- From: Nicolas Mailhot <nicolas.mailhot@laposte.net>
- Date: Thu, 14 Nov 2013 12:16:38 +0100
- To: "Stephen Farrell" <stephen.farrell@cs.tcd.ie>
- Cc: "Willy Tarreau" <w@1wt.eu>, "William Chan (?????????)" <willchan@chromium.org>, "Adrien de Croy" <adrien@qbik.com>, "Mike Belshe" <mike@belshe.com>, "Tao Effect" <contact@taoeffect.com>, "Tim Bray" <tbray@textuality.com>, "James M Snell" <jasnell@gmail.com>, "Mark Nottingham" <mnot@mnot.net>, "HTTP Working Group" <ietf-http-wg@w3.org>
Le Jeu 14 novembre 2013 02:37, Stephen Farrell a écrit : > PS: "Supposed" above is I think fair for most of the > "requirements" claimed in this space. There is some > validity to realtime inbound malware scanning but > the rest seems like nonsense. What's the nonsense about filtering video platforms if you don't want to pay for the bandwidth and your user jobs do not include looking videos on youtube? Or filtering all the web services that enable to tunnel pretty much any protocol on http to bypass the firewalls that were set up to protect your internal equipments? > I do wonder why people > who pay for those products don't realise this;-) Because the costs of a security incident, or of users massively using the web as an entertainment platform like at home, dwarf both the costs of setting up control equipments or trying to educate users any other way? How many users does it take in an organisation before they get out of control and IT support is reduced to an helldesk? Not a lot I can tell you (except if you're lucky enough when all your users are IT professionals and even then it won't be an home run). -- Nicolas Mailhot
Received on Thursday, 14 November 2013 11:17:08 UTC