IETF Logo Mail Archive

Re: [netmod] [Netconf] PANIC Bar BoF Wednesday @ 6:30pm CDT

"Waltermire, David A. (Fed)" <david.waltermire@nist.gov> Fri, 31 March 2017 21:18 UTC

Return-Path: <david.waltermire@nist.gov>
X-Original-To: netmod@ietfa.amsl.com
Delivered-To: netmod@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DA9FF129A0F; Fri, 31 Mar 2017 14:18:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nistgov.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5njpH8njgP25; Fri, 31 Mar 2017 14:17:59 -0700 (PDT)
Received: from gcc01-dm2-obe.outbound.protection.outlook.com (mail-dm2gcc01on0131.outbound.protection.outlook.com [23.103.201.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 00F9A1299F4; Fri, 31 Mar 2017 14:17:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nistgov.onmicrosoft.com; s=selector1-nist-gov; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=aW14rQ64WfLW9mzTRTK9aaVmNJBIx1f3V5oEqcMxPNA=; b=hpUOIJ1uVPoMNfr/Jq9M035Ve71IubtMcYr7jzjb4+nMgcZHsilT7VD+X8NBaBEAcTy7LY07i37SWCRVLM9ISqlZCQv9FPjFhYqhhuhmfmBfa6+V1FMETCHj+KVsM6FpsKO6XTGCixV9cYNOF8H9dm3c/Pk/i7zodsD3N6xigNk=
Received: from MWHPR09MB1440.namprd09.prod.outlook.com (10.173.50.14) by MWHPR09MB1437.namprd09.prod.outlook.com (10.173.50.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1005.10; Fri, 31 Mar 2017 21:17:56 +0000
Received: from MWHPR09MB1440.namprd09.prod.outlook.com ([10.173.50.14]) by MWHPR09MB1440.namprd09.prod.outlook.com ([10.173.50.14]) with mapi id 15.01.0991.023; Fri, 31 Mar 2017 21:17:56 +0000
From: "Waltermire, David A. (Fed)" <david.waltermire@nist.gov>
To: "Panos Kampanakis (pkampana)" <pkampana@cisco.com>
CC: "mile@ietf.org" <mile@ietf.org>, "netconf@ietf.org" <netconf@ietf.org>, "netmod@ietf.org" <netmod@ietf.org>, "sacm@ietf.org" <sacm@ietf.org>
Thread-Topic: [Netconf] PANIC Bar BoF Wednesday @ 6:30pm CDT
Thread-Index: AdKmf/vNEHSnQfeERo2ni5F63VlU8gDGe7oAAAEA4X8AADCZJwAqSdrQAAcUj4A=
Date: Fri, 31 Mar 2017 21:17:55 +0000
Message-ID: <MWHPR09MB1440EA71FBA40D793535A0CAF0370@MWHPR09MB1440.namprd09.prod.outlook.com>
References: <MWHPR09MB1440B3D5C3C983216D0BCB74F0300@MWHPR09MB1440.namprd09.prod.outlook.com>, <19D82D4B-0810-47EF-93CE-92539D64358D@gmail.com>, <A406F4455056956FC17A5EEB332131B682A83BF7@unknown> <7623EF23448E9148C613E4C1A97C06377ECF6972@unknown> <ccdeecc4ccda40598cd347b10fa0a026@XCH-ALN-010.cisco.com>
In-Reply-To: <ccdeecc4ccda40598cd347b10fa0a026@XCH-ALN-010.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: cisco.com; dkim=none (message not signed) header.d=none;cisco.com; dmarc=none action=none header.from=nist.gov;
x-originating-ip: [129.6.223.96]
x-microsoft-exchange-diagnostics: 1; MWHPR09MB1437; 7:ilvMp1wVulrAzgWCMh//83kCjV9uIhC1BSXRA3CuWOUQ9H9+IvUGOPMLTaCZz+R5zvZrgYEAH4iNuYyncP1zQ5ROnV9It77nk3s6GbE2p5G/iK7GHnAOOCkiFrR0oU/ZO82pAEYdo5OaUvg/CL1q/MqQMm05nWfwDPRe/E8GfLbNuf4cUYJDK9a+HSAx5cUeeUMdeFEJtX3jAtMDEWdxypRss2O1UNhlkQuXt/qq+kPH59uERwfzFRiOqsSM0F0KQfvttfN38VWsJY2ULXumJ0WBw3ocfqbJkhb+ONJsrumZ2+ZeB51D4hiwvfnfbxjWv9/duSZLarVoyr2H+9zC6A==
x-ms-office365-filtering-correlation-id: fd71323e-2060-4daa-2f11-08d4787b6670
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075)(48565401081)(201703131423075)(201703031133081)(201702281549075); SRVR:MWHPR09MB1437;
x-microsoft-antispam-prvs: <MWHPR09MB1437D7D82D6E3662839AB033F0370@MWHPR09MB1437.namprd09.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(65766998875637)(192374486261705)(95692535739014)(21748063052155)(211171220733660)(148717330147763);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(93006095)(93001095)(3002001)(10201501046)(6055026)(6041248)(20161123560025)(20161123564025)(20161123562025)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(6072148); SRVR:MWHPR09MB1437; BCL:0; PCL:0; RULEID:; SRVR:MWHPR09MB1437;
x-forefront-prvs: 02638D901B
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39840400002)(39400400002)(39450400003)(39410400002)(39850400002)(24454002)(377454003)(3846002)(6116002)(8676002)(790700001)(102836003)(93886004)(7736002)(81166006)(6246003)(74316002)(6916009)(3660700001)(2950100002)(3280700002)(53546009)(25786009)(53936002)(77096006)(110136004)(38730400002)(7906003)(4326008)(6506006)(7696004)(99286003)(8936002)(66066001)(229853002)(6306002)(2906002)(606005)(9686003)(54896002)(5660300001)(236005)(19609705001)(6436002)(2900100001)(54906002)(122556002)(561944003)(50986999)(76176999)(54356999)(55016002)(189998001)(33656002)(86362001); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR09MB1437; H:MWHPR09MB1440.namprd09.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_MWHPR09MB1440EA71FBA40D793535A0CAF0370MWHPR09MB1440namp_"
MIME-Version: 1.0
X-OriginatorOrg: nist.gov
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Mar 2017 21:17:55.9119 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2ab5d82f-d8fa-4797-a93e-054655c61dec
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR09MB1437
Archived-At: <https://mailarchive.ietf.org/arch/msg/netmod/Yjki_X2HAHBFp5tGFoFgitQz55U>
Subject: Re: [netmod] [Netconf] PANIC Bar BoF Wednesday @ 6:30pm CDT
X-BeenThere: netmod@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: NETMOD WG list <netmod.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netmod>, <mailto:netmod-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netmod/>
List-Post: <mailto:netmod@ietf.org>
List-Help: <mailto:netmod-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netmod>, <mailto:netmod-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Mar 2017 21:18:02 -0000

Panos,

We have requested a list to be setup. We will post again with signup info once the list is created.

Thanks,
Dave

From: Panos Kampanakis (pkampana) [mailto:pkampana@cisco.com]
Sent: Friday, March 31, 2017 1:55 PM
To: Waltermire, David A. (Fed) <david.waltermire@nist.gov>
Cc: mile@ietf.org; netconf@ietf.org; netmod@ietf.org; sacm@ietf.org
Subject: RE: [Netconf] PANIC Bar BoF Wednesday @ 6:30pm CDT

Is there a  list for PANIC already?
I couldn't find it.


From: mile [mailto:mile-bounces@ietf.org] On Behalf Of Waltermire, David A. (Fed)
Sent: Thursday, March 30, 2017 5:44 PM
To: Mahesh Jethanandani <mjethanandani@gmail.com<mailto:mjethanandani@gmail.com>>
Cc: mile@ietf.org<mailto:mile@ietf.org>; netconf@ietf.org<mailto:netconf@ietf.org>; netmod@ietf.org<mailto:netmod@ietf.org>; sacm@ietf.org<mailto:sacm@ietf.org>
Subject: Re: [mile] [Netconf] PANIC Bar BoF Wednesday @ 6:30pm CDT

Sorry. Clicked send on my phone accidentally.

We plan to write a draft describing the problem and scope of what we want to address. We will share this on the PANIC list and continue the conversation from there. We may want to present ideas in WGs like NETCONF at some time in the future. We will know more once further discussion is had.

Thanks,
Dave

________________________________
On: 30 March 2017 16:38, "Waltermire, David A. (Fed)" <david.waltermire@nist.gov<mailto:david.waltermire@nist.gov>> wrote:
We plan to write up a description adddessing the problem and
________________________________
On: 30 March 2017 16:09, "Mahesh Jethanandani" <mjethanandani@gmail.com<mailto:mjethanandani@gmail.com>> wrote:
David,

> On Mar 26, 2017, at 5:34 PM, Waltermire, David A. (Fed) <david.waltermire@nist.gov<mailto:david.waltermire@nist.gov>> wrote:
>
>
> The US Government has been working within the IETF SACM work group to standardize the collection of endpoint configuration and other posture information from enterprise endpoints. Collecting this information is critical to support automation of common network security tasks, including asset, software, vulnerability, and configuration management. Thus far, our efforts have focused primarily on standards to collect information in support of asset, software and vulnerability management use cases, and has worked with other IETF members to determine what data would need to be to be collected, and how that data would be securely communicated across the network. Through such exchanges an organization can know what client endpoints are connected to their network, and if they are vulnerable to attack.
>
> Given the proliferation of attacks against network infrastructure devices, it is clear that the next step in our enterprise security automation effort must be to enable standardized reporting of similar information from network infrastructure devices. With the growing number of Yang models and increased adoption of NETCONF, RESTCONF, and related protocol work, the time is right to work out how these standards can be used to measure the health of network devices. This information will, as in our efforts in SACM for client devices, support asset, software, vulnerability, and configuration management use cases. Standards-based reporting of this information from network infrastructure devices will help network defenders protect against known attacks, and provide the necessary knowledge to detect and mitigate future attacks.
>
> We would like to start a discussion about how to leverage the existing IETF network management protocols to best address security automation for network infrastructure devices. We would like your ideas on how to best pursue this work, and your insights into network infrastructure security problems that will impact our networks in the future. We are holding a side meeting at IETF 98 on Wednesday, March 29th at 6:30pm CDT to start a discussion about how to move forward. We will be meeting in Vevey 4 at the IETF meeting venue.

Maybe this was discussed in the BoF ...

The best way to have a discussion would be to present the proposal in the form of a draft in the NETCONF WG.

>
> Here is a summary of the meeting details:
>
> PANIC (Posture Assessment through Network Information Collection) Bar BoF
> Wednesday, March 29th, 2017 @ 6:30pm CDT
> Swissotel Conference Center - Vevey 4
>
> We look forward to working with you, and hope to see you in Chicago at the PANIC Bar BoF.
>
> Regards,
> Dave
>
> David Waltermire
> Information Technology Laboratory | Computer Security Division
> National Institute of Standards and Technology
>
> _______________________________________________
> Netconf mailing list
> Netconf@ietf.org<mailto:Netconf@ietf.org>
> https://www.ietf.org/mailman/listinfo/netconf

Mahesh Jethanandani
mjethanandani@gmail.com<mailto:mjethanandani@gmail.com>

v2.23.0 | Report a Bug | By Email