North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Scaled Back Cybersecuruty
- From: Kelly J. Cooper
- Date: Tue Jan 14 18:21:22 2003
Sorry this was delayed... had some problems with being subscribed to
nanog-post under genuity.com vs. genuity.net. Hopefully, this'll go
On 9 Jan 2003, Paul Vixie wrote:
> firstname.lastname@example.org (Pete Kruckenberg) writes:
> > Is there anything happening with collaborative security policy and
> > remediation in the industry? Has any effort showed progress towards an
> > effective ISAC or similar? Can networks realistically collaborate on
> > security, or do the political and operational barriers not justify the
> > effort?
> i think that kelly cooper's ISP ISAC was doomed in spite of kelly's
> excellent efforts, simply because the ISP community is too large. an IP
> Broadband ISAC, and an IP Longhaul ISAC, and an IP Hosting ISAC, and other
> small/focused isacs, could yet fly.
Thank you for the props Paul, but I think it was more an issue of money.
Just for the record (because I've gotten several private emails on this)
there is no ISP-ISAC. It is not an entity, a company, or even an
organized group of like-minded ISPs.
The project to create the ISP-ISAC is currently on hold. Funding has been
the main issue, so [ BIG HINT ] if anyone wants to jump up and offer to
fund it, I've got the entire proposed infrastructure documented and ready
for non-profit incorporation, plus several ISPs willing to be founding
(You maybe be asking yourself, what's the funding for? I've said this
before, but it bears repeating. Having worked on ISP-to-ISP cooperation
both formally and informally for 7 years now, I can say that the main
lesson I've learned is that the coordination needs to be someone's job.
Not something they do when they have time, as a subset of their real job,
that gets deprioritized when a local emergency comes up. A real job,
full-time. And something I've noticed is that ISPs don't really trust one
another, so the job has to be ISP-neutral. Those issues mean contracting
the operational piece of an ISP-ISAC out to a third party. And that takes
> to that end :-), something is happening with a DNS ISAC. (more later.)
Good idea. Good luck.
Kelly J. Cooper - Security Engineer, CISSP
GENUITY - Main # - 800-632-7638
Woburn, MA 01801 - http://www.genuity.net