Re: [I2nsf] updated I2NSF problem statement to reflect the narrower scoped charter
DIEGO LOPEZ GARCIA <diego.r.lopez@telefonica.com> Mon, 25 May 2015 19:03 UTC
Return-Path: <diego.r.lopez@telefonica.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 020A41A0404 for <i2nsf@ietfa.amsl.com>; Mon, 25 May 2015 12:03:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.09
X-Spam-Level:
X-Spam-Status: No, score=0.09 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8NxuXUt9CYnt for <i2nsf@ietfa.amsl.com>; Mon, 25 May 2015 12:03:52 -0700 (PDT)
Received: from smtptc.telefonica.com (smtptc.telefonica.com [195.76.34.108]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0B82B1A1B0B for <i2nsf@ietf.org>; Mon, 25 May 2015 12:03:51 -0700 (PDT)
Received: from smtptc.telefonica.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 835503A023B; Mon, 25 May 2015 21:03:48 +0200 (CEST)
Received: from ESTGVMSP102.EUROPE.telefonica.corp (unknown [10.92.4.9]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtptc.telefonica.com (Postfix) with ESMTPS id 733AC3A0233; Mon, 25 May 2015 21:03:48 +0200 (CEST)
Received: from emea01-am1-obe.outbound.protection.outlook.com (10.92.5.139) by tls.telefonica.com (10.93.6.49) with Microsoft SMTP Server (TLS) id 14.3.195.1; Mon, 25 May 2015 21:03:47 +0200
Received: from DB4PR06MB0624.eurprd06.prod.outlook.com (25.161.13.142) by DB4PR06MB0624.eurprd06.prod.outlook.com (25.161.13.142) with Microsoft SMTP Server (TLS) id 15.1.172.22; Mon, 25 May 2015 19:03:46 +0000
Received: from DB4PR06MB0624.eurprd06.prod.outlook.com ([25.161.13.142]) by DB4PR06MB0624.eurprd06.prod.outlook.com ([25.161.13.142]) with mapi id 15.01.0172.012; Mon, 25 May 2015 19:03:46 +0000
From: DIEGO LOPEZ GARCIA <diego.r.lopez@telefonica.com>
To: Linda Dunbar <linda.dunbar@huawei.com>
Thread-Topic: [I2nsf] updated I2NSF problem statement to reflect the narrower scoped charter
Thread-Index: AQHQlBdwcaMbS56nSk+pGJr4g/BqUp2NEtyA
Date: Mon, 25 May 2015 19:03:45 +0000
Message-ID: <ED635796-DF4B-4E8D-B7CC-81CCC9B48807@telefonica.com>
References: <4A95BA014132FF49AE685FAB4B9F17F657C46D13@dfweml701-chm>
In-Reply-To: <4A95BA014132FF49AE685FAB4B9F17F657C46D13@dfweml701-chm>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=diego.r.lopez@telefonica.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [83.54.132.127]
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DB4PR06MB0624;
x-microsoft-antispam-prvs: <DB4PR06MB062415E7C435D20428A67C37DFCD0@DB4PR06MB0624.eurprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(5005006)(520002)(3002001); SRVR:DB4PR06MB0624; BCL:0; PCL:0; RULEID:; SRVR:DB4PR06MB0624;
x-forefront-prvs: 058707456E
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(199003)(13464003)(252514010)(377424004)(24454002)(377454003)(189002)(19580395003)(19580405001)(33656002)(14971765001)(54356999)(76176999)(101416001)(50986999)(86362001)(2656002)(87936001)(66066001)(64706001)(105586002)(15975445007)(102836002)(68736005)(2420400003)(97736004)(4001540100001)(81156007)(2900100001)(2950100001)(106356001)(46102003)(106116001)(40100003)(62966003)(122556002)(77156002)(19617315012)(189998001)(7110500001)(5001830100001)(83716003)(5001960100002)(82746002)(5001860100001)(110136002)(92566002)(36756003)(16601075003)(16236675004)(104396002); DIR:OUT; SFP:1102; SCL:1; SRVR:DB4PR06MB0624; H:DB4PR06MB0624.eurprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: telefonica.com does not designate permitted sender hosts)
Content-Type: multipart/alternative; boundary="_000_ED635796DF4B4E8DB7CC81CCC9B48807telefonicacom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 May 2015 19:03:45.6269 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9744600e-3e04-492e-baa1-25ec245c6f10
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB4PR06MB0624
X-OriginatorOrg: telefonica.com
X-TM-AS-MML: No
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2nsf/4J5rlC3Akkv7LuJ7QqLakbV-M7g>
Cc: "i2nsf@ietf.org" <i2nsf@ietf.org>
Subject: Re: [I2nsf] updated I2NSF problem statement to reflect the narrower scoped charter
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 25 May 2015 19:03:57 -0000
Hi,
As we discussed recently, I'd say that:
1.- It is important to address multi-tenancy of the interfaces to control and monitor NSFs. First, because service providers may well require to have several operational units to make this control and monitoring, especially when they become distributed and virtualized. Second, service providers may find a value in offering a (mediated) interface to control and monitoring NSFs to their customers. This could certainly be part of 3.1.5...
2.- In what relates to 3.2.1, rather than distinguishing between "on-premises" and "remote", I'd talk about a consistent integration of NSFs, independently of their location and their implementation mechanisms.
Be goode,
On 22 May 2015, at 24:42 , Linda Dunbar <linda.dunbar@huawei.com<mailto:linda.dunbar@huawei.com>> wrote:
We updated the I2NSF problem statement to reflect the narrower scoped charter.
The primary issues and challenges facing NSFs hosted by different domains are:
3.1. Challenges Facing Security Service Providers..............5
3.1.1. Diverse types of Security Functions..................5
3.1.2. No Standard Characterization of NSFs.................6
3.1.3. More Distributed NSFs and vNSFs......................7
3.1.4. More Demand to Control NSFs Dynamically..............7
3.1.5. Diverse Interfaces to Control and Monitor NSFs.......7
3.1.6. Lack of mechanism to monitor the behavior of NSFs....8
3.2. Challenges Facing Customers...............................8
3.2.1. Need to integrate on-premises NSFs with Remote NSFs..8
3.2.2. Today's Policy Expressions are Vendors Specific......9
3.2.3. Difficulty to Monitor the Execution of Desired Policies
...........................................................10
3.3. Difficulty to Validate Policies across Multiple Domains..10
3.4. Lack of Standard Interface to Inject Feedback to NSF.....11
Your comments and suggestions are highly appreciated.
Linda
-----Original Message-----
From: internet-drafts@ietf.org<mailto:internet-drafts@ietf.org> [mailto:internet-drafts@ietf.org]
Sent: Thursday, May 21, 2015 5:37 PM
To: Mohamed Boucadair; Shaibal Chakrabarty; Linda Dunbar; Christian Jacquenet; Myo Zarny; Christian Jacquenet; Myo Zarny; Shaibal Chakrabarty; Linda Dunbar; Mohamed Boucadair
Subject: New Version Notification for draft-dunbar-i2nsf-problem-statement-04.txt
A new version of I-D, draft-dunbar-i2nsf-problem-statement-04.txt
has been successfully submitted by Linda Dunbar and posted to the IETF repository.
Name: draft-dunbar-i2nsf-problem-statement
Revision: 04
Title: Interface to Network Security Functions (I2NSF) Problem Statement
Document date: 2015-05-21
Group: Individual Submission
Pages: 20
URL: https://www.ietf.org/internet-drafts/draft-dunbar-i2nsf-problem-statement-04.txt
Status: https://datatracker.ietf.org/doc/draft-dunbar-i2nsf-problem-statement/
Htmlized: https://tools.ietf.org/html/draft-dunbar-i2nsf-problem-statement-04
Diff: https://www.ietf.org/rfcdiff?url2=draft-dunbar-i2nsf-problem-statement-04
Abstract:
This document describes the motivation and the problem statement for
Interface to Network Security Functions (I2NSF).
Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>.
The IETF Secretariat
_______________________________________________
I2nsf mailing list
I2nsf@ietf.org<mailto:I2nsf@ietf.org>
https://www.ietf.org/mailman/listinfo/i2nsf
--
"Esta vez no fallaremos, Doctor Infierno"
Dr Diego R. Lopez
Telefonica I+D
http://people.tid.es/diego.lopez/
e-mail: diego.r.lopez@telefonica.com
Tel: +34 913 129 041
Mobile: +34 682 051 091
----------------------------------
________________________________
Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.
The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.
Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição
- [I2nsf] updated I2NSF problem statement to reflec… Linda Dunbar
- Re: [I2nsf] updated I2NSF problem statement to re… DIEGO LOPEZ GARCIA
- [I2nsf] Key problems to reflect the narrower scop… Linda Dunbar