Re: Shared facilities (was Re: your mail)
At 02:03 AM 8/21/2002 -0400, Sean Donelan wrote:
On Wed, 21 Aug 2002, David Lesher wrote:
If you haven't worked in an environment where you had to turn in your cellphone and pager at the front desk, show a badge to a camera around every corner, and get your office keys from a vending machine you dont know what real security looks like. You missed the places w/ real security. That's where the very
Unnamed Administration sources reported that N. Richard Solis said: polite Marine Security Guard with the 870 shotgun asks to see your badge again...
Sigh, and in places with "real security" you rarely find enemies/competitors sitting in the same room. Exchange points are like the United Nations, not high security military bases. AMS-IX, Equinix, Linx/Telehouse, PAIX, etc provide a neutral facility for competitors to exchange network traffic. The facility operators provide a reasonable level of security, and try to keep the diplomats from punching each other. Its in all (most?) the competitors' self-interest to follow the rules.
Sean, I have to disagree with you. All the transport I've designed so far works on the age old model that RBOC tech's don't care and they have unescorted access to the cross connect area. The actual colo area is where you have to worry about immature activity. Since Sept 11, my experience probably doesn't cut the mustard, but that's how it has been to this point.
Let's not lose sight of the purpose of colocation/exchange points. If we start requiring you to be a US citizen and have top secret clearance in order to enter a colocation facility, we've probably decreased the usefulness of the exchange points.
I think my point above exemplifies this. NO colo is secure from attack. No matter what they do. Regards, -- Martin Hannigan hannigan@fugawi.net
On Wed, 21 Aug 2002, Martin Hannigan wrote:
Since Sept 11, my experience probably doesn't cut the mustard, but that's how it has been to this point.
Consider the various public statements on colocation security. http://www.state.ma.us/dpu/catalog/6688.htm "Verizon MA believes that the most effective means of ensuring network safety and reliability is to eliminate physical collocation entirely in all its COs, converting existing physical collocation arrangements to virtual and requiring that all future collocation arrangements be virtual only." Of course, this is a very different colocation model than used by companies such as Equinix. Just because they use the same terms doesn't make them the same thing.
LOL, heck of a way to make it so they never have to sell another unbundled network element. Mike. On Wed, 21 Aug 2002, Sean Donelan wrote:
On Wed, 21 Aug 2002, Martin Hannigan wrote:
Since Sept 11, my experience probably doesn't cut the mustard, but that's how it has been to this point.
Consider the various public statements on colocation security.
http://www.state.ma.us/dpu/catalog/6688.htm
"Verizon MA believes that the most effective means of ensuring network safety and reliability is to eliminate physical collocation entirely in all its COs, converting existing physical collocation arrangements to virtual and requiring that all future collocation arrangements be virtual only."
Of course, this is a very different colocation model than used by companies such as Equinix. Just because they use the same terms doesn't make them the same thing.
+----------------- H U R R I C A N E - E L E C T R I C -----------------+ | Mike Leber Direct Internet Connections Voice 510 580 4100 | | Hurricane Electric Web Hosting Colocation Fax 510 580 4151 | | mleber@he.net http://www.he.net | +-----------------------------------------------------------------------+
The RBOCs have a long history of using the "security" card to attempt to squelch the requirement for physical collocation by the FCC and the PUCs. In my experience, the colo providers had more to worry about from the employees of the RBOC w.r.t. equipment sabotage than other colo customers. I saw this in Florida during the 95-96 timeframe and I'm sure that it's been repeated elsewhere. -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Sean Donelan Sent: Wednesday, August 21, 2002 1:51 PM To: nanog@merit.edu Subject: Eliminating physical colocation (was Re: Shared facilities) On Wed, 21 Aug 2002, Martin Hannigan wrote:
Since Sept 11, my experience probably doesn't cut the mustard, but that's how it has been to this point.
Consider the various public statements on colocation security. http://www.state.ma.us/dpu/catalog/6688.htm "Verizon MA believes that the most effective means of ensuring network safety and reliability is to eliminate physical collocation entirely in all its COs, converting existing physical collocation arrangements to virtual and requiring that all future collocation arrangements be virtual only." Of course, this is a very different colocation model than used by companies such as Equinix. Just because they use the same terms doesn't make them the same thing.
We have always had more of an issue with "Union Members" rather than "Verizon Employees" per se. If you don't use Union Labor to install in Boston or New York you had best have a secured cabinet or else 25 pair bundles seem to spontaneously develop slices. ----- Original Message ----- From: "N. Richard Solis" <nrsolis@aol.net> To: "Sean Donelan" <sean@donelan.com>; <nanog@merit.edu> Sent: Wednesday, August 21, 2002 2:17 PM Subject: RE: Eliminating physical colocation (was Re: Shared facilities)
The RBOCs have a long history of using the "security" card to attempt to squelch the requirement for physical collocation by the FCC and the PUCs. In my experience, the colo providers had more to worry about from the employees of the RBOC w.r.t. equipment sabotage than other colo customers. I saw this in Florida during the 95-96 timeframe and I'm sure that it's
repeated elsewhere.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Sean Donelan Sent: Wednesday, August 21, 2002 1:51 PM To: nanog@merit.edu Subject: Eliminating physical colocation (was Re: Shared facilities)
On Wed, 21 Aug 2002, Martin Hannigan wrote:
Since Sept 11, my experience probably doesn't cut the mustard, but
been that's
how it has been to this point.
Consider the various public statements on colocation security.
http://www.state.ma.us/dpu/catalog/6688.htm
"Verizon MA believes that the most effective means of ensuring network safety and reliability is to eliminate physical collocation entirely in all its COs, converting existing physical collocation arrangements to virtual and requiring that all future collocation arrangements be virtual only."
Of course, this is a very different colocation model than used by companies such as Equinix. Just because they use the same terms doesn't make them the same thing.
We have seen disgruntled Union members hit the EPO in data centers in Union-friendly cities. Not pretty outcome, no matter how much redundancy you have. Fire code is not compatible with Union rules. DJ (Disclaimer, I have a completely unbalanced view of Union workers, all bad. I know there are good Union workers, but I have never met any professionally -- I have met plenty AFTER retirement though).
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Vincent J. Bono Sent: Wednesday, August 21, 2002 2:50 PM To: N. Richard Solis; Sean Donelan; nanog@merit.edu Subject: Re: Eliminating physical colocation (was Re: Shared facilities)
We have always had more of an issue with "Union Members" rather than "Verizon Employees" per se. If you don't use Union Labor to install in Boston or New York you had best have a secured cabinet or else 25 pair bundles seem to spontaneously develop slices.
----- Original Message ----- From: "N. Richard Solis" <nrsolis@aol.net> To: "Sean Donelan" <sean@donelan.com>; <nanog@merit.edu> Sent: Wednesday, August 21, 2002 2:17 PM Subject: RE: Eliminating physical colocation (was Re: Shared facilities)
The RBOCs have a long history of using the "security" card to attempt to squelch the requirement for physical collocation by the FCC and
In my experience, the colo providers had more to worry about from the employees of the RBOC w.r.t. equipment sabotage than other colo customers. I saw this in Florida during the 95-96 timeframe and I'm sure that it's been repeated elsewhere.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Sean Donelan Sent: Wednesday, August 21, 2002 1:51 PM To: nanog@merit.edu Subject: Eliminating physical colocation (was Re: Shared facilities)
On Wed, 21 Aug 2002, Martin Hannigan wrote:
Since Sept 11, my experience probably doesn't cut the mustard, but
the PUCs. that's
how it has been to this point.
Consider the various public statements on colocation security.
http://www.state.ma.us/dpu/catalog/6688.htm
"Verizon MA believes that the most effective means of ensuring network safety and reliability is to eliminate physical collocation entirely in all its COs, converting existing physical collocation arrangements to virtual and requiring that all future collocation arrangements be virtual only."
Of course, this is a very different colocation model than used by companies such as Equinix. Just because they use the same terms doesn't make them the same thing.
On Wed, 21 Aug 2002, Deepak Jain wrote:
We have seen disgruntled Union members hit the EPO in data centers in Union-friendly cities.
Not pretty outcome, no matter how much redundancy you have.
I believe the Uptime Institute has some statistics showing EPO problems are one of the top five reasons for critical facility outages. Almost no telco CO's have facility-wide EPOs. Equinix facilities do not have facility-wide EPOs.
Fire code is not compatible with Union rules.
The fire code is your friend. Learn it, use it, follow it. It doesn't always say what everything thinks it says. Following the code, you can build a telecommunications facility without an EPO next to every door.
On Wed, 21 Aug 2002 17:28:48 -0400 (EDT) Sean Donelan <sean@donelan.com> wrote:
On Wed, 21 Aug 2002, Deepak Jain wrote:
We have seen disgruntled Union members hit the EPO in data centers in Union-friendly cities.
Not pretty outcome, no matter how much redundancy you have.
I believe the Uptime Institute has some statistics showing EPO problems are one of the top five reasons for critical facility outages.
i've seen poorly trained, inexperienced electricians hit EPOs for totally bogus reasons. putting a big red EPO button in front of them is like dangling a shiney object in front of some people i know. once at GE R&D, we had an electrician announce that "the room was running on emergency power", so he had to turn the emergency power off. richard -- Richard Welty rwelty@averillpark.net Averill Park Networking 518-573-7592 Unix, Linux, IP Network Engineering, Security
On Wed, 21 Aug 2002, Deepak Jain wrote:
We have seen disgruntled Union members hit the EPO in data centers in Union-friendly cities.
Not pretty outcome, no matter how much redundancy you have.
I believe the Uptime Institute has some statistics showing EPO problems are one of the top five reasons for critical facility outages.
Almost no telco CO's have facility-wide EPOs.
Equinix facilities do not have facility-wide EPOs.
Fire code is not compatible with Union rules.
The fire code is your friend. Learn it, use it, follow it. It doesn't always say what everything thinks it says. Following the code, you can build a telecommunications facility without an EPO next to every door.
---- Like anything, clue is hard to come by in consistent quantities. Yes, you can do a lot of things once you understand the code, but even a small (areawise) EPO causes lots of problems for whoever's equipment was hit. If the reason was a disgruntled Union worker, so much's the pity. DJ
These places do not have cameras and evidence that point to malicious intent to destroy your network? I'm sorry but that would make me just about irate, and definitely insist on moving the equipment ASAP. I don't plan on paying for colo facilities that I have any doubt in the integrity of the people with access to the facility. (Similar Disclaimer: I've never met a union worker that wanted to do more for the customer, than for themselves. Their blatant apathy can be a detriment to real work in times of emergencies.) G On Wed, 21 Aug 2002, Deepak Jain wrote:
We have seen disgruntled Union members hit the EPO in data centers in Union-friendly cities.
Not pretty outcome, no matter how much redundancy you have.
Fire code is not compatible with Union rules.
DJ
(Disclaimer, I have a completely unbalanced view of Union workers, all bad. I know there are good Union workers, but I have never met any professionally -- I have met plenty AFTER retirement though).
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Vincent J. Bono Sent: Wednesday, August 21, 2002 2:50 PM To: N. Richard Solis; Sean Donelan; nanog@merit.edu Subject: Re: Eliminating physical colocation (was Re: Shared facilities)
We have always had more of an issue with "Union Members" rather than "Verizon Employees" per se. If you don't use Union Labor to install in Boston or New York you had best have a secured cabinet or else 25 pair bundles seem to spontaneously develop slices.
Bell COs do not have Cameras, at least not those in Verizon, Bell South, or SBC land that we have seen. ----- Original Message ----- From: "Gerald" <gcoon@inch.com> To: <nanog@merit.edu> Sent: Wednesday, August 21, 2002 5:30 PM Subject: RE: Eliminating physical colocation (was Re: Shared facilities)
These places do not have cameras and evidence that point to malicious intent to destroy your network?
I'm sorry but that would make me just about irate, and definitely insist on moving the equipment ASAP. I don't plan on paying for colo facilities that I have any doubt in the integrity of the people with access to the facility.
(Similar Disclaimer: I've never met a union worker that wanted to do more for the customer, than for themselves. Their blatant apathy can be a detriment to real work in times of emergencies.)
G
On Wed, 21 Aug 2002, Deepak Jain wrote:
We have seen disgruntled Union members hit the EPO in data centers in Union-friendly cities.
Not pretty outcome, no matter how much redundancy you have.
Fire code is not compatible with Union rules.
DJ
(Disclaimer, I have a completely unbalanced view of Union workers, all
bad.
I know there are good Union workers, but I have never met any professionally -- I have met plenty AFTER retirement though).
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Vincent J. Bono Sent: Wednesday, August 21, 2002 2:50 PM To: N. Richard Solis; Sean Donelan; nanog@merit.edu Subject: Re: Eliminating physical colocation (was Re: Shared facilities)
We have always had more of an issue with "Union Members" rather than "Verizon Employees" per se. If you don't use Union Labor to install in Boston or New York you had best have a secured cabinet or else 25 pair bundles seem to spontaneously develop slices.
participants (8)
-
Deepak Jain -
Gerald -
Martin Hannigan -
Mike Leber -
N. Richard Solis -
Richard Welty -
Sean Donelan -
Vincent J. Bono