[AusNOG] NBN must avoid becoming 'failed state'

Paul Brooks pbrooks-ausnog at layer10.com.au
Mon Sep 20 17:18:53 EST 2010 

  On 19/09/2010 4:44 PM, Dobbins, Roland wrote:
> On Sep 18, 2010, at 9:37 AM, David Hughes wrote:
>
>> Security BCP's should be implemented regardless of the available bandwidth, however the end result of malicious use of unsecured networks will be much more significant when your outbound capacity increases by more than an order of magnitude.
>
> Concur 100%.  Also, one of the stated purposes of constructing an NBN is to ensure that broadband access is extended to portions of the populace who currently do not have it; broadening access has the correlative effect of broadening the target base for the miscreants.
But it doesn't extend access to any increased collection of providers, who are the 
ones that should have the technical nous and traffic handling infrastructure to 
detect, throttle and stomp on the offending traffic.

I am still unconvinced as to why it would be NBNCo that should implement bandwidth 
controls etc and not the service provider in their BRAS platform. NBN Co 
infrastructure will have no idea of the type of customer, the purpose to which their 
link is being put, or the destination of their traffic. The RSP on the other hand, 
seeing an upstream  link maxed out, has a far better chance of knowing that one link 
is a TV advertisement post-processing agency transferring a legitimate file to their 
producer, while another link is a 'standard' (whatever that means these days) 
residential home-user with IP destination addresses being sprayed across the globe, 
and therefore probably suspect.

If the argument is that the NBN Co has an opportunity or obligation to develop some 
sort of pre-engagement certification process that only allows RSPs who promise to 
install the right monitoring and response platforms, meet a standard of behaviour,  
and use the tools appropriately,  before the RSP is permitted to provide service over 
the NBN, then its fairly easy to point to a whole pile of other standards and codes of 
behaviour that ISPs are supposed to adhere to, but many don't. What should be the 
sanction for RSPs that promise to comply with such a code of behaviour, but fail to do 
so effectively at crunch-time?

P.


-- 
Paul Brooks               |         Mob +61 414 366 605
Layer 10 Advisory         |         Ph  +61 2 9402 7355
-------------------------------------------------------
Layer 10 - telecommunications strategy&  network design

More information about the AusNOG mailing list