[AG-TECH] Access Grid 3.0 beta1 available !

Colin Perkins csp at csperkins.org
Tue Jan 31 10:51:31 CST 2006

On 31 Jan 2006, at 16:28, Ivan R. Judson wrote:
> I think the interesting question from a user perspective is:
> Would you rather open one port and we tunnel all traffic through it  
> (and
> you'll never know about all the types or kinds of traffic) or make  
> it easy
> to have one tunnel per type of data/connection that's easier to  
> open/close
> and audit based on actual use?
> I *think* the future is in the latter, because you can easily see a
> manageable system being built that allows programmatic (with  
> authentication
> obviously) access for dynamically opening and closing tunnels based on
> specific "contracts" about usage, data, src/destination, duration,  
> etc.

And, if you have well defined (narrow) port ranges for each media,  
makes it easy to firewall off specific media, or to assign varying  
QoS for each media.

> I can't see any good way to justify "opaque aggregate tunnels" that  
> hide the
> fact a break-in occurred in a mess of other data.



More information about the ag-tech mailing list