[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: survey of isp security practices
On Nov 18, 2004, at 10:15 AM, Shashi Kiran wrote:
> Does anyone have examples of large nets where more than a few
> local users are maintained across all devices ?
Another instance of a network-level issue is the case where a provider has managed VPNs with a centralized shared RADIUS between enterprises,
Seems like more of a service to customers than something used to manage admin access to the providers core.
and there was a possibility for subscribers belonging to one VPN to switch between VPNs or access a different service profile, by introducing certain VSAs or source-spoofing, and cause security breaches. In this case access controls checks need to be tightened on the router nodes or PEs where subscribers are terminating, since the RADIUS by itself cannot handle it. Not sure if you want to cover such scenarios here.
Seems a bit convoluted, to me anyhow. Do you know of an example of a core being managed in this way?