10 Apr
2009
10 Apr
'09
12:27 p.m.
Roland Dobbins wrote:
On Apr 9, 2009, at 11:48 PM, Lee, Steven (NSG Malaysia) wrote:
Please share your thought and thanks in advance :)
No, IMHO. Most broadband operators don't insert firewalls inline in front of their subscribers, and wireless broadband is no different.
Some operators put firewalls to NAT their subscribers into smaller IP address pools (I have put some for a particular one).
The infrastructure itself must be protected via iACLs, the various vendor-specific control-plane protection mechanisms, and so forth, but inserting additional state in the middle of everything doesn't buy anything, and introduces additional constraints and concerns.
Yes.