IETF Logo Mail Archive

RE: ISMS working group

"Nelson, David" <dnelson@enterasys.com> Thu, 08 September 2005 18:42 UTC

Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EDRMN-0004oX-6m; Thu, 08 Sep 2005 14:42:55 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EDRMK-0004lm-WA; Thu, 08 Sep 2005 14:42:53 -0400
Received: from ietf-mx.ietf.org (ietf-mx [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA09291; Thu, 8 Sep 2005 14:42:51 -0400 (EDT)
Received: from ctron-dnm.enterasys.com ([12.25.1.120] ident=firewall-user) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EDRPk-0004TH-Kx; Thu, 08 Sep 2005 14:46:26 -0400
Received: (from uucp@localhost) by ctron-dnm.enterasys.com (8.8.7/8.8.7) id OAA18981; Thu, 8 Sep 2005 14:45:43 -0400 (EDT)
Received: from nhrocavg2(134.141.79.124) by ctron-dnm.enterasys.com via smap (4.1) id xma018779; Thu, 8 Sep 05 14:44:14 -0400
Received: from NHROCCNC1.ets.enterasys.com ([134.141.79.124]) by 134.141.79.124 with InterScan Messaging Security Suite; Thu, 08 Sep 2005 14:41:20 -0400
Received: from source ([134.141.77.90]) by host ([134.141.79.124]) with SMTP; Thu, 08 Sep 2005 14:41:20 -0400
Received: from maandmbx2 ([134.141.93.31]) by NHROCCNC1.ets.enterasys.com with Microsoft SMTPSVC(5.0.2195.6713); Thu, 8 Sep 2005 14:41:20 -0400
X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 08 Sep 2005 14:41:19 -0400
Message-ID: <2A5E4540D4D5934D9A1E7E0B0FDB2D690103258F@MAANDMBX2.ets.enterasys.com>
Thread-Topic: ISMS working group
Thread-Index: AcW0jcYmXyoKVA3cTBWrDE6Pg6Hq5wADWIhwAAIwjYA=
From: "Nelson, David" <dnelson@enterasys.com>
To: iesg@ietf.org, ietf@ietf.org
X-OriginalArrivalTime: 08 Sep 2005 18:41:20.0341 (UTC) FILETIME=[E79D5050:01C5B4A4]
X-pstn-version: pmps:sps_win32_1_1_0c1 pase:2.8
X-pstn-levels: (C:79.5348 M:98.0742 P:95.9108 R:95.9108 S:93.5065 )
X-pstn-settings: 4 (0.2500:0.7500) p:13 m:13 C:14 r:13
X-pstn-addresses: from <dnelson@enterasys.com> forward (org good)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 08170828343bcf1325e4a0fb4584481c
Content-Transfer-Encoding: quoted-printable
Cc:
Subject: RE: ISMS working group
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

Let's assume, for the sake of discussion, that SNMP must always work
across Firewalls and NATs.  The original objection to the proposed
charter was that it did not include support for "Call Home"
functionality.

I can see how Call Home would solve the NAT problem, at least on a
sporadic basis.  The managed entity could initiate an "outgoing" NAT
session to the management station, and the management station could use
that connection as needed.  I don't see how this allows the management
station to later initiate an "incoming" connection to the NAT'ed managed
entity.  Nor do I see how it would enable firewalls to safely pass
through only the desired SNMP traffic.

Clarification would be helpful.  Thanks.


_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email