Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Scaled Back Cybersecuruty

  • From: Kelly J. Cooper
  • Date: Tue Jan 14 18:21:22 2003

Sorry this was delayed... had some problems with being subscribed to
nanog-post under vs.  Hopefully, this'll go
through. -kjc

On 9 Jan 2003, Paul Vixie wrote:
> (Pete Kruckenberg) writes:
> > Is there anything happening with collaborative security policy and
> > remediation in the industry? Has any effort showed progress towards an
> > effective ISAC or similar? Can networks realistically collaborate on
> > security, or do the political and operational barriers not justify the
> > effort?
> i think that kelly cooper's ISP ISAC was doomed in spite of kelly's
> excellent efforts, simply because the ISP community is too large.  an IP
> Broadband ISAC, and an IP Longhaul ISAC, and an IP Hosting ISAC, and other
> small/focused isacs, could yet fly.

Thank you for the props Paul, but I think it was more an issue of money.

Just for the record (because I've gotten several private emails on this)
there is no ISP-ISAC.  It is not an entity, a company, or even an
organized group of like-minded ISPs.

The project to create the ISP-ISAC is currently on hold.  Funding has been
the main issue, so [ BIG HINT ] if anyone wants to jump up and offer to
fund it, I've got the entire proposed infrastructure documented and ready
for non-profit incorporation, plus several ISPs willing to be founding

(You maybe be asking yourself, what's the funding for?  I've said this
before, but it bears repeating.  Having worked on ISP-to-ISP cooperation
both formally and informally for 7 years now, I can say that the main
lesson I've learned is that the coordination needs to be someone's job.
Not something they do when they have time, as a subset of their real job,
that gets deprioritized when a local emergency comes up.  A real job,
full-time.  And something I've noticed is that ISPs don't really trust one
another, so the job has to be ISP-neutral.  Those issues mean contracting
the operational piece of an ISP-ISAC out to a third party.  And that takes

> to that end :-), something is happening with a DNS ISAC.  (more later.)

Good idea.  Good luck.

Kelly J.

Kelly J. Cooper        -  Security Engineer, CISSP
GENUITY                -  Main # - 800-632-7638
Woburn, MA 01801       -

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.