[afripv6-discuss] IPv6 Magic --- New from
Microsoft --- SecureDirectAccess end to end
Latif LADID ("The New Internet based on IPv6")
latif at ladid.lu
Sat Feb 21 09:04:40 SAST 2009
Leo,
Fully agree. We should recommend dual stack firewalls to start with.
I should not have used too quickly email as an example. I should have just
stuck to access to the full home network:
"DirectAccess allows a Windows 7 client to have always-on/always-connected
experience to the corporate network without the need for a VPN. Where ever
the client goes (coffee shop, home, another corporate network, whatever) the
client will automatically connect back to the corporate network and allow
the user to access resources just like they were sitting at their desk."
As you mention, we should encourage this kind of interesting models for
others to investigate and create new ones.
Cheers
Latif
-----Original Message-----
From: afripv6-discuss-bounces at afrinic.net
[mailto:afripv6-discuss-bounces at afrinic.net] On Behalf Of Leo Vegoda
Sent: 21 February 2009 02:38
To: IPv6 in Africa
Subject: RE: [afripv6-discuss] IPv6 Magic --- New from Microsoft ---
SecureDirectAccess end to end
Hi Latif,
> Many email servers are behind NATs :-)
Indeed. But not for a lack of readily available IPv4 addresses from AfriNIC.
I know that AfriNIC have reached out to governments as well as industry and
academia to make sure that they are all fully aware that they can have as
much IPv4 address space as their networks need. True, IPv4 will be harder to
come by in a few years time but AfriNIC has plenty available at the moment
and the IANA free pool has 32 /8s in it. If a ministry needs IPv4 address
space for its network it can get it without a problem.
I suspect the lack of external access to e-mail is down to security policy.
I have friends working in both private industry and public service who do
not have external access to business e-mail as a matter of their employer's
security policy. It is not unusual in some industries and I don't think we
should be surprised if some government ministries have security policies
that don't allow this. Further, I disagree with the implication that
ministers using free webmail services are sending sensitive e-mails
unencrypted when free text encryption software has been around since 1991.
None if this should be read as me turning my nose up at the work Microsoft
has done. I am glad to welcome this development and I am sure that this and
similar implementations will make our lives better over the next couple of
decades. Nonetheless, it doesn't mean that security policies will be relaxed
or that e-mail sent today via free webmail services cannot be protected from
prying eyes with high quality encryption.
Regards,
Leo_______________________________________________
afripv6-discuss mailing list
afripv6-discuss at afrinic.net
https://lists.afrinic.net/mailman/listinfo.cgi/afripv6-discuss
More information about the afripv6-discuss
mailing list