[I2nsf] Things WG asked the problem-statement Use Case to cover
"Susan Hares" <shares@ndzh.com> Sun, 20 December 2015 14:59 UTC
Return-Path: <shares@ndzh.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D1A291B2E02 for <i2nsf@ietfa.amsl.com>; Sun, 20 Dec 2015 06:59:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -96.354
X-Spam-Level:
X-Spam-Status: No, score=-96.354 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DOS_OUTLOOK_TO_MX=2.845, HTML_MESSAGE=0.001, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WxYXTP7KShl3 for <i2nsf@ietfa.amsl.com>; Sun, 20 Dec 2015 06:59:44 -0800 (PST)
Received: from hickoryhill-consulting.com (hhc-web3.hickoryhill-consulting.com [64.9.205.143]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6AA1F1B2DFF for <i2nsf@ietf.org>; Sun, 20 Dec 2015 06:59:44 -0800 (PST)
X-Default-Received-SPF: pass (skip=loggedin (res=PASS)) x-ip-name=74.43.47.177;
From: Susan Hares <shares@ndzh.com>
To: i2nsf@ietf.org
Date: Sun, 20 Dec 2015 09:59:19 -0500
Message-ID: <003101d13b37$0170e130$0452a390$@ndzh.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0032_01D13B0D.189DE670"
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AdE7MSyxjjCZjg61REiRUTMbA3u1Mw==
Content-Language: en-us
X-Authenticated-User: skh@ndzh.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2nsf/Ru4TqjHe31fnLRLipJIX1soragQ>
Cc: adrian@olddog.co.uk, 'Kathleen Moriarty' <kathleen.moriarty.ietf@gmail.com>, 'Linda Dunbar' <linda.dunbar@huawei.com>
Subject: [I2nsf] Things WG asked the problem-statement Use Case to cover
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 20 Dec 2015 14:59:47 -0000
Hi all: Based on the number of vacation responses I received when I sent email last night, I suspect that many of you are on vacation or starting your vacation early in the week. I wish all a joyous, safe, and peaceful Christmas and New Year. Based on the fact many of you are on vacation, I uploaded a merge of the problem statements and the use cases in draft-hares-i2nsf-merged-problem-use-cases. This combination of problem and use cases provides a good summary of the terrific work people have done. In contrast, gap analysis provides substantial background. The authors ask the I2NSF WG to adopt this document. As part of the adoption process, the authors would like the WG to consider whether the authors covered the following issues suggested at IETF below: 1. New standardized APIs (e.g. RESTful APIs) and capabilities are needed (Ed Lopez) 2. Standardized Capabilities and Interface should enable Policy Validation (LuYung Fang) and Policy verification (John Strassner), Policy combinations (Diego Lopez), Policy comparison with customer's security intent (or customer security expectations). 3. Standardized Capabilities and Interfaces should enable security orchestration. (Dobbins) Should add additional detail to cover the following things: 1. For Cloud Providers, there are virtual security functions within my cloud, there are also virtual security function services that cloud providers provide to their client. Virtual Security Functions vs cloud provider: I hope we cover both including cloud-based security service. I.e. security for cloud and security provided by cloud (LuYuan Fang) 2. Sensitive data going into hosted environments connected to the Internet (not public clouds) (Kathleen Moriarty) 3. Use of Stateful filters (Dean Bogdanovic), details on what use case requires these filters (Jamal), and what happens when stateful filters cannot be supported (Jamal). 4. Security policy that covers Symmetric vs asynchronous nature of the data. Sue Hares and co-authors.