[i2rs] I2NSF: Interface to network security functions : problem-statement, framework, use cases, and potential solution
Linda Dunbar <linda.dunbar@huawei.com> Thu, 23 April 2015 17:13 UTC
Return-Path: <linda.dunbar@huawei.com>
X-Original-To: i2rs@ietfa.amsl.com
Delivered-To: i2rs@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 002261ACDBC; Thu, 23 Apr 2015 10:13:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.211
X-Spam-Level:
X-Spam-Status: No, score=-4.211 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xy2gqxZa2nZv; Thu, 23 Apr 2015 10:13:03 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5311B1ACDA7; Thu, 23 Apr 2015 10:13:00 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml401-hub.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id BRT49007; Thu, 23 Apr 2015 17:12:59 +0000 (GMT)
Received: from DFWEML702-CHM.china.huawei.com (10.193.5.72) by lhreml401-hub.china.huawei.com (10.201.5.240) with Microsoft SMTP Server (TLS) id 14.3.158.1; Thu, 23 Apr 2015 18:12:58 +0100
Received: from DFWEML701-CHM.china.huawei.com ([10.193.5.50]) by dfweml702-chm ([10.193.5.72]) with mapi id 14.03.0158.001; Thu, 23 Apr 2015 10:12:53 -0700
From: Linda Dunbar <linda.dunbar@huawei.com>
To: "i2nsf@ietf.org" <i2nsf@ietf.org>, "i2rs@ietf.org" <i2rs@ietf.org>, "netmod@ietf.org" <netmod@ietf.org>, "sacm@ietf.org" <sacm@ietf.org>, "pcp@ietf.org" <pcp@ietf.org>, "sfc@ietf.org" <sfc@ietf.org>, "dots@ietf.org" <dots@ietf.org>, "opsawg@ietf.org" <OpsAWG@ietf.org>, "ops-dir@ietf.org" <ops-dir@ietf.org>, "ops-ads@tools.ietf.org" <ops-ads@tools.ietf.org>
Thread-Topic: I2NSF: Interface to network security functions : problem-statement, framework, use cases, and potential solution
Thread-Index: AQHQfeL7u793L89A7kyGIFebPlU0DZ1aykFw
Date: Thu, 23 Apr 2015 17:12:53 +0000
Message-ID: <4A95BA014132FF49AE685FAB4B9F17F657C09765@dfweml701-chm>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.192.11.72]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2rs/giZ-ghcQrDWlfTZAtmnJMfMR6yY>
X-Mailman-Approved-At: Mon, 27 Apr 2015 08:16:51 -0700
Cc: "mile@ietf.org" <mile@ietf.org>
Subject: [i2rs] I2NSF: Interface to network security functions : problem-statement, framework, use cases, and potential solution
X-BeenThere: i2rs@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Interface to The Internet Routing System \(IRS\)" <i2rs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2rs>, <mailto:i2rs-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/i2rs/>
List-Post: <mailto:i2rs@ietf.org>
List-Help: <mailto:i2rs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2rs>, <mailto:i2rs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Apr 2015 17:13:05 -0000
The "i2nsf-problem-statement" draft describes the motivation and the problem space associated with service providers providing hosted security solutions to deliver cost-effective managed security services to enterprise customers who don't own or have the security functions on their premises. Since the i2nsf-problem-statement-01 draft, three I2NSF use case drafts, a gap analysis draft, and a packet-based paradigm draft have been published. We removed the redundant content from the problem statement draft, making it focus exclusively on the problem space of security functions not hosted on customer's premises and being distributed (driven by NFV and hosted security services). In conjunction with the "i2nsf-problem-statements", there are also I2NSF framework draft, potential I2NSF solution draft, use case drafts (under process of merging), gap-analysis and data modeling draft: http://datatracker.ietf.org/doc/draft-merged-i2nsf-framework/ http://datatracker.ietf.org/doc/draft-lopez-i2nsf-packet/ http://datatracker.ietf.org/doc/draft-xia-i2nsf-capability-interface-im/ (new revision is to be uploaded soon to reflect the discussion of F2F meetings at IETF92 Dallas). http://datatracker.ietf.org/doc/draft-pastor-i2nsf-access-usecases/ http://datatracker.ietf.org/doc/draft-qi-i2nsf-access-network-usecase/ http://datatracker.ietf.org/doc/draft-zarny-i2nsf-data-center-use-cases/ http://datatracker.ietf.org/doc/draft-zhang-gap-analysis/ I2NSF is about security functions management. The ultimate goal of I2NSF is to enable enterprises to utilize security functions not hosted on their own premise but instead hosted in service provider domain, to establish how to communicate desired security policies to NSF and how to get performance data or report out of NSF. Also copy to the I2NSF relevant IETF WGs: I2RS, NETMOD, NETCONF, SACM, MILE, PCP, DOTS, SFC, and OpAreas, in hope to get feedback and suggestions from wider audience. Thanks in advance, Linda Dunbar -----Original Message----- From: internet-drafts@ietf.org [mailto:internet-drafts@ietf.org] Sent: Thursday, April 23, 2015 11:31 AM To: Mohamed Boucadair; Shaibal Chakrabarty; Linda Dunbar; Christian Jacquenet; Myo Zarny; Christian Jacquenet; Myo Zarny; Shaibal Chakrabarty; Linda Dunbar; Mohamed Boucadair Subject: New Version Notification for draft-dunbar-i2nsf-problem-statement-03.txt A new version of I-D, draft-dunbar-i2nsf-problem-statement-03.txt has been successfully submitted by Linda Dunbar and posted to the IETF repository. Name: draft-dunbar-i2nsf-problem-statement Revision: 03 Title: Interface to Network Security Functions (I2NSF) Problem Statement Document date: 2015-04-23 Group: Individual Submission Pages: 21 URL: http://www.ietf.org/internet-drafts/draft-dunbar-i2nsf-problem-statement-03.txt Status: https://datatracker.ietf.org/doc/draft-dunbar-i2nsf-problem-statement/ Htmlized: http://tools.ietf.org/html/draft-dunbar-i2nsf-problem-statement-03 Diff: http://www.ietf.org/rfcdiff?url2=draft-dunbar-i2nsf-problem-statement-03 Abstract: This document describes the motivation and the problem statement for Interface to Network Security Functions (I2NSF). Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat
- [i2rs] I2NSF: Interface to network security funct… Linda Dunbar