> A few questions: > > 1) Does anyone know of a list of known security-conscious ISP's (for larger > corporate circuits) that are known for providing basic security services > (ingress/egress filters, RFC1918's, and client-specific filter requests) to > customers without hassle. Ok first off; NANOG would be an excellent place to ask this. That said, here is my feedback: Colocation or T1/DSL/etc? Colo providers tend to have a lot more resources available for the above configurations, and as the market is relatively cut-throat, will go the extra mile to sell you some blanket security policy, providing your salesperson isnt a whoring shill who will make any promise to get your signature without the faintest interest in what resources are actually available. T1 and up providers dont get their hands dirty with client specific router configuration for the same reasons that consultants get paid Big Money: it requires a lot of work and generally speaking, an ongoing degree of effort. > 2) Does anyone else have an ISP that, by policy, will not filter upstream? Very few ISP's do filters, in fact I dont know of any who will without a specific attack taking place (and even then, oye...). Same logic as above. Honestly Id be skeptical of any ISP that tried to tell me they were going to take a client by client approach to configuring ACL's etc. The resources that would require would impose a cost overhead that would look Wrong on paper from any angle, at any period in history, in this empire or any other. > Just curious if there are greener pastures... You never know, nature abhors a vacuum and all... -Jason Storm > Thanks, > > Keith W. McCammon > Sr. Network Engineer > AdvanceMed Corporation > 11710 Plaza America Drive > Reston, VA 20190 > Phone: 703.261.4891 > Fax: 703.261.5300 >
This archive was generated by hypermail 2b30 : Fri Jun 01 2001 - 15:53:26 PDT