IETF Logo Mail Archive

Re: [sidr] BGPSec scaling (was RE: beacons and bgpsec)

"George, Wesley" <wesley.george@twcable.com> Wed, 07 September 2011 15:07 UTC

Return-Path: <wesley.george@twcable.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9771521F8B2D for <sidr@ietfa.amsl.com>; Wed, 7 Sep 2011 08:07:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.14
X-Spam-Level:
X-Spam-Status: No, score=-0.14 tagged_above=-999 required=5 tests=[AWL=0.323, BAYES_00=-2.599, HELO_EQ_MODEMCABLE=0.768, HOST_EQ_MODEMCABLE=1.368]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zWHr35VXR5qH for <sidr@ietfa.amsl.com>; Wed, 7 Sep 2011 08:07:36 -0700 (PDT)
Received: from cdpipgw02.twcable.com (cdpipgw02.twcable.com [165.237.59.23]) by ietfa.amsl.com (Postfix) with ESMTP id CADA121F8ADE for <sidr@ietf.org>; Wed, 7 Sep 2011 08:07:31 -0700 (PDT)
X-SENDER-IP: 10.136.163.14
X-SENDER-REPUTATION: None
X-IronPort-AV: E=Sophos;i="4.67,492,1309752000"; d="scan'208";a="255984502"
Received: from unknown (HELO PRVPEXHUB05.corp.twcable.com) ([10.136.163.14]) by cdpipgw02.twcable.com with ESMTP/TLS/RC4-MD5; 07 Sep 2011 11:08:06 -0400
Received: from PRVPEXVS04.corp.twcable.com ([10.136.163.28]) by PRVPEXHUB05.corp.twcable.com ([10.136.163.14]) with mapi; Wed, 7 Sep 2011 11:09:19 -0400
From: "George, Wesley" <wesley.george@twcable.com>
To: Jakob Heitz <jakob.heitz@ericsson.com>, Rob Shakir <rjs@rob.sh>
Date: Wed, 07 Sep 2011 11:09:18 -0400
Thread-Topic: [sidr] BGPSec scaling (was RE: beacons and bgpsec)
Thread-Index: AcxtX9RRciuxpYOPRTmM125yD16/7AACn23Q
Message-ID: <34E4F50CAFA10349A41E0756550084FB0DF09612@PRVPEXVS04.corp.twcable.com>
References: <A37CADA4-F16D-4C01-8D9C-D01001C4EFE4@tcb.net> <21C19DA8-7BF3-4832-8C13-C9A45FE026FB@algebras.org> <87D9E106-2A37-4E1E-8C69-7084C199A3FE@tcb.net> <331AEFBD-6AE5-469E-A11E-E672DC61DCDC@pobox.com> <B92913D1-AB82-4D9F-B8A9-F8F4F99713D6@tcb.net> <p06240803ca685bff5443@[128.89.89.43]> <D6D12861-412E-4A65-B626-B627449981B8@tcb.net> <34E4F50CAFA10349A41E0756550084FB0C2ED5A4@PRVPEXVS04.corp.twcable.com> <7B321CF0-ABE6-4FCD-B755-8099BB63399A@rob.sh> <5E9BE75F-C0A6-4B48-B15F-7E0B80EFE981@ericsson.com>
In-Reply-To: <5E9BE75F-C0A6-4B48-B15F-7E0B80EFE981@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: sidr wg list <sidr@ietf.org>
Subject: Re: [sidr] BGPSec scaling (was RE: beacons and bgpsec)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2011 15:07:36 -0000

-----Original Message-----
From: sidr-bounces@ietf.org [mailto:sidr-bounces@ietf.org] On Behalf Of Jakob Heitz
Sent: Wednesday, September 07, 2011 9:13 AM
Subject: Re: [sidr] BGPSec scaling (was RE: beacons and bgpsec)

So, a question for you Rob. Will your customers pay the premium for BGP security?

WEG] This question is a good one, as it makes the difference between a capex driver with no projected bottom-line improvement and a potential revenue stream. We've seen the "unfunded mandate" movie before. It's one of the reasons that IPv6 deployment took so long -
"yeah we have to spend $xxM to upgrade the network and our systems to support IPv6."
"Ok, how much extra can we charge for that?"
"Um...yeah, about that... but if we don't have it soon, our customers will leave us and we might run out of IP addresses..."
"I haven't had any customers ask me for it...when is soon?"
"Maybe 12-18 months?"
"Ok, let's do it next year then."
(lather, rinse, repeat for several years)

My guess is that the union of who is willing to pay for it and what they're willing to pay likely won't cover the SP's costs to implement it. Generally security is one of those things that either is critical, cost-no-object or is seen as optional if the threat of impact is low enough compared with the cost of avoidance/prevention. I think that the threat risk BGPSec is addressing is seen as pretty low by the vast majority of small to medium enterprises if they've never been hit by it. Heck, we've recently seen some very large companies get burned for not having properly invested in security in areas where the threat model was a bit more obviously risky (Sony)...
The sales pitch for BGPSec, especially in an incremental deployment model will have a lot of bearing on that perceived level of risk and our collective ability to mitigate it. If we're successful, maybe it becomes a sustainable investment. However, it's risky to assume that this will cover the added cost burden completely.

Wes George


This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout.

v2.23.0 | Report a Bug | By Email