Security
SuperNOC
Thanks to Joe Jenett for pointing to the draft recommendations. Recommendations 4-39 and 4-40 are the ones under discussion.LEVEL 4: NATIONAL PRIORITIES CYBERSPACE ANALYSIS AND WARNINGR4-39 ISPs, hardware and software vendors, IT security-related companies, computer emergency response teams, and the ISACs, together, should consider establishing a Cyberspace Network Operations Center (Cyberspace NOC), physical or virtual, to share information and ensure coordination to support the health and reliability of Internet operations in the United States. Although it would not be a government entity and would be managed by a private board, the Federal government should explore the ways in which it could cooperate with the Cyberspace NOC.
R4-40 The Federal government should complete the installation of the Cyber Warning Information Network (CWIN) to key government and nongovernment cybersecurity-related network operation centers, to disseminate analysis and warning information and perform crisis coordination.
We have some of that already: Co-operative Association for Internet Data Analysis North American Network Operators Group Distributed Intrusion Detection System Internet Storm Center
What's needed instead:
- standardized points of contact: security@provider, abuse@provider
- patch management and system recovery tools
- responsiveness
The Internet is, if you recall, designed to weather disruption. CAIDA discusses the lack of effect of the recent foray against the root nameservers.
8:09:06 AM # Google It!
categories: Politics, Security