RE: Customer-facing ACLs

--- wrote: --------------------

We have a two-dozen line long ACL applied to our CMTS and BRAS blocking
Windows and "virus" ports and have never had a complaint or a problem. We
do have a more sophisticated residential or large-biz customers ask, but

Sorry, I should have been more clear. I added them a few months after I
came on board. The ports that are blocked are either Window's SMB/RPC ports
or the ones that (a long time ago) were used by worms. Correct, no research
into traffic or contact with customers. Although some may argue that
sharing one's files with their neighbor using Window's File and Print
sharing is a valid service, it's generally accepted that that residential
subscribers have no legitimate need to be communicating with those ports on
the internet and they are 100 times to 1 more likely to carry malicious
traffic than not. And as our history has shown, there's been close to zero
issues. Yes, perhaps customers just didn't bother to call in to complain or
that call wasn't escalated to me, but I think I could communicate a pretty
convincing argument if required.