[164291] in North American Network Operators' Group
Re: Ciena 6200 clue?
daemon@ATHENA.MIT.EDU (Jeff Shultz)
Wed Jul 3 17:30:27 2013
X-RC-FROM: <jeffshultz@wvi.com>
Date: Wed, 03 Jul 2013 13:01:44 -0700
From: Jeff Shultz <jeffshultz@wvi.com>
To: NANOG list <nanog@nanog.org>
In-Reply-To: <alpine.OSX.2.02.1307031550130.7014@brugal.local>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 7/3/2013 12:57 PM, Brandon Ross wrote:
> On Tue, 2 Jul 2013, Jason Lixfeld wrote:
>
>> The SE who's onsite is apparently claiming that there is no provision
>> to set a default gateway on the management interface.
>
> Everyone knows that attacks against your management interface come from
> devices not on your management network. By removing the default gateway
> feature, Ciena is improving the security of your network.
>
While my device is not a Ciena, it has the same issue - and I don't
think I'm going to be getting attacks against my management interface on
a 10.0.x.x network.
I want the option to decide for myself.
I'm not all that interested in setting up a management VLAN so this one
device in my central office will be happy on it's "virtually flat" network.
--
Jeff Shultz
