My question is what architectural recommendations will you make to your employer if/when the US Govt compels our employers to accept our role as the "front lines of this "cyberwar"? I figure once someone with a relevant degree of influence in the govts realizes that the "cyberwar" is between content/service controllers and eyeballs. With involuntary and voluntary botnets as the weapons of "the eyeballs", relying exclusively on a line of defense near to the content (services) leaves a great expanse of "battlefield". I would expect the content/service controllers to look for means to move the battleline as close to the eyeballs as possible (this community) So... if/when our employers are unable to resist the US Govt's demand that we "join in the national defense", wouldn't this community be the ones asked to guard the border? Assuming the govt won't send federal agents into each of our NOCs, won't our employers ask us "what can we do?" If inspecting and correlating every single packet/flow for attack signatures is not feasible (on scale), are there name/address registration/resolution measures that could effectively lock-down the edge? ...will we look toward China/Saudi Arabia/etc for lessons learned in there 'great firewalls' to develop a distributed version where central control pushes policy out to the edge (into the private networks that currently provide the dreaded "low barrier for entry")? Obviously the environment is created by layers 8/9, but I'm interested in the layer 1-7 solutions that the community would consider/recommend. -Michael