On 2013-07-03 3:57 PM, "Brandon Ross" <br...@pobox.com> wrote: > >Everyone knows that attacks against your management interface come from >devices not on your management network. By removing the default gateway >feature, Ciena is improving the security of your network. > >It's time we created a BCOP specifying that default gateway functionality >be disabled or removed in all network deployments, in the interest of >security. Security improvements realized in the last few years by >dropping all ICMP and TCP DNS at firewall boundaries, not to mention >universal deployment of NAT, were just the first few steps to creating a >much more secure Internet. > >Once disablement of default gateway functionality has been become a >common >practice, the natural reduction in traffic on the Internet should allow >most operators to achieve enormous cost savings by powering off all of >their equipment. > Awesome - sorry, can't resistĀ. :)
Paul