[170143] in North American Network Operators' Group
Re: misunderstanding scale
daemon@ATHENA.MIT.EDU (Timothy Morizot)
Mon Mar 24 14:51:45 2014
In-Reply-To: <CAP-guGUsuVw6HopiD-tff70u41gB=VKUx7NTvHW09a7TiiU08g@mail.gmail.com>
Date: Mon, 24 Mar 2014 13:50:49 -0500
From: Timothy Morizot <tmorizot@gmail.com>
To: William Herrin <bill@herrin.us>
Cc: "nanog@nanog.org" <nanog@nanog.org>, Joe Greco <jgreco@ns.sol.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mon, Mar 24, 2014 at 12:37 PM, William Herrin <bill@herrin.us> wrote:
> What sort of traction are you getting from that argument when you
> speak with enterprise security folks?
>
Actually, I never even had to make the argument in our enterprise. Our
cybersecurity organization already knew that overall NAT reduced rather
than enhanced network security and had a deeper real understanding of
security defense in depth than I did. I never had to convince anyone that
NAT wasn't a security feature. It sounds like we have so many enterprises
that do security poorly because many don't even understand the basics.
Scott
