[AusNOG] Hosted SBC on Megaport

[Bevan Slattery]

Hi List,

There seems to be a misunderstanding of the obligations of interception in
Australia by some (not just Shane).  In particular the reference to
Megaport having a carrier licence is interesting.  For your future
reference (and this should already be known to all Network Operators) the
simplified version is here.

http://bit.ly/148a0h1


In summary:

1.  Every Carrier and every nominated CSP must have an interception
capability plan lodged with the AG’s dept July 1.
2.  The contents of the ICP must not be disclosed to anyone other than the
AG’s Dept (hence I won’t discuss)
3.  Every CSP/ISP regardless of whether it has been nominated or not, as
well as carrier must intercept should they be required to by appropriate
legal instrument (i.e. An IX that is not a carrier is a CSP and would need
to intercept if required)
4.  Nearly every CSP acquires services from a carrier at some level so an
ICP is in play and can happen without their knowledge (i.e. An IX that
acquired metro connectivity between PoP’s or intercap from a carrier)

Whilst I believe this appears to be a straw man argument I am giving the
benefit of the doubt here and responding with significant detail.  It is
simply incorrect to assume that any CSP/ISP does not have less of an
obligation to intercept, a fact many actual network operators on this list
understand.  Hence the reference to Megaport having being a carrier and
having an ICP has little/no relevance.

Cheers

[b]

PS:  Due to the new line cards on our boxes supporting hardware based
encryption, we are actually deploying hardware encryption between all
overseas PoP’s/DC at present.  We will be rolling this out between our
PoP’s/DC's in Australia over the next 12 months.  So traffic between DC's
will be encrypted.  As for interception of same read 1-4 and probably the
legislation too.


On 11/11/2014 12:35 am, "Shane Short" <shane at short.id.au> wrote:

>It was a genuine question, if you don't want to answer it, don't answer
>it. Stop being childish.
>
>Bevan Slattery wrote:
>> Two words. Straw man.
>>
>> http://en.m.wikipedia.org/wiki/Straw_man
>>
>> B
>>
>>
>>> On 10 Nov 2014, at 10:29 pm, Shane Short<shane at short.id.au>  wrote:
>>>
>>> Hi Bevan,
>>>
>>> I think you're missing my point here-- my post wasn't taking a shot at
>>>Megaport, you're the one who took it that way.
>>> I'm fully aware of the benefits of Virtual Cross Connects, I was
>>>simply asking if the service *must* be delivered via VXC, as by doing
>>>so-- he's narrowing his list of possible providers.
>>>
>>> I'm glad you've touched on Security below-- are the VXC products
>>>encrypted in any way? As Megaport is a licensed carrier-- if they get a
>>>LI request, can that traffic be intercepted at the layer 2 level?
>>>
>>> -Shane
>>>
>>>
>>> Bevan Slattery wrote:
>>>> I¹ll move past the name calling :)
>>>>
>>>> To directly answer your question I¹ll provide three (3) examples of
>>>>other
>>>> providers offering customers the ability to direct connect networks
>>>>as an
>>>> alternative to peering or transit.
>>>>
>>>> Amazon quote 6 main reasons for Direct Connect
>>>> http://aws.amazon.com/directconnect/
>>>>
>>>> - Reduces your bandwidth costs
>>>> - Consistent Network Performance
>>>> - Compatible with all your Amazon VPC
>>>> - Private Connectivty to your Amazon VPC
>>>> - Elastic
>>>> - Simple
>>>>
>>>> Microsoft provides 6 main reasons for Azure ExpressRoute:
>>>> http://azure.microsoft.com/en-us/services/expressroute/
>>>>
>>>> - Private Connections to Azure
>>>> - Increased Reliability and Speed
>>>> - Lower Latencies
>>>> - Higher Security
>>>> - Significant Costs Benefits
>>>> - Directly Connect from your WAN
>>>>
>>>> Google Cloud/Compute States about their GCI product
>>>> https://cloud.google.com/interconnect
>>>>
>>>> "Connecting with GCI will enable your infrastructure to connect to
>>>>Google
>>>> Cloud with higher availability and lower latency connections."
>>>>
>>>> The Megaport VXC info is available here
>>>> http://www.megaport.com/services/megaport-vxcs.html
>>>>
>>>> You can light up a VXC (think VLAN) from as little as 100Mbps to
>>>> 10,000Mbps between ports for $20 per day or $200/month regardless of
>>>> speed.  So you want to spin up a 5,000Mbps connection to someone to
>>>>backup
>>>> 200TB of data - $20/day.  You have greater protection of being DDoS¹d,
>>>> interception, greater stability in latency and have guaranteed
>>>>capacity.
>>>>
>>>> But where it gets sexy and where the other guys are already taking it
>>>>is
>>>> that they have integrated our API into their systems, so that if
>>>>someone
>>>> wants to buy a service from AWS they automagically provision the
>>>>silicon
>>>> at AWS and the circuit for that customer without touching a single
>>>>thing.
>>>> Some hosting providers are already taking it the other way.  Transit
>>>> providers will be doing the same very soon.
>>>>
>>>> If you want to actually take time to read about what we are doing, I
>>>>think
>>>> you could be pleasantly surprised.
>>>>
>>>> Cheers
>>>>
>>>> [b]
>>>>
>>>>
>>>> From:  Shane Short<shane at short.id.au>
>>>> Date:  Monday, 10 November 2014 9:36 pm
>>>> To:  Bevan Slattery<bevan at slattery.net.au>
>>>> Cc:  Skeeve Stevens<skeeve+ausnog at eintellegonetworks.com>,
>>>> "ausnog at lists.ausnog.net"<ausnog at lists.ausnog.net>
>>>> Subject:  Re: [AusNOG] Hosted SBC on Megaport
>>>>
>>>>
>>>> If you're implying what I
>>>> think you're implying-- I wasn't schilling for a specific product
>>>>(link
>>>> you were the other day), I was simply asking for a qualification if
>>>>the
>>>> Megaport portion was actually required, as there's a heap of options
>>>> that he's ruling out by requiring it.
>>>>
>>>> But hey, if we want to be fangirls for the sake of being fangirls-- go
>>>> for it.
>>>>
>>>> Kind Regards,
>>>> Shane Short
>>>>
>>>> Bevan Slattery wrote:
>>>>
>>>>
>>>>    Hahaha.  The irony here is delicious.
>>>>
>>>> [b]
>>>>
>>>> On 10 Nov 2014, at 9:16 pm, Shane Short<shane at short.id.au>
>>>>   wrote:
>>>>
>>>>
>>>>
>>>> Excuse my ignorance, but
>>>> what does doing this specifically over Megaport really buy you?
>>>>
>>>> I'm sure there's heaps of providers that could offer you this service
>>>> over any number of methods including IX, Peering Arrangements and
>>>> Transit.
>>>>
>>>> -Shane
>>>>
>>>> Skeeve Stevens wrote:
>>>>
>>>> This might be an odd question.
>>>> Anyone
>>>>
>>>>   out there who would offer virtualised Session Border Controller's
>>>> deliverable over Megaport.
>>>>
>>>> Not knowing much
>>>> about VoiP and SBC's... Sorry if this is a stupid question.
>>>>
>>>> Replies
>>>>
>>>>   off-list
>>>>
>>>> ...Skeeve
>>>>
>>>> Skeeve Stevens - eintellego Networks Pty Ltd
>>>> skeeve at eintellegonetworks.com ; www.eintellegonetworks.com
>>>> <http://www.eintellegonetworks.com/>Phone: 1300 239
>>>> 038; Cell +61 (0)414 753 383 ; skype://skeeve
>>>> 
>>>>facebook.com/eintellegonetworks<http://facebook.com/eintellegonetworks>
>>>>   ;
>>>> linkedin.com/in/skeeve<http://linkedin.com/in/skeeve>
>>>> twitter.com/theispguy<http://twitter.com/theispguy>   ;
>>>>
>>>>   blog: www.theispguy.com<http://www.theispguy.com/>
>>>>
>>>>
>>>>
>>>> The
>>>>
>>>>   Experts Who The Experts Call
>>>>
>>>> Juniper - Cisco - Cloud - Consulting - IPv4 Brokering
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>    _______________________________________________
>>>> AusNOG mailing list
>>>> AusNOG at lists.ausnog.nethttp://lists.ausnog.net/mailman/listinfo/ausnog
>>>>
>>>>
>>>>
>>>>
>>>>    _______________________________________________
>>>> AusNOG
>>>>   mailing list
>>>> AusNOG at lists.ausnog.net
>>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>>
>>>>