Re: [I2nsf] draft-ietf-i2nsf-problem-and-use-cases-00.txt
Rakesh Kumar <rkkumar@juniper.net> Thu, 07 July 2016 22:45 UTC
Return-Path: <rkkumar@juniper.net>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 96A2812D0AE for <i2nsf@ietfa.amsl.com>; Thu, 7 Jul 2016 15:45:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.921
X-Spam-Level:
X-Spam-Status: No, score=-1.921 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=junipernetworks.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bQK7HVLwWD_Z for <i2nsf@ietfa.amsl.com>; Thu, 7 Jul 2016 15:45:44 -0700 (PDT)
Received: from NAM02-CY1-obe.outbound.protection.outlook.com (mail-cys01nam02on0115.outbound.protection.outlook.com [104.47.37.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C71F1127071 for <i2nsf@ietf.org>; Thu, 7 Jul 2016 15:45:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=junipernetworks.onmicrosoft.com; s=selector1-juniper-net; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Zg+xG5TzBzgRn2/kl1Cv1SPu0OP+N5+ThE5rGOFgiqA=; b=Fe34dafVIk7ifPkutvIMi64/V3DOGeM1V/5RZUgE3ZIqlFe9Ma6oehgWIgNhCmdIwA+lHBrxJUUviGbZnrp19b0YMhiqytJqJyDuCRsp5FOnxrwXkqoWTfquaM0T/n3XKbMZxXxh2jaQLyTQ3mY2fQBYkgJLJQZJ/o9wxH+0EsA=
Received: from BN6PR05MB2993.namprd05.prod.outlook.com (10.173.19.11) by BN6PR05MB2993.namprd05.prod.outlook.com (10.173.19.11) with Microsoft SMTP Server (TLS) id 15.1.523.12; Thu, 7 Jul 2016 22:45:41 +0000
Received: from BN6PR05MB2993.namprd05.prod.outlook.com ([10.173.19.11]) by BN6PR05MB2993.namprd05.prod.outlook.com ([10.173.19.11]) with mapi id 15.01.0523.028; Thu, 7 Jul 2016 22:45:41 +0000
From: Rakesh Kumar <rkkumar@juniper.net>
To: Susan Hares <shares@ndzh.com>, 'Linda Dunbar' <linda.dunbar@huawei.com>, "diego.r.lopez@telefonica.com" <diego.r.lopez@telefonica.com>, "Christian.jacquenet@orange.com" <Christian.jacquenet@orange.com>
Thread-Topic: draft-ietf-i2nsf-problem-and-use-cases-00.txt
Thread-Index: AQHR2HZQlEPPK8Kw9UGnjErNkPCaqqANi/OA//+QW4A=
Date: Thu, 07 Jul 2016 22:45:41 +0000
Message-ID: <9E973283-DA9C-4CB1-A354-64BC6A14902C@juniper.net>
References: <0D62044A-98DD-446F-BC22-EE8530D574CE@juniper.net> <01c401d1d89e$7104fe00$530efa00$@ndzh.com>
In-Reply-To: <01c401d1d89e$7104fe00$530efa00$@ndzh.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/f.15.1.160411
authentication-results: spf=none (sender IP is ) smtp.mailfrom=rkkumar@juniper.net;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [66.129.239.12]
x-ms-office365-filtering-correlation-id: 34a32eb3-4e1e-4f7b-16c4-08d3a6b86cc0
x-microsoft-exchange-diagnostics: 1; BN6PR05MB2993; 6:CxZpVTgPvY5Owpr27zuAzxc0qYuq7Vmxy8b1vqTmEdvKT1vnC7DY3JAAvd+9SGrY3PbC08rRw0R3BCSpjxfbsg9AHrZ5F3hTu80PUggrBbOT4zFYuwRyifJO6mEtnCCRFqfELnBRIoG0u/ylLF+OYZgdZNgznzdQXokQ6/dsPEDSjEYKfalpYQ7rKT9LasT9Tzokgx/iPA64/VVukd1puQVxBk99/MZwmk3ZRBJUlq/vTgjadquB57Bc7mTz0lX8jt9sOKOYXO+jFjEpz3QljykySbgKkRtE7VrayeOAe1aDArW0H2AvZ0xFukF8zj1kp9bvQakir+flQbhhl4D+yA==; 5:M4A8C6/obARXX511i1uzeD5xhV7cNXJ2xcF0cMCCtHCz2RiHBByySq29I0fV8s5B57paxSbyMuynEAlOxz6RfuJuZuFNzuTCWgjT+rZsTb10lCwxhT15TmRaiHlGqzU99F8cWcjNYp7WREGJUKhlOA==; 24:pACGogE5UnVPO2Dt4YGk3sH9/dy/ie6KpaXgjwIXKP289EAKNIvceNRnkahrDmhS6cSLpIe7xkNRFH2awIxfPY9DZL/Jb5Ncj4Ht/B3nUgU=; 7:YfKqI1JR7uC9lplSNm9aCKOyyRHhCc+MoEpsD4TrXXegY7WosP/PYudDdqDojQZZEvOCSCgO63zvGuoFSXIEa0m+/2Tl9DlFcSx7u1Ak3Pl/VpPkmGfIhB8fD3Mt7qDgg/lOwWIebsbDF+shvk87r8MdqSpBvo/CfC1GT8QX/bZqGeGOVeovPFKJjtlYdZrZ+pbD024jqje2GxnM7vYGg8c3y6k1oBPCj4GMTSA9Zg5tVhGSlgUmDBuZge+kl1vD
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BN6PR05MB2993;
x-microsoft-antispam-prvs: <BN6PR05MB2993E7CB190900C14BB453B4AD3B0@BN6PR05MB2993.namprd05.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(40392960112811)(120809045254105)(192374486261705)(138986009662008)(18271650672692)(21748063052155)(50582790962513);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6055026); SRVR:BN6PR05MB2993; BCL:0; PCL:0; RULEID:; SRVR:BN6PR05MB2993;
x-forefront-prvs: 0996D1900D
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(7916002)(199003)(189002)(377454003)(66066001)(19617315012)(3846002)(102836003)(790700001)(106116001)(345774005)(105586002)(586003)(106356001)(6116002)(8676002)(50986999)(10400500002)(15975445007)(2950100001)(4001430100002)(11100500001)(5002640100001)(230783001)(4326007)(2900100001)(19580395003)(86362001)(19580405001)(2906002)(7846002)(77096005)(68736007)(97736004)(107886002)(189998001)(92566002)(33656002)(8936002)(83716003)(83506001)(16236675004)(82746002)(4001350100001)(87936001)(5001770100001)(3660700001)(122556002)(7736002)(2501003)(19625215002)(101416001)(54356999)(19300405004)(76176999)(3280700002)(36756003)(2201001)(81156014)(99286002)(81166006)(7906003)(104396002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN6PR05MB2993; H:BN6PR05MB2993.namprd05.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: juniper.net does not designate permitted sender hosts)
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_9E973283DA9C4CB1A35464BC6A14902Cjunipernet_"
MIME-Version: 1.0
X-OriginatorOrg: juniper.net
X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Jul 2016 22:45:41.7542 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: bea78b3c-4cdb-4130-854a-1d193232e5f4
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR05MB2993
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/f8ebhPbeBXzsEQ-E3hAk3TS6xpA>
Cc: "i2nsf@ietf.org" <i2nsf@ietf.org>, Rakesh Kumar <rkkumar@juniper.net>
Subject: Re: [I2nsf] draft-ietf-i2nsf-problem-and-use-cases-00.txt
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Jul 2016 22:45:47 -0000
Hi Sue, I appreciate your response. Yes my comments are technical in nature. I would definitely look at the other drafts you mentioned in this thread. I will let you know based on my finding about the missing use-cases. IMHO, it would be great to structure section 4 (use-cases) in this draft into some broad categories either based on end-customer (like I did) or some other way and explain the use-cases in some detail. We can talk more in Berlin to see how to do this if you are ok. Thanks & Regards, Rakesh From: Susan Hares <shares@ndzh.com<mailto:shares@ndzh.com>> Date: Thursday, July 7, 2016 at 3:25 PM To: Rakesh Kumar <rkkumar@juniper.net<mailto:rkkumar@juniper.net>>, 'Linda Dunbar' <linda.dunbar@huawei.com<mailto:linda.dunbar@huawei.com>>, "diego.r.lopez@telefonica.com<mailto:diego.r.lopez@telefonica.com>" <diego.r.lopez@telefonica.com<mailto:diego.r.lopez@telefonica.com>>, "Christian.jacquenet@orange.com<mailto:Christian.jacquenet@orange.com>" <Christian.jacquenet@orange.com<mailto:Christian.jacquenet@orange.com>> Cc: "i2nsf@ietf.org<mailto:i2nsf@ietf.org>" <i2nsf@ietf.org<mailto:i2nsf@ietf.org>> Subject: RE: draft-ietf-i2nsf-problem-and-use-cases-00.txt Rakesh: Thank you for the comments on the draft. I believe your comments to be technical in nature. If I am mistaken, please let me know. The original drafts for the use cases were: https://tools.ietf.org/html/draft-pastor-i2nsf-access-usecases-00 https://datatracker.ietf.org/doc/draft-zarny-i2nsf-data-center-use-cases/ https://tools.ietf.org/html/draft-qi-i2nsf-access-network-usecase-02 We compiled this to provide a summarization of these cases. The first thing to check is whether your ideas were in these original drafts. If they are, and you think it should be emphasized in the summary – please indicate the text you think should be included in the summary and why. This feedback is really useful as due to my struggles with security area reviews – this document did not enter WG LC as requested. Here’s my understanding of your work. On Service provider: Ke Wang, Xiaojun, and Minpeng Q China Mobile)i in draft-qi-i2nsf-access-network-usecase-02 suggested the provider based: residential use and enterprise use. China Mobile suggested the mobile use case in their original discussions. Myo Zarny (Goldman Sachs), S. Magee (F5), Nicholas Leymann (DT) , and suggested the data center use cases for data centers. On Enterprise, for branch and Campus we should get more detail on the threat management policies. Please check draft-pastor-i2nsf-access-usecases-00, but I am not sure there is a match. I think the zarny draft covered most of the issues listed, but you should look at this as well. If you think your text is not in these document, but you’d like to create it. Please write-up the text and send it to list or put it in a draft. If you just send it to the list, I’ll include your comments in my slides at IETF-95. Thanks for reviewing the document, Sue Hares From: Rakesh Kumar [mailto:rkkumar@juniper.net] Sent: Thursday, July 7, 2016 1:38 PM To: Linda Dunbar; shares@ndzh.com<mailto:shares@ndzh.com>; diego.r.lopez@telefonica.com<mailto:diego.r.lopez@telefonica.com>; Christian.jacquenet@orange.com<mailto:Christian.jacquenet@orange.com> Cc: Rakesh Kumar; i2nsf@ietf.org<mailto:i2nsf@ietf.org> Subject: draft-ietf-i2nsf-problem-and-use-cases-00.txt Dear authors, I have read the draft "draft-ietf-i2nsf-problem-and-use-cases-00.txt”. It is very well written and identifies the most common problems due to lack of standard interfaces. It also list “Access Networks” (Residential/Cloud/Mobile) and “Cloud Data centers” as the use-cases. This is good start but I think it would be nice to list other major drivers as well since use-cases would tell us whether interfaces we develop in here are widely applicable. Can we do something like this for use-cases (section 4)? These are just ideas to start a discussion. 1. Service provider use-cases * Access use-cases * Residential * Interface for parental control * Interface for threat management * Mobile * User experience * Content and access management * Threat management for infrastructure * Botnet, DDoS, Malware etc. * Enterprise * Managed security services (Threat management) * Data center (legacy/public-cloud) use-cases * Managed security services * GiLAN firewall * Threat management for infrastructure 2. Enterprise use-cases * Branch & Campus * Threat management policies * Data center (legacy/private-cloud/public-cloud) use-cases * Threat management for infrastructure * Regulatory and compliance policies * Access policies * Application, Users, Data access management * Htybrid-cloud access management * Application policies * East-to-west policies I can write a small paragraph for all these use-cases if we want to go deeper for the draft. Thanks & Regards, Rakesh
- Re: [I2nsf] draft-ietf-i2nsf-problem-and-use-case… Rakesh Kumar
- Re: [I2nsf] draft-ietf-i2nsf-problem-and-use-case… Susan Hares
- Re: [I2nsf] draft-ietf-i2nsf-problem-and-use-case… Susan Hares
- [I2nsf] draft-ietf-i2nsf-problem-and-use-cases-00… Rakesh Kumar