[LinkSec] Business models still missing for point to point
Hello all,
Usage scenarios for point-to-point networks are still missing business case wise. It is possible that link security in point-to-point case does not make sense. For example, it is being told that 802.10 was used for a while but has not been used after VLAN tagging was standardized. VLAN tagging, source port filtering, and maybe filtering some Ethertypes at access ports may be adequate to achieve high level of security at layer two. For example, in Sweden and in other places, as well, there are well established operators who run IP over Ethernet networks for subscriber access. Probably other L3 protocols may be carried over these L2 segments if required.
There are about 80 000 customers in Bredbandsbolaget's network in Stockholm, Sweden. The company has been operational for several years so they can probably cope with the current level of security.
Norman Finn brought up in principle a valid point-to-point scenario in the security session in New Orleans. In that scenario cables are run through multiple offices. There is a risk of somebody in one office eavesdropping or inserting a man-in-the-middle box into a cable running to another office. With added L2 security it could be allowed that cables are installed in that way. However, that kind of installation does not really comply with current regulations for installations in buildings. Therefore, I believe that the scenario does not cover a large proportion of the total market.
Antti Pietilainen
Nokia Research Center
P.O. Box 407
FIN-00045 NOKIA GROUP
Finland
tel. +358-(0)71-8036660, fax. +358-(0)71-8036214
email: antti.pietilainen@nokia.com