[j-nsp] ACX5048 - protect remote access (telnet, ssh, http, snmp)
Mark Tinka
mark.tinka at seacom.mu
Sat Apr 2 05:59:26 EDT 2016
On 2/Apr/16 11:04, Saku Ytti wrote:
>
> I've always wondered why is this a hard problem, especially in low
> end? Naively I'd think that from your ASIC waste one revenue port as
> host-bound facing and implement normal port ACLs there.
It is exactly for that reason. Vendors will assume all low-end
requirements place more emphasis on cost than security (however basic)
or generally well-practiced network operational requirements.
They'll further justify it by saying, "If you want all the bells &
whistles, we have box for that".
Mark.
More information about the juniper-nsp
mailing list