--- frnkblk@iname.com wrote: -------------------- We have a two-dozen line long ACL applied to our CMTS and BRAS blocking Windows and "virus" ports and have never had a complaint or a problem. We do have a more sophisticated residential or large-biz customers ask, but ---------------------------------------- I'd like to ask the same question of you that I just did to Chris. How'd you implement that or has it been there since the network was new? scott
I'd like to ask the same question of you that I just did to Chris. How'd you implement that or has it been there since the network was new?
I would suggest a good resource is the MAAWG papers, and even though you are stretched thin, consider attending a MAAWG meeting. MAAWG has a lot of members that have already experienced the same situatations as you, and may be able to help. http://www.maawg.org/about/publishedDocuments Obviously, I'm biased, but I like how SBC handled it :-) Not that it was a problem free implementation.
Those ACLs were added when I came on board. Again, only one complaint in 3+ years. And customers wonder why I shudder when they tell me that they plug in their Win9x computers directly into their cable modem. I can't imagine how much worse it would be if I didn't block the SMB ports. Frank -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Scott Weeks Sent: Tuesday, March 11, 2008 9:35 PM To: nanog@merit.edu Subject: RE: Customer-facing ACLs --- frnkblk@iname.com wrote: -------------------- We have a two-dozen line long ACL applied to our CMTS and BRAS blocking Windows and "virus" ports and have never had a complaint or a problem. We do have a more sophisticated residential or large-biz customers ask, but ---------------------------------------- I'd like to ask the same question of you that I just did to Chris. How'd you implement that or has it been there since the network was new? scott
participants (3)
-
Frank Bulk - iNAME -
Scott Weeks -
Sean Donelan