►
From YouTube: IETF 96 - Thursday Lunch Session - Advancing Cybersecurity through Next Generation Protocols
Description
Thursday, 21 July 2016, 13:00-13:45, Potsdam I
Description: The threats to our networks and ecosystems are continuously increasing in capability and frequency. Subjectivity in standards and protocol implementation are common attack methods and often quite difficult to prevent or detect. What can we do to both reduce these types of attacks yet build in future proof protections?
Standards based upon “assumed trust” will need to transition to a model of “assumed harm”. How can we establish such a paradigm shift yet maintain performance, flexibly and interoperability?
Speaker: Kevin D. Walker
Biography: Kevin D. Walker is the Security Chief Technology and Strategy Officer for Juniper’s Development and Innovation (JDI) organization. He is responsible for driving the security strategy. He provides the guidance required for JDI to conceive, develop and create momentum for industry-leading security solutions. Working closely with the Security Engineering team, Walker identifies the opportunities for improved security, growth, and innovation to deliver the scalable, reliable, and compliant security architecture needed in today’s security landscape.
Before joining Juniper, Walker was VP and Assistant Chief Information Security Officer (CISO) at Walmart.com. He has served as a Chief Information Security Officer (CISO), Chief Security Strategist and Director of Information Security across a number of notable companies including Intuit, Cisco, Symantec and VERITAS Software. With over twenty-five years in various computer science and information technology disciplines, focusing on enterprise applications, network design, and information security, Walker possesses research and engineering expertise across of range of technologies including networking protocols, securing applications at the atomic level, cryptography, and speech biometrics.
A
A
A
A
A
A
A
A
A
A
A
A
A
A
A
What
I
want
to
share
with
you
is
what
I
call
a
you
know
view
from
the
field
or
report
from
the
field.
I've
been
a
security
practitioner
for
quite
some
time
when
I
say
secured
a
traditional
cyber
security,
but
before
that,
then
there
wasn't
before
that.
I
was
deeply
involved
with
several
engineering
disciplines
and
as
many
of
us,
especially
those
of
us
over
40,
we
fell
into
networking.
We
didn't
design,
we
didn't
desire
to
go
into
networking.
A
So
for
the
context
setting
for
this
conversation,
let
me
tell
you
a
little
bit
about
myself.
I
am
I
started
to
read,
mark
twain
when
I
was
forced
to
in
Jesuit
High
School,
so
I
always
take
liberty
with
some
of
his
quotes
and
over
the
years
the
more
I've
been
involved
with
the
internet.
Truly,
the
more
I
love
my
dog
and
my
love
does
have.
It
does
have
an
IP
address
by
the
way
here's
a
chip
and
that
ship
is
more
than
just
tracking
has
all
of
her
health
records.
A
A
Ietf
is
30
years
old
and
congratulations
very
few
organizations
of
any
type
can
last
30
years,
30
years
ago,
I
had
just
completed
my
first
major
sitter
of
series
of
projects.
Let
me
give
a
little
bit
background.
My
first
job
out
of
university
was
at
Argonne
National
Laboratories
now
I
didn't
know
anything
about
nuclear
physics.
I
didn't
know
anything
about
national
battery
testing.
Labs,
I
didn't
know
anything
about
much
of
anything
except
I
could
write
good
real
time
code
and
by
real-time
it
meant
it
was
done.
A
It
was
not
done
in
real
time,
but
those
persistence
that
ran
in
real
time
and
basically
today
we
call
these
embedded
systems,
so
I'm
from
Cleveland,
Ohio,
Midwest
boy
drive
chicago,
and
I
go
to
the
labs
and
big
burly
men
with
guns
greet
me
and
I'm
thinking.
What
am
I
doing?
What
am
I
getting
into
here
and
as
a
escort
me
to
my
first
building?
A
There
are
these
very
short,
very
albino
deer
and
I'm
thinking.
Women
I
know
they
have
nuclear
stuff
here,
and
you
know
I'm
thinking
dear
and
seeing
deer
and
something's
not
correlating
and
I'm
thinking
what
am
I
getting
myself
into
and
then
I
meet
the
lab
director.
Who
was
very
gracious
and
welcome
the
newcomer
and
said
I
know
you're
thinking
about
the
deer.
Aren't
you
and
it's
not
honestly,
yes,
sir,
it
did
cross
my
mind
goes,
don't
worry,
they
were
bred.
A
So
my
first
job
was
writing
code
for
one
of
the
reactors
that
our
kind
of
had
a
time
is
called
the
tree
tree
acts
as
a
thermal
test
reactor
and
I
wrote
code
for
folks
who
are
far
far
smarter
than
I
am
in
fact
several
were
up
for
novell
for
the
Nobel
years
later,
but
it
was
like
a
Disneyland
for
nerds.
You
know
you
could
do
anything
everything
you
want.
It
was
there.
There
was
no
time
was
kind
of
an
option,
but
delivery
and
accuracy
was
critical.
A
So
I
wrote
code
for
the
treat
reactor
to
manage
to
collect
the
kilometer
which
moved
back
and
forth,
and
the
physicist
can
do
their
physics,
stuff
or
whatever,
and
they
wanted
to
make
sure
that
the
data
game
was
correct
and
it
was
all
that
kind
of
nonsense.
So
I
did
that
they
were
happy.
My
boss
was
happy
and
nothing
glowed,
so
that
was
success
and
good
times
right.
A
So
back
in
the
day,
you
know
people
play
around
in
the
middle
of
the
nuker
reactor.
How
quaint
you
know
yeah
I
guess,
then
they
decided
that
the
signs
up
so
I
cut
my
teeth
on
real
time
systems
and
part
of
that
was
making
not
only
the
analog
digital
digital
analog
conversion,
so
I
said
which
is
easy,
but
making
systems
that
weren't
meant
to
talk
to
each
other
talk
to
each
other.
That
was
my
introduction
to
networking.
A
Although
we
didn't
call
it
networking,
then
we
just
gon
control
plane
not
to
use
it
not
to
convert
not
to
be
confused
with
today's
control
playing
so
about
25
years
after
I
left
this
program
I
ran
across
one
of
the
departmental
directors
have
been
retired.
I
was
invited
to
his
retirement.
He
goes.
You
know.
Kevin
they're
still
running
this
the
reactor
with
your
code
25
years
later
now
this
is
in
western
Idaho.
A
So
if
you
ever
go
to
western
Idaho,
don't
I
would
fly
all
around
it
to
make
sure
that
you
know
Kevin's
40
year
old
code
is
still
running
there
somewhere
on
a
reactor,
but
what
I?
What
I
did
realize
was
that
I
liked
the
communications
narrative
I,
liked
that
it
was
in
at
university
I
had
instead
of
taking
a
spoken
language,
I
took
Fortran
and
APL,
and
it
qualifies
for
for
foreign
language,
which
was
hilarious,
but
I
really
enjoy
making
things
work
that
weren't
meant
to
work
together.
A
So
after
argon
I
ended
up
at
a
company
who
was
subcontracted
to
do
ddm.
If
you
remember
that
defense
data
network
in
a
mill
net
separation
and
then
I
really
got
to
understand
and
know
networking
the
hard
way
in
a
classified
environment
with
where
time
was
a
commitment
and
the
notion
of
security
was
now
introduced
to
me
at
a
very
young
as
a
very
young
engineer.
A
We
had
the
mat
s
ii,
remember
that,
but
that
was
the
first
time
that
the
apple
that
the
macintosh
gain
credibility
in
business.
So
it
was
a
big
thing
for
some
of
us
who
were
Apple
devotees
back
in
the
day
and
we
had
the
internet.
Looking
something
like
this
and,
as
I
said,
I
was
working
on.
Dd
had
just
come
off
working
on
d,
DN
yep
done
and
then
I
had
moved
to
this
little
University
on
the
East
Bay
of
the
San
Francisco
Bay
Area.
Some
of
you
may
have
heard
of
it
berkeley
yeah!
Well.
A
If
he
noticed
all
the
universities
to
the
right
are
all
east
coast,
and
then
they
threw
in
a
little
carrot
to
berkeley,
but
I
was
working
on
bsd
and
other
things.
The
sum
of
the
bsd
stack
came
my
way,
my
team's
way,
including
bind,
and
I
always
thought
that
was
a
terrible,
terrible
name
because
it
really
put
us
in
a
bind
of
where
from
where
we're
in
a
period
where
we're
making
the
transitions
from
proprietary
networks
to,
of
course,
tcp/ip
base.
But
it
was
a
learning
experience.
A
A
It
wasn't
that
we
were
so
prescient
that
we
Porton
that
we
foresaw
the
collapse
of
32-bit
address
space,
not
even
close,
but
we
were
already
going
from
2000
networks
to
30,000
networks
in
a
very
short
period
and
all
they
always
weren't
people
that
we
knew
they
always
weren't
associations
that
we
knew
we
needed
a
different
model.
So
there
are
a
group
of
us
who
kind
of
banded
together.
A
Of
course,
if
you've
been
to
Berkeley,
but
the
one
of
the
great
the
Great
artifacts
or
the
University
of
some
of
the
best
food
in
the
world,
we
call
it
gourmet
ghetto,
I.
Think
there's
a
bit
at
least
20
companies
started
on
either
on
the
Telegraph
side
or
the
the
other
side
of
campus,
but
we
would
go
and
just
collaborate
and
say:
look
what
can
we
do?
That's
different.
What
can
we
do
with
the
tools
available
or
oh
by
the
way?
We
know
how
to
write
code,
so
we
can
write
new
tools.
A
What
could
we
do
and
we
got
shot
it
down?
We
got
a
shadow
downs
quite
simply
by
the
moat
sand
castle.
Folks,
who
simply
said,
put
up
big
barriers
and
move
on.
We
don't
have
time
so
I
sure
that
with
you,
because
I
look
back
now
as
a
practitioner
wish
a
wish
that
I
had
the
the
temperament,
the
experience
and
the
voice
for
that
team,
then
to
have
stood
up
and
say
no.
We
need
to
do
this.
A
The
right
way
now
now
fast
forward,
I'm
going
to
close
out
a
little
bit
about
me,
and
that
is
the
last
18
years.
I've
been
solely
focused
on
cybersecurity
and
including
multiple
see
so
rolls
and
a
few
startups
successful
startups.
Frankly
to
which
is
it's
a
benefit
to
excuse
me,
but
what
I
want
to
share
with
you
are
some
of
the
pitfalls
challenges
that
we
all
face.
Those
who
are
designing
the
internets
I
said
plural
intentionally
and
those
who
are
operating
the
internet,
Internet's.
A
1986
also
was
a
time
where
things
that
weren't
so
pleasant
happened
to
noble
by
the
waiter
number.
Wasn't
the
first
run
away?
We
all
know
that,
but
it
was
one
of
the
largest,
in
fact,
for
those
who
are
interested,
the
first
meltdown
uncontrolled
meltdown
was
actually
at
argonne
in
55
and
of
course
we
had
the
Challenger.
A
A
That's
what
I'm
gonna
pause
for
that
for
now.
So
after
18
years
of
running
security
teams,
just
prior
to
joining
Jennifer,
which
was
eight
months
ago,
I
was
a
seesaw
walmart.com
for
those
in
Great
Britain,
as
as
de
permanently
attacked,
I
had
the
situation
where
customers,
200
million
customers,
came
to
me
already
compromised,
but
want
to
buy
things.
That's
the
real
world,
that's
amazon,
that's
us
I
mean
then
sorry
Freudian
slip.
A
That's
a
companies
who
have
to
take
financial
instruments
with
a
username
and
a
password
and
then
oh
by
the
way,
I,
don't
care
how
strong
your
password
is.
It
doesn't
matter
when
the
key
when
the
keystroke
logger
has
been
on
your
computer
for
the
last
two
years.
I
would
get
data
dumps
from
the
dark
web
purveyors
and
it
would
start
with
a
thousand
credentials
a
week
than
2000
until
hit
a
crescendo
of
250,000
unique
credentials
in
a
week
of
my
customers
and
oh
by
the
way
they
have
some
great
passwords
in
there
extremely
good.
A
In
fact,
I
use
one
of
them
now
that
so
good,
but
they
were
compromised,
so
it
doesn't
matter.
So
how
do
you
actually
conduct
commerce
when
your
customers
coming
to
you
and
you
have
to
determine
whether
whether
she's
real
or
not?
Well,
clearly,
you
have
to
use
other
analytic
tools
to
determine
the
buying
behavior
patterns,
all
kind
of
good
stuff
and
oh
by
the
way.
Geolocation
is
not
one
of
them
it's
irrelevant,
but
whether
or
not
you
go
directly
to
the
electronics
section
by
five
iPads
as
a
hint.
A
So
after
practicing
this
wonderful
fun
and
you
know
low
taxing
occupation
for
18
years,
we
figure.
What
can
we
do
to
change
the
internet?
So
I
did
what
anyone
with
a
modicum
of
intelligence
would
do
an
SI
ask
Siri
so
as
Siri
how
to
improve
the
interest
of
the
internet
for
security.
You
know
you
can
see
some
of
our
answers
there.
Wasn't
it
really
that
helpful?
A
So
if
you
know
Siri,
you
know
that
is
some.
It's
like
Google
search.
You
have
to
ask
the
Crescent
question
the
right
way,
so
I
try
it
again
and
that
much
help
so
I
figured.
You
know
what
better
place
to
go
to
ask
these
questions
then
IETF.
So
here
I
am
so
a
little
bit
of
quick,
quick
run
out
of
history.
Many
of
us
in
a
room
have
been
there,
but
some
of
us
have
not
or
may
have
intentionally
forgotten
the
in
1986
with
the
year
in
tight
eff.
A
It's
easy
I
mean
this
is
a
trick
question.
Why?
But
I
think
we
all
know
the
polluted
area.
It
was
kind
of
their
we're,
not
quite
there,
and
we
all
we
all,
knew
all
2,000
of
the
sites,
but
in
88
we
had
the
person.
Of
course
that's
the
Moores
worm.
I
was
a
cow
still
at
a
research
team
and
we
got
slammed
with
the
Morris
worm.
It
was
more
like
him
or
slug,
but
but
our
machines
were
slow,
so
worm
was
fast
enough,
but
what
that
did
was
that
raise
the
consciousness
of?
Oh,
my
god.
A
We
really
have
to
do
something
because
I'm,
not
in
control
of
my
assets,
I
had
I
was
between
the
BSD
team
and
the
ACS
which
the
academic
computing
center
team,
so
the
academic
side
I,
had
professors
and
in
true
Nobel
laureates
screaming
at
me.
From
from
Switzerland
and
from
all
parts
of
Europe
saying,
I
can't
get
to
my
system,
I
can't
get
to
my
system
I'm,
giving
a
presentation
or
whatever
it's
like
due
til
before
we
said
dude
chill.
I
said
we
don't
know.
What's
going
on.
A
That
was
wake
up
moment
for
me
and
my
team,
especially
the
folks
who
were
riding
a
lot
of
the
code
that
people
were
relying
on.
We
didn't
know
what
was
going
on.
We
didn't
have
the
wherewithal
and
the
tools
at
the
time
to
determine
it.
So
if
you
read
the
Cuckoo's
Nest
noclip
stolen
all
that
kind
of
stuff,
you
know
me
anybody
who
had
spent
as
much
time
as
cliff
to
hit
going
through
his
phone
records
probably
needs
a
life,
but
we
were
trying
to
figure
out
what
was
going
on
in
real
time
and
I'm.
A
Gonna
tell
you.
This
was
an
eye-opening
experience
and
one
I
don't
want
I,
don't
want
to
repeat,
because
we
no
one
knew,
and
I
underscore
that
the
NSF
folks
didn't
know
we
had
context
of
IBM.
They
didn't
know.
Nobody
really
knew
on
the
first
day
when
it
was
started,
but
I
bring
this
up
because
since
then,
of
course
the
attacks
have
gotten
far
more
sophisticated,
far
more
targeted
and
far
more
effective.
A
So
2016
don't
even
worry
about
counting
it's
just
insane.
You
can
spend
their
companies
built
on
trying
to
calculate
how
much
of
the
impact
there
is
no
internet
from
at
AXA
silly.
It's
a
specious,
a
specious
serif
of
descriptors
for
my
perspective,
because
it
doesn't
matter
the
real
number
that
matters
is
how
many
are
breaches
of
significance
and
the
best
estimates
are
around
about
one
a
week
of
a
significant
breach,
not
and
I,
say
this
with
authority.
A
A
So,
on
the
malware
side,
things
are
a
little
different
because,
frankly,
if
you
pay
me
to
break
in
and
oh
by
the
way,
I
used
to
do
that
as
well,
we
we
didn't
use
the
term
white
hat
hacking
at
hated
that
term,
but
we
were
favorable
hackers
and
I
almost
always
got
in
layer
7.
In
fact,
we'd
never
not
got
in.
A
There
are
a
few
times
we
got
in
through
the
plumbing
by
bit,
by
virtue
of
looking
at
change
control,
for
example,
and
in
fact
we
could,
through
our
reconnaissance
we
can
tell
most
companies,
we
actually
had
a
log
now
the
bad
guys
in
the
dark
net
cellet
of
when
companies
have
their
change,
control,
JPMorgan
Chase,
for
example,
the
story
name
out
there.
It's
not
necessary
them
tuesday,
at
7pm.
We
knew
it
so
tuesday
about
10pm
is
when
we
try
our
pens,
because
guess
what?
A
Typically,
through
a
change
control
window
mistakes
are
made.
So
that
was
that
was
just
the
right
time
for
fishing
right.
So
we
did
that
and
so
layer
7
now.
Having
said
that,
when
people
make
mistakes
on
changes
and
change,
controls
is
usually
was,
it
was
either
a
deprecated
or
an
older
release,
for
example,
good
one
who's,
always
first
thing
we
do
every
one
does
right,
go
for
SNMP
and
DNS.
You
just
go
right,
for
that
is
easy.
It's
like
the
you
know,
the
slope
gazelle
and
when
they,
when
they
made
a
mistake,
BAM
wear
em.
A
They
won't
know
it
we're
sitting
there.
It
was
just
very,
very
common,
fast
forward
today,
it's
a
lot
harder
because
so
much
is
also
being
done
in
the
cloud
I'm
going
to
talk
about
that
later,
but
the
cloud
actually
is
a
really
great
buffer
from
a
security
perspective,
a
very
great
buffer
makes
it
a
lot
harder,
not
impossible.
So
in
1986
there
were
six
confirmed
well
known
viruses,
because
what
happened
was
the
folks
who
were
actually
collecting
the
viruses
from
first
of
all
were
doing
sneakernet
does
the
only
way
of
really
doing
it.
A
It
was
very
difficult
to
transfer
viruses
other
than
physical
media
and
the
virus.
Writers
were
basically
academics
anyway,
so
it
wasn't
it.
The
landscape
was
in
a
bed.
You
know
you
had
John
McAfee
and
peter
norton
running
around
in
their
vans
and
in
san
jose
literally
driving
on
their
vans,
a
pickup.
You
know
pick
up
virus
samples,
so
was
it
was
a
much
easier
time
well
today,
they're
well,
over
a
million
a
day.
A
The
asterisk
is
that
these
are
almost
all
variants.
When
you
talk
to
the
trans,
mcafee
semantics
and
like
they'll,
tell
you,
and
so
folks
they'll
tell
you
that
it's
not
a
lot
uniqueness.
There
put
us
enough
of
a
spin
just
so
call
it
a
problem,
and
this
is
today's
through
threat
level,
we're
always
at
orange
I,
don't
know
why
they
were
bothered,
it's
always
there,
but
we
had
a.
We
had
a
time
when
it
was
easy
to
identify
and
and
prevent
malware.
Av
is
dead.
A
It
doesn't
know
it
yet
it's
dying
under
its
own
demise
from
having
to
maintain
30
years
of
history,
because
all
I
do
isn't
need
is
an
attacker
is
to
go
back
to
an
old
problem,
an
old
CVE
right-
and
that
happens
all
the
time
because
we're
all
we're
all
focused
on
the
latest
and
greatest.
But
we
forget
about
what
the
CVE
one,
which
still
exists,
is
there,
so
AV
is
dying
and
it's
dying,
a
slow
death.
A
It's
no
longer
site
to
face
meant
taking
over
with
some
exception,
especially
around
the
activist
on
political
activism,
but
now
we're
talking
about
changing
records,
changing
records
in
the
financial
community,
to
put
your
thumb
on
the
scale
for
euro
two-dollar
transfer
rates.
It's
talking
about
modifying
health
records
to
intentionally
harm
an
individual
or
hospital
we're
talking
about
taking
over
hvac
systems,
we're
talking
about
water,
filtration
systems,
we're
talking
about
the
things
that
can
hurt
people
or
kill
people.
This
is
reality.
This
is
reality
cause
less
about
of
the
financial
impact
which
we
all
hear
about.
A
We
hear
about
this
all
the
time
about
taking
your
credit
cards
by
the
way
the
credit
card
value
has
been
dropping
precipitously
over
the
years.
Your
credentials
are
the
coin
in
the
round
right
now
in
the
dark
net.
So
the
financial
impact
is
interesting.
It's
important,
but
those
who
want
to
cause
harm
by
leveraging
the
internet
itself
can
cause
death
and
destruction.
A
Remember
the
Challenger
and
remember
Chernobyl.
Well,
the
nuclear
sites,
of
course,
are
air-gapped.
I,
don't
know
I'm
not
involved
anymore,
but
what
I
hear
is
that
there
there's
a
pause
and
they
said.
Yes,
we're
air-gapped,
but
still
they
still
use,
of
course,
up
tcp/ip
throughout,
so
somebody
who
can
jump
the
fence
or
under
or
interject
who
knows,
is
scary
to
me
as
a
practitioner
as
someone
who's
been
involved
in
that
space.
It's
a
little
scary
to
me
on
the
on
the
side
with
like,
like
the
sorry
aviation
that
necessary
the
Challenger
I'm,
very
scared.
A
A
Unfortunately,
someone
did
die
now
that
person,
probably
shouldn't
have,
should
have
been
taking
paying
more
attention
to
what
I
understand
without
clearing
in
on
the
details,
but
the
fact
of
having
cars
being
taken,
if
we
have
has
been
demonstrated
time
and
time
and
time
again,
a
targeted
attack
by
on
the
vehicle
is
going
to
happen,
unfortunately,
is
going
to
happen,
and
that
scares
me
as
a
practitioner,
because
what
can
we
do?
That's
better
so
that
it
can't
happen,
or
it's
extraordinarily
rare
to
for
the
type
of
attack.
A
2010
was
a
pivotal
year.
A
lot
of
things
happen
on
the
malware
and
the
attacks
seen
project
Aurora.
If
you
had
not
heard
of
it,
that
was
a
very
widespread,
very
likely
nation-state
attack,
but
it
it
doesn't
matter
who
did
it?
It
happened.
Code
was
expunged,
I
mean
was
I'm,
sorry
was
removed
from
a
lot
of
companies,
but
a
reason
when
I
bring
up
a
roar
in
particular
is
because
five
years
prior,
that
exact
same
attack
happened
to
me
and
a
couple
of
other
companies,
but
we
didn't
share,
we
could
have
prevented
it.
A
Had
there
been
mechanism
to
make
some
of
these
changes,
it
didn't
happen.
So
we're
came
back
five
years
later
fall
are
more
effective.
We
also
had
a
couple
of
we
had
Stuxnet
right.
Well,
Stuxnet
forever
change
the
game.
We
also
had
a
choux
Mon.
If
you
don't
remember
to
remember
that
Chamoun
I'm.
Sorry,
if
you
remember
that
as
well,
both
illusion
around
2010
the
reason
why
they
were
so
impactful
because
now
they're
showing
that
I
can
do
destruction
on
equipment.
A
Over
the
internet,
ok,
ok,
the
genies
out
of
the
bottle.
Now
it's
not
going
back.
No,
she
moon
was
kind
of
cool
because
it
just
destroyed.
30,000
pcs,
which
was
interesting,
I
mean
it
was
a
rumor
that
Dell
did
it,
but
it's
just
a
rumor,
but
it
forever
changed
the
face
of
these
attackers
because
some
are
politically
motivated.
Some
are
financially
motivated
and
some
are
just
motivated,
but
the
fact
is
they
can
actually
cause
harm,
shut
down,
refineries
shut
down,
hospitals,
things
are
changing.
A
On
the
network
side,
everybody
take
deep
breaths,
not
a
lot
going
on
there.
Why
I
think
we
all
know
the
answer,
we're
fairly
resilient
right.
Pedido
still
does
work
and
the
reason
why
I
works
is
because
it
works.
It's
you
know,
remember
the
first
time,
I
140
gig
attack,
I'm,
going
wow
I,
don't
have
141
k
pipe,
so
I'm
in
trouble.
Right
and
I
talked
to
my
peers
and
say:
how
do
you
guys
defend
against
ddos
attacks?
A
Add
more
pipes?
Well,
things
are
changing.
We
have
other
mitigation
strategies,
we
have
the
cloud
many
organizations,
especially
fortune
100
companies,
are
pushing,
as
you
well
know,
they're
pushing
their
the
term
points
into
the
into
the
cloud,
and
you
know
like
a
like
an
Akamai
with
kona
and
all
that
good
stuff.
It
works,
it's
not
the
ideal,
but
it
works.
So
50
50
GS,
are
still
fairly
prevalent.
There's
a
26
20
claimed
we
know
of
a
510
feel
successful.
We
believe
is
a
620
clothes
cleaned.
A
But
the
point,
though,
is
a
lot
of
times
the
DDoS
attack
director,
aru's
and
and
the
reason
why
I
brought
this
point
up
was
because
actually
again
happened
to
me
where,
where
everyone
is
scrambling
suited
body
left
to
focus
on
the
DDoS
attack,
when
we
realized,
we
were
actually
already
being
just
snarfed
like
crazy,
so
it
does
still
occur
if
the
efficacy
from
the
from
the
attackers
perspective
is
not
there.
If
I'm
an
attacker
I
want
your
content.
Who
cares
I'm
going
to
take
your
site
down?
I
don't
care
about
that.
A
A
This
is
nothing
that
you
can
necessarily
address
from
IETF
perspective.
The
masterís
I
believe
there
are
some
we'll
talk
about
some
suggestions
that
I
have,
but
the
need
for
companies
to
do
a
better
job
is
acute
and
there
are
reasons
why
we
don't,
for
example,
the
ask
a
CIO
how
many
application
she
has
in
her
portfolio
well
over
a
thousand
some
20
22
years
old,
and
you
know
it's
just
not
easy
to
refresh
that
so
they're
a
lot
of
their
their
mitigating
rationale.
A
For
some
of
the
hygiene
proper,
the
hygiene
problem
is
the
biggest
one,
because
again
it's
an
attacker.
That's
how
I
get
in
poor
designs,
poor
procedures
and
horrific
coding
again,
that's
how
I
get
in
automation
is
something
we
talk
a
lot
about
on
the
operation
site
and
do
very
very
little
about
it,
but
the
one
of
reasons
why
we
don't
do
a
lot
of
more
automation
is
because
it's
hard,
it's
extremely
hard
and
we're
doing
automation
on
systems
that
weren't
designed
to
be
automated.
A
A
The
complexity
dialogue
is
one
that
we
know
we
have
to
address,
but
I
don't
hear
answers
of
how
to
address
it.
If
you
look
at
a
typical
organization,
4535
to
70,000
compute
elements,
physical,
we
go
to
virtual,
yet
probably
an
order
of
with
several
thousand
routers
and
switches
right
and
firewalls,
several
thousand
many
many
thousand
and
then
ill
by
the
way
that
a
thousand
plus
applications
of
the
CIO
is
struggling
with.
Ask
anyone
what's
going
on
that's
a
problem
from
a
cyber
security
perspective.
This
acute.
A
A
The
average
fortune
500
company
has
somewhere
in
order
40
different
products,
count
them
40
different
products,
and
so
what
I
asked
my
last
two
teams
to
do
was
tell
me
where
you
spend
your
time,
not
that
I'm
micromanage
I
just
want
to
know,
and
we
came
up
with
forty
two
percent
of
the
time
in
my
last
org
was
managing
the
management
plane.
That's
Karen
feeding
patches
updates
tuning,
it's
insane
totally
insane,
but
yet
that's
what
so
many
organizations
are
doing.
A
It's
a
roller
coaster
ride
that
we
got
to
get
off
of
so
one
of
the
things
I
did.
It
was
I
pick
an
arbitrary
number.
I
said:
okay
I'll,
tell
you
why
we're
going
to
go
from
X
was
42
from
42
products
to
10
and
Miley.
Archit
is
a
white
10,
Kevin
I
said
well,
because
I
can
count
to
10
easily
I
can
manage
that
I
can
manage
this
company's.
So
that's
where
I
often
cite
full
Zimmerman.
A
A
The
consumers
want
ease,
which
is
why
I'm
back
to
my
you
know,
username
password
for
buying
lots
of
lots
of
stuff
online.
They
don't
wanna
change
it,
they
won't,
they
won't
use,
ot,
ot,
peas
or
anything
this
okay,
we
work
around
it.
The
designers,
the
administrators
and
the
attackers
hoped
you
see
a
theme
coming
on
here
and
we're
stuck
with
okay
I
tell
you
what
I'm
gonna
I'm
going
to
help
you
the
certificate
for
this
site
by
the
way
this
is
made
up
its,
not
real
Jennifer,
but
it's
made
up
is
not
trusted.
Okay,.
A
This
is
not
going
to
go
away
from
the
user
community.
It's
not!
Let's.
Let's
understand
that.
We
have
to
understand
that
someone
decided
to
throw
this
up.
It's
a
warning
to
the
user
that
hey,
you
may
not
want
to
do
this
and
there's
whatever
I
got
to
get
over
there.
This
is
what
we
are
dealing
with
and
we're
dealing
with
it
at
a
very,
very
large
scale.
We.
B
A
Change
a
paradigm,
we
really
fundamental
paradigm,
and
this
is
the
beginning,
my
ask
of
IETF,
so
we've
been
working
in
a
world
for
almost
40
years
now
of
assume
trust
right.
If
you,
if
you
give
me
if
you
can
shake
my
hand
in
the
proper
way
in
a
nutso
secret
way,
we're
good
come
on
in
well,
we
have
to
start
to
change
that
I.
A
Think
you
know,
DNS
SEC
is
on
the
right
direction.
Why
the
adoption
isn't
higher
I
have
no
idea
I.
Just
really
don't
understand
that
1i
scratching
my
head,
like
all
the
time
on
this
one's
like
well,
we
know
they
have
a
really
good
solution.
Why
we're
using
go
ahead?
Please
I'm!
Sorry,
you
read
the
slide
exactly
and
that's
exactly
the
challenge
we
have.
We
have
to
get
past
that
we
collectively
that's
me
on
the
user,
unity
and
you
on
the
design
community.
We
have
to
do
a
better
job,
because
this
is
not
sustainable.
A
A
Convenience,
so
let's
talk
about
convenience
since
we're
here
who
is
the
one
is
inconvenienced
the
designer
the
implementer
or
the
or
the
or
the
consumer
consumer
being
in
this
case,
I'm?
Sorry,
no
wrong
answer!
All
of
us
should
be
in
Keynesian
that
we're
the
ones
who
have
to
deal
with
it
right,
we're
the
ones
would
have
to
implement
and
oh
by
the
way,
add
more
stuff
to
to
circumvent
the
weaknesses
back
to
my
42
different
security
services
that
is
not
sustainable.
A
We
have
to
inconvenience
everyone
a
little
bit
we're
all
in
this
together,
all
three
all
three
organizations
or
three
groups,
so
I
think
one
of
the
things
is
to
consider
in
any
new
design,
reputation.
I
am
a
tremendous
believer
in
crowdsourcing.
It
works
it's
hard
to
put
your
thumb
on
the
scale
and
crowdsourcing
people
may
be
wrong
in
a
crowd
right.
We
see
this
all
the
time
in
elections.
Right
people
can
be
wrong
in
a
crowd,
but
that's
okay,
because
you
have
a
now.
A
A
One
of
the
things
we
don't
do,
as
we
all
know,
is
that
we
don't
we
don't
associate
affirmative
Lee,
with
the
exception
of
sec
d,
&
ashes
example:
I
mean
Deena.
Second,
so
I
like
it
that's
a
great
model
to
use.
Yes,
it's
hard,
yes
circuit
I
mean
so
certificates
and
pti
it
hard
and
as
and
clearly
it's
not
a
panacea.
A
One
of
the
that
was
a
semantic
we
were
going
to
know.
We
were
in
the
PGI
business
and
you
know
we
all
know
if
you've
been
to
a
signing
ceremony
with
your
hood
and
everything
right,
it's
kind
of
cool,
it's
difficult,
it's
difficult
to
manage
it's
difficult
to
manage
when,
when
individuals
leave
your
company,
who
are
part
of
the
signing
right,
this
is
hard.
This
is
very
hard,
but
we
have
to
stand
up
and
take
that
challenge.
I.
A
This
is
the
one
that
troubles
me
the
most.
On
the
implementer
side,
I
have
three
implementations
of
SNMP,
one
that
meets
the
letter
in
a
spirit
of
the
RFC
one
that
meets
the
letter.
When
is
the
spirit
guess
which
two
I'm
going
to
tack
and
guess
which
two
I
probably
will
get
in?
We
have
to
reduce
that
ambiguity.
Now.
I
say
this
from
a
different
perspective:
I
came
from
a
nancy
world.
A
I
was
on
to
answer
committees
and,
as
we
all
know,
you
can
make
your
entire
career
used
to
Anansie
because
of
the
the
longevity
in
the
long
pole,
I
mean
start
the
long
tail
of
give
me
a
ratification
and
implementation,
but
at
the
end
there
was
a
very
little
room
for
ambiguity.
There
was
some
of
course,
because
why
humans
are
still
involved,
but
we
need
to
address
this
problem
because,
as
a
practitioner
I
see
variations
all
over
the
place
and
some
of
those
variations
are
well
known.
A
A
That's
what's
happening.
This
is
not
new
news.
I'm
sorry!
This
is
not
news
breaking.
This
is
what's
happening.
If
we,
if
we
design
with
the
assumption
of
ill
intent,
we
won't
be
perfect
but,
as
full
Zimmerman
said,
we'll
be
pretty
good.
This
is
a
change
in
paradigm.
As
a
practitioner
I'm
asking
this
consideration.
A
Automation
is
going
to
help
us
collectively
in
profound
ways:
I
had
a
rule
for
what
a
mite
for
a
couple.
My
team's
is
that
if
you
did
any
activity
more
than
twice
a
week,
it
was
subject
to
automation,
didn't
mean
you
have
to
automate
it,
but
consider
it
and
again
it
remarkable
when
folks
spent
the
time
the
inconvenience
to
write
either
the
scripts
or
the
tool
to
help
them
automate.
It
paid
itself
back
time
after
time
after
time.
A
Federation
is
something
that
we
we
don't
talk
about
a
lot
when
I
mean
Federation
my
time,
identity
necessarily
but
just
Federation
in
a
sense
that
my
domain,
especially
I'm,
a
large
organization
I,
have
the
wherewithal
to
manage
what
kind
of
what
we're
doing
right.
Let
us
do
that,
and
so
that
we
can
do
that
from
everything
from
authentication
authorization
lookups
are
cashing,
could
be
a
control
and
vetted
caching,
for
example,
let's
assume
that
that
Federation
capabilities
are
it's
not
there
for
everybody
and
won't
be,
but
for
large
organizations
it
certainly
can
be
and
virtualization.
A
Of
course,
we
all
know
this
is
nothing
new,
but
assume
that's
committed
to
fall
if
I'm,
if
I'm
building
anything
today,
it's
starting
with
with
virtualization
now
there
and
the
network
itself
has
to
be
part
of
the
solution.
It
does
so
for
all
the
network
practitioners.
We
have
to
be
part
of
the
solution
and
not
and
not
a
innocent
bystander.
It's
almost
like
this
smart
highway
and
we
have
to
be
part
of
the
solution.
A
So
if
we
don't
do
this
right,
when
that
intelligent
vehicle
is
a
targeted
attack
and
someone
dies,
we
will
see
far
more
legislation
which
gives
us
less
flexibility
to
do
the
things
that
we
believe
are
right.
I'm
not
saying
this
as
a
observer,
I've
been
very
active
on
the
hill
I've
been
brought
in
many
times
to
talk
to
Congress's
Senate
in
the
US
in
the
EU
in
Brussels,
about
pending
legislation
and
the
impact
well
look.
This
is
this
is
real.
There
are
some
terrible
legislations
that
are
already
in
place
to
to
date.
A
That's
the
next
generation
they're
going
to
tell
us
how
to
do
our
work
by
laws
and,
of
course,
that's
something
we
don't
want,
but
if
we
now
then
pause
there
for
a
quick
second,
because
in
the
US
there's
an
experienced
executive
order
in
2012,
the
president
said:
Val,
shell
6
share
intelligence
with
the
private
sector
didn't
happen.
Four
years
later,
three
years
later,
a
law
came
out,
see
is
a
in
the
u.s.
A
basically
said
the
same
thing,
but
who
to
share
with
was
always
the
problem,
because,
if
you're
a
vertical
like
a
financial
industries
and
like
fine
you've
been
doing
it
for
years,
but
if
you're,
not
who
d
shared
with
right
getting
so
now,
there's
a
statute
that
says
now
you
have
to
share.
You
have
to
consume
it
and
there's
no
vehicle
to
do
it.
So
this
is
this
the
artifact
of
poor
artifact
of
laws
and
way
to
be
careful
with,
and
if
we
do
our
job
right,
we
can
help
to
circumvent
some
of
this.
A
C
Lynn
in
an
earlier
century,
something
like
the
launch
of
sputnik
really
changed.
You
know
the
education
system
in
the
United
States,
and
a
lot
of
us
are
sort
of
the
product
of
that
at
least
those
of
us
with
gray
hair.
It
seems
to
me
that
you
know
what
you're
sort
of
implying
is.
We
really
need
to
do
things
a
lot
differently.
We
need
to
change
the
way
we
educate
computer
science,
students
who
exactly
is
going
to
make
that
clarion
call
and
who's
going
to
set.
You
know
the
agenda
that.
A
Is
a
very,
very
good
question?
I
too,
even
though
I
don't
have
gray
hair
yet
if
I
had
a
beard
it
would
be.
I
was
a
student
of
the
60s
and
there
we
do
need
that
clearing
call
I,
don't
I,
don't
know
I'm
very
involved
in
stem.
Are
my
company
is
very
involved
with
stem,
but
maybe
it's
as
an
example
where
an
ietf
cannot
reach
you
know,
I,
don't
know
I,
don't
I
wish
I
had
the
answer
that,
but
that's
the
first
step
in
the
12-step
program.
Is
this
even
acknowledging.
A
We
have
a
problem
and
I
I
intentionally
try
to
scare
people
and
I
don't
use
that
they
usually
don't
with
cybersecurity.
But
what
I'm
starting
to
see
now
and
starting
to
see
things
that
are,
people
can
die,
I
get
nervous
and
we
collectively
are
part
of
that.
So
I
suggest
maybe
the
outreach
for
my
a
tip
I,
don't
again
I'm
an
interloper.
I
just
happen
to
drop
in
and
and
hopefully
share.
Some
words
with
you,
but
we
have
to
do
something.
A
Stem
is
very,
is
a
very
in
thing
right
now
it
might
be
the
right
vehicle.
I
will
tell
you
coming
from
academia:
the
teaching
of
computer
science
is
woefully
on
it's
just
it's
just
ridiculous
still
is
people
are
focusing
on,
pin,
testing
and
breaking
things,
not
designing
things
to
be
resilient
from
a
security
attack,
and
we
have
to
change
that
as
well.
But
I
hear
you
loud
and
clear
again,
the
IETF
and
if
I
can
help
I'm
more
than
happy
to
help
with
that,
sir.
D
Os
vulnerabilities,
you
guys
had
used
dual
EC
in
your
in
the
screen,
OS
devices
and
with
with
with
a
custom
cue
so
that
when
the
dual
EC
vulnerability
was
announced
and
made,
it
made
quite
clear,
I
believe
your
response
was
it's
okay.
We
use,
we
use
our
own
cue.
So
my
question
for
you
was
well
I.
Guess
it's
sort
of
a
two-part
thing,
but
why
did
you
choose
to
use
dual
EC
drbg
when
it
was
slower
than
the
other,
our
energies
in
the
first
place,
and
to
how
did
you
generate
your
own
cue?
A
A
You
can
debate
rewinding
the
art,
the
RNG
discussion
at
that
time,
I
wasn't
with
juniper,
but
I
was
implementing
ECC
and
we
were
debating
works
ourselves.
How
to
do
it
right?
Nobody
knew
the
proper
way
then,
when
this
was
originally
done,
so
I'm
gonna
leave
it
with
that,
and
and
and
kindly
ask
that
you
review
the
FAQ
I
believe
it
may
have
been
refreshed,
I'm,
not
so
sure,
but
okay.
D
A
I
hear
you
and
I
really
I
really,
and
I'm
not
I'm
not
saying
this
to
to
to
kind
of
shortcut
the
answer,
but
I
do
appreciate
the
question.
It's
a
valid
question,
but
I
believe
we've
answered
with
the
exception
of
the
source
control
access,
which
we
do
forget
for
certain
parties
under
NDA
and
licensing
I.
Think
we've
aunt
I
think
we've
answered
that,
but
remember
this
was
also
screen
OS
product
which
yes,
people
are
still
using.
It
was
a
completely
different
Prada
than
we
do
for
Jews
completely
different.
Ok,
any
questions,
yes,.
E
So
my
name
is
Jim
Galvin
and
I.
Something
just
occurred
to
me
and
listening
to
the
last
question
because
he
asked
you
about,
you
know:
how
did
you
the
presumption
was
that
trust
in
juniper
would
have
gone
down
result
of
the
incident,
and
so
what
are
you
doing
to
bring
it
back
up
and
actually
I
want
to
want
to
challenge
the
assertion
that
that's
what
happened
because
I
think
what
would
you
say?
E
I
mean
I
get
out
of
a
lot
of
which
you
said
and
something
that
I've
always
felt
about
security
and
security
incidents
is
the
fundamental
problem.
Is
the
fact
that
people
really
don't
seem
to
care
I
mean
not
enough
people
or
not
the
right
people
care.
So
did
your
trusted
trusted
juniper
go
down?
Maybe
there
was
a
you
know,
tiny
little
blip
for
a
moment
among
people
who
are
practitioners
but
in
reality
is
a
practical
matter
who
noticed
and
who
really
cared.
E
A
Know
I
hear
it's
not
so
much
and
that's
a
former
complacency
I
think
it's
kind.
What
you're,
addressing
it
and
I'd
say
no
I
think
the
practitioners
we
had
without
a
doubt
our
biggest
response
was.
You
were
quick
to
respond,
you're,
open
and
transparent
as
much
as
you
can
be
on
this
problem
anywhere
in
your
corrected
it
right.
So
if
there
was
a
blip,
I
think
it
was
restored.
In
fact,
to
a
customer
that
was
there's
been
their
response
and
that's
because
they're
being
nice,
they
were
dishonest
because
it
does
happen.
It's
not.
A
This
is
not
unique
to
jennifer.
We
all
know
this.
This
purchase
a
issue,
I
think,
is
less
about
lack
of
interest.
Then
that's
the
way
of
the
world.
How
many?
How
many
updates
do
we
get
across
our
portfolio
each
week?
It
used
to
be
a
lot.
You
know,
patch
tuesday
was
ok,
I'm
going
on
vacation,
Monday
night
right,
there's
nowhere
to
be
around
on
patch
tuesday.
It's
gotten
better,
but
we
also
have
a
lot
more
in
our
in
our
in
our
inventory,
so
we're
always
constantly
passion.
A
F
A
Know
Tobias,
correct,
I
appreciate
the
question
two
quick
answers.
One
is
my
expectation,
my
ask
not
expectation
for
my
ask
of
ietf
and
the
by
the
centralized,
if
I
have
the
same
conversations
with
the
open
source
communities
to
is
think
differently
to
to
abuse
apple
right.
Think
different
when
you
design
assuming
harm
as
a
starting
principle,
can
go
a
long
way
we'll
find
out.
It's
the
other
question
earlier
question
with
regard
to
what
do
we
do
with
training?
A
The
next
generation
is
if
they
come
out
of
school
thing
this
way,
can
you
imagine
the
next,
the
next
generation
of
protocols
completely
different
right?
That's
my
ask
evaluative
to
think
a
little
differently
right
and
I
was
somewhat
prescriptive
of
what
I'm
asking
for
as
a
practitioner,
but
at
the
end
of
the
day
we
have
what
we
have.
You
know.
What
we
have
is
what
we
have
for
now.
A
If
you
think
about
30
years
is
a
long
time
think
about
a
car
in
1986
in
the
car
in
2016.
Think
about
the
Internet
in
two
thousand,
I'm
in
1986
and
2016.
The
big
difference
is
just
scale
frankly,
but
cars
are
radically
different.
They're,
smarter
they're
quicker,
they're
safer.
We
have
to
think
different
and
oh
by
the
way,
when
you
talk
to
the
car
folks,
they
came
in
at
kicking
a
screening.
A
They
did
not
because
why
what
they
were
building
was
fine,
they
sold
they
made
money,
but
when
people
start
dying
being
started
to
change,
so
I'm
asked
my
ask
of
ietf
us
to
think
different.
Any
new
protocol,
especially
one
that
has
ramifications
for
broad
ramifications,
consider
some
of
the
pre
scripts
that
I
had
suggested.
That's
all
I.
Thank
you.
Thank.