[AusNOG] Hosted SBC on Megaport

Skeeve Stevens skeeve+ausnog at eintellegonetworks.com
Tue Nov 11 21:02:18 EST 2014


Isn't MACSEC a hardware implementation at the switchport? I didn't think it
was possible to do it on a VLAN... if it is, I'd LOVE to know... that would
be awesome and if the kit supported it, I'd use it for every VLAN crossing
someone elses network.


...Skeeve

*Skeeve Stevens - *eintellego Networks Pty Ltd
skeeve at eintellegonetworks.com ; www.eintellegonetworks.com

Phone: 1300 239 038; Cell +61 (0)414 753 383 ; skype://skeeve

facebook.com/eintellegonetworks ;  <http://twitter.com/networkceoau>
linkedin.com/in/skeeve

twitter.com/theispguy ; blog: www.theispguy.com


The Experts Who The Experts Call
Juniper - Cisco - Cloud - Consulting - IPv4 Brokering

On 11 November 2014 20:01, Shaun Dwyer <shaun at dwyer.id.au> wrote:

> This actually brings up an interesting point…
>
> Shane: The realities of LI are more or less that Megaport would have to
> comply with any valid request to snoop on traffic… I’m sure you already
> know this though… “Secure” is a relative term in this case.
>
> As a network operator with supposedly ‘secure’ VXCs (not on Megaport mind
> you), is it time I start investing in routers/switches that support 802.1AE
> (MACSec) in hardware?
>
> Is it worth encrypting traffic on my VXCs to prevent LI without my
> knowledge?
>
> With the questionable laws that are forced on us these days in terms of LI
> and data retention, how far should should a network operator go to protect
> data from snooping without our knowledge? I’m all for catching legitimate
> bad guys, but personally I feel that some of our current laws are
> over-reaching.
>
>
> Cheers!
> Shaun
>
> On 11 Nov 2014, at 4:30 pm, Bevan Slattery <bevan at slattery.net.au> wrote:
>
> Two words. Straw man.
>
> http://en.m.wikipedia.org/wiki/Straw_man
>
> B
>
>
> On 10 Nov 2014, at 10:29 pm, Shane Short <shane at short.id.au> wrote:
>
> Hi Bevan,
>
> I think you're missing my point here-- my post wasn't taking a shot at
> Megaport, you're the one who took it that way.
> I'm fully aware of the benefits of Virtual Cross Connects, I was simply
> asking if the service *must* be delivered via VXC, as by doing so-- he's
> narrowing his list of possible providers.
>
> I'm glad you've touched on Security below-- are the VXC products encrypted
> in any way? As Megaport is a licensed carrier-- if they get a LI request,
> can that traffic be intercepted at the layer 2 level?
>
> -Shane
>
>
> Bevan Slattery wrote:
>
> I¹ll move past the name calling :)
>
> To directly answer your question I¹ll provide three (3) examples of other
> providers offering customers the ability to direct connect networks as an
> alternative to peering or transit.
>
> Amazon quote 6 main reasons for Direct Connect
> http://aws.amazon.com/directconnect/
>
> - Reduces your bandwidth costs
> - Consistent Network Performance
> - Compatible with all your Amazon VPC
> - Private Connectivty to your Amazon VPC
> - Elastic
> - Simple
>
> Microsoft provides 6 main reasons for Azure ExpressRoute:
> http://azure.microsoft.com/en-us/services/expressroute/
>
> - Private Connections to Azure
> - Increased Reliability and Speed
> - Lower Latencies
> - Higher Security
> - Significant Costs Benefits
> - Directly Connect from your WAN
>
> Google Cloud/Compute States about their GCI product
> https://cloud.google.com/interconnect
>
> "Connecting with GCI will enable your infrastructure to connect to Google
> Cloud with higher availability and lower latency connections."
>
> The Megaport VXC info is available here
> http://www.megaport.com/services/megaport-vxcs.html
>
> You can light up a VXC (think VLAN) from as little as 100Mbps to
> 10,000Mbps between ports for $20 per day or $200/month regardless of
> speed.  So you want to spin up a 5,000Mbps connection to someone to backup
> 200TB of data - $20/day.  You have greater protection of being DDoS¹d,
> interception, greater stability in latency and have guaranteed capacity.
>
> But where it gets sexy and where the other guys are already taking it is
> that they have integrated our API into their systems, so that if someone
> wants to buy a service from AWS they automagically provision the silicon
> at AWS and the circuit for that customer without touching a single thing.
> Some hosting providers are already taking it the other way.  Transit
> providers will be doing the same very soon.
>
> If you want to actually take time to read about what we are doing, I think
> you could be pleasantly surprised.
>
> Cheers
>
> [b]
>
>
> From:  Shane Short<shane at short.id.au>
> Date:  Monday, 10 November 2014 9:36 pm
> To:  Bevan Slattery<bevan at slattery.net.au>
> Cc:  Skeeve Stevens<skeeve+ausnog at eintellegonetworks.com>,
> "ausnog at lists.ausnog.net"<ausnog at lists.ausnog.net>
> Subject:  Re: [AusNOG] Hosted SBC on Megaport
>
>
> If you're implying what I
> think you're implying-- I wasn't schilling for a specific product (link
> you were the other day), I was simply asking for a qualification if the
> Megaport portion was actually required, as there's a heap of options
> that he's ruling out by requiring it.
>
> But hey, if we want to be fangirls for the sake of being fangirls-- go
> for it.
>
> Kind Regards,
> Shane Short
>
> Bevan Slattery wrote:
>
>
>  Hahaha.  The irony here is delicious.
>
> [b]
>
> On 10 Nov 2014, at 9:16 pm, Shane Short<shane at short.id.au>
> wrote:
>
>
>
> Excuse my ignorance, but
> what does doing this specifically over Megaport really buy you?
>
> I'm sure there's heaps of providers that could offer you this service
> over any number of methods including IX, Peering Arrangements and
> Transit.
>
> -Shane
>
> Skeeve Stevens wrote:
>
> This might be an odd question.
> Anyone
>
> out there who would offer virtualised Session Border Controller's
> deliverable over Megaport.
>
> Not knowing much
> about VoiP and SBC's... Sorry if this is a stupid question.
>
> Replies
>
> off-list
>
> ...Skeeve
>
> Skeeve Stevens - eintellego Networks Pty Ltd
> skeeve at eintellegonetworks.com ; www.eintellegonetworks.com
> <http://www.eintellegonetworks.com/>Phone: 1300 239
> 038; Cell +61 (0)414 753 383 ; skype://skeeve
> facebook.com/eintellegonetworks<http://facebook.com/eintellegonetworks>  ;
> linkedin.com/in/skeeve<http://linkedin.com/in/skeeve>
> twitter.com/theispguy<http://twitter.com/theispguy>  ;
>
> blog: www.theispguy.com<http://www.theispguy.com/>
>
>
>
> The
>
> Experts Who The Experts Call
>
> Juniper - Cisco - Cloud - Consulting - IPv4 Brokering
>
>
>
>
>
>
>
>
>
>  _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.nethttp://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
>
>  _______________________________________________
> AusNOG
> mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20141111/75a566b7/attachment.html>


More information about the AusNOG mailing list