RE: Where are static bogon filters appropriate? was: Bogons

Disabling their port and punting them to customer support is
NOT a cost
efficient way of dealing with the problems, at least not in
the market I
am in.

It's like the car rental business. If you want to provide cars to people
without a drivers license, then your customer support people will be
busy whether or not you provide them with a competent driving service,
i.e. a driver. In today's world ISPs provide Internet access services to
people who are not competent to manage those services and it all ends in
higher support costs somewhere along the way.

But, if you would provide a MANAGED Internet access service where you
install a gateway box that you can monitor and configure, now you are
providing a real service to the customer. Since you can configure that
box, you can identify potential bad traffic and throttle it rather than
shutting down the entire gateway. Baddies will get no joy from hacking
your customer and will go away.

The vendors of little gateway boxes, generally DSL/Cable
router/siwtch/modems, implement most of their functionality in software.
If service providers demand a sensible box with firewall capabilities
and remote monitoring/management by the service provider, then the
vendors can quickly get a product to market. Yes, this is a higher end
service because it is managed, but many have learned that specializing
in high-touch services is a lucrative business.

--Michael Dillon