>> [Ken] This may be feasible for stateful devices, but does not work
>> for stateless devices (QOS/Statistics/auditing functions). Even in
>> stateful devices, it requires coupling between observation on flows
>> and the associated heuristics cache engine, which creates an
>> additional overhead.
>At 2:33 PM -0700 2/10/09, Grewal, Ken wrote:
>>Stateless firewalls are commonly employed for efficiency and as a crude
>method for cutting off access to certain services - these are useful for
>basic access control in cost effective, high bandwidth, network scenarios.
>E.g. Corporations may not wa
At 2:33 PM -0700 2/10/09, Grewal, Ken wrote:
>Stateless firewalls are commonly employed for efficiency and as a crude method
>for cutting off access to certain services - these are useful for basic access
>control in cost effective, high bandwidth, network scenarios. E.g.
>Corporations may not w
Stateless firewalls are commonly employed for efficiency and as a crude method
for cutting off access to certain services - these are useful for basic access
control in cost effective, high bandwidth, network scenarios. E.g. Corporations
may not want to allow various P2P protocols, discovery of
gabriel montenegro wrote:
>I'll just comment on one item below:
>
>> As the draft says this is mostly meant for stateful devices, and that
>> has been the main goal for the document. The charter says:
>>
>> "A standards-track mechanism that allows an intermediary device, such
>> as a firewall or i
I'll just comment on one item below:
> As the draft says this is mostly meant for stateful devices, and that
> has been the main goal for the document. The charter says:
>
> "A standards-track mechanism that allows an intermediary device, such
> as a firewall or intrusion detection system ..."
>
This is of interest to ipsecme WG participants, too.
-Original Message-
From: ietf-announce-boun...@ietf.org [mailto:ietf-announce-boun...@ietf.org] On
Behalf Of The IESG
Sent: Tuesday, February 10, 2009 17:00
To: IETF-Announce
Cc: b...@ietf.org
Subject: Last Call: draft-ietf-btns-connect
