It's useful in terms of remediation as it can help identify through which "door" packets entered your network. Though, as others will undoubtedly point out, it's trustworthiness will depend upon how you derive the AS mapping and upon other security features (e.g. uRPF)
-- Eric :) > On Thu, 15 Dec 2011, Joe Loiacono wrote: > >> Is a good knowledge of either origin-AS, or next-AS with respect to flows >> valuable in establishing, monitoring, or re-enforcing a security posture? >> In what way?
