|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: Outboard Tunnel ModeWith most corporations security at the corporate firewall is a MUST no mater what is done at the machine I/O. With Security functions a MUST for iSCSI, an installation will pay for security twice and only use it once. Why pay for security at every I/O when the corporation mandates it at the edge? This seems like motorcycle helmet laws. Why mandate something that a reasonable person would do any way? David ------------------------------------------------------ David F. Hepner WA7UHT dfhepner@us.ibm.com IBM SSG San Jose, CA (408) 256-4981 Fax (408) 256-6214 Tie Line 8-276-4981 ----------------------------------------------------- John Hufferd/San Jose/IBM@IBMUS@ece.cmu.edu on 12/17/2001 11:13:00 AM Sent by: owner-ips@ece.cmu.edu To: VAHUJA@aol.com cc: ips@ece.cmu.edu Subject: Re: Outboard Tunnel Mode Installations can do what ever they want. The Security functions are must implement, NOT must use. . . . John L. Hufferd Senior Technical Staff Member (STSM) IBM/SSG San Jose Ca Main Office (408) 256-0403, Tie: 276-0403, eFax: (408) 904-4688 Home Office (408) 997-6136, Cell: (408) 499-9702 Internet address: hufferd@us.ibm.com VAHUJA@aol.com@ece.cmu.edu on 12/17/2001 10:09:10 AM Sent by: owner-ips@ece.cmu.edu To: ips@ece.cmu.edu cc: Subject: Outboard Tunnel Mode Folks, May be I missed something in SLC meeting. I can expect several implementations of iSCSI not include any security.Reason - I can see that customers would often rely on the company's existing VPNs (outboard Router etc) to protect their data (storage or otherwise) over IP networks. From a CIO's viewpoint, this approach may make more sense than extending yet another layer of IPSec into its servers just for storage data. It is not clear to me from the standard if it will be a non-compliance of iSCSI standard. If so, we may potentially have many non-compliances.
Home Last updated: Tue Dec 18 11:17:48 2001 8131 messages in chronological order |