|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Vulnerbilities of Interconnection
At 12:44 PM 9/5/2002 -0400, [email protected] wrote: A quick point...Several folks have postulated that the internal (non-physical) threat dwarfs that of the physical threat, due to the lack of visibility, the difficulty of tracking and coordinating a response, and the millions of vulnerable systems world-wide capable of launching an internal attack. A physical attack (a hole in a wall for example) can typically be detected and corrected in a matter of hours or days, while an effective internal attack could be varied in time and scope causing at least as much damage invisibly for a much longer period of time.One part that we are looking at are the vulnerbilites of interconnection facilites. That said, a few years back I wrote the "Interconnection Strategies for ISPs" white paper, which speaks to the economics of peering using exchange points vs. using pt-to-pt circuits. It documents a clear break even point where large capacity circuits (or dark fiber loops) into an IX with fiber cross connects within a building are a better fit (financially) than pt-to-pt circuits. A couple physical security considerations came out of that research: 1) Consider that man holes are not always secured, providing access to metro fiber runs, while there is generally greater security within colocation environments 2) It is faster to repair physical disruptions at fewer points, leveraging cutovers to alternative providers present in the collocation IX model, as opposed to the Direct Circuit model where provisioning additional capacities to many end points may take days or months. Finally, I have seen a balancing act between how much it costs to protect against a disruption versus the cost of the disruption. In today's economy (unlike say a few years ago) more folks seem to be focused on doing this mathematically calculation rather than just picking full mesh interconnect topologies. Bill --------------------------------------------------------------------------------------------------------------- William B. Norton <[email protected]> 650.315.8635 Co-Founder and Chief Technical Liaison Equinix, Inc. Yahoo Instant Messenger ID: WilliamBNorton
|