Is Open-Net Possible?
Andy Abramson posted an interesting idea: getting companies to create a separate, open network. That isn’t to say open their entire network, but create a segment where “anything goes” that a guest could use. Alec Saunders and Ken Camp both weighed in on the topic, and they both raise imporant points.
While I am in agreement that this idea is great–in theory–the reality is that implementing this idea will be nearly impossible to do in a way that would make the paranoid bastard security administrators and lawyers happy. While I could go and on with my reasons why not, let me choose three:
- Public IP Addresses are scarse: Overall, they are not, but a company may not have all that many public IP addresses available to it. They would have to allocate a chunk of those addresses for “open net” purposes. After all, NAT impedes network access as well, and in the open net model, NAT would have to go. Okay, I don’t know if Andy was thinking about NAT when he proposed this, but for truly unfettered access, NAT has to go.
- What’s To Prevent Non-Guests From Using: As a nearly full-time telecommuter, I am used to having mostly complete and unfettered access to the Internet while working. Sans what my cable provider blocks (mostly Microsoft networking ports), I’m pretty much home free and can do what I want. When I go into “the office,” I am continually frustrated at how closed the network is. This makes it difficult for me to get work done. Fortunately, the office I usually go to has a separate lab-network with more, unfettered Internet access. You can take a guess at what network I use when I’m there. And I bet that anyone else with a similar choice will take the more open network. Depending on the machine they hook to this open net, they could be putting corporate data at serious risk.
- Tracking Open Net Usage: In corporations anyway, the lawyers would want to know who is using the network and when. Why? In case an open net user decides to, oh, I don’t know, cause a denial of service against a site. They want to, nay need to be able to track usage of this network down. And what’s in it for the corporation again?
I wish a totally open network is feasible, but in today’s sue-happy, spyware infested environment, it realy isn’t. Though I’d entertain any thoughts about one might do this and address the various concerns.