -=20
https://www.cisco.com/en/US/prod/collateral/optical/ps5724/ps2006/at_a_glan=
ce_c45-728015.pdf
How many people are actually doing this?
