[Nsaas] New Non-WG Mailing List: NSaaS: Network Security as a Service
IETF Secretariat <ietf-secretariat@ietf.org> Mon, 11 August 2014 22:15 UTC
Return-Path: <ietf-secretariat@ietf.org>
X-Original-To: nsaas@ietfa.amsl.com
Delivered-To: nsaas@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C3D51A024E; Mon, 11 Aug 2014 15:15:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zEDzvl7-9oUr; Mon, 11 Aug 2014 15:15:41 -0700 (PDT)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 77BFE1A01FF; Mon, 11 Aug 2014 15:15:41 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: IETF Secretariat <ietf-secretariat@ietf.org>
To: IETF Announcement List <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 5.6.2.p5
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20140811221541.12576.82446.idtracker@ietfa.amsl.com>
Date: Mon, 11 Aug 2014 15:15:41 -0700
Archived-At: http://mailarchive.ietf.org/arch/msg/nsaas/KPMoSaXsRl0oVkWSHOtqlsnhMBM
X-Mailman-Approved-At: Mon, 11 Aug 2014 15:23:44 -0700
Cc: myo.zarny@gs.com, nsaas@ietf.org, linda.dunbar@huawei.com
Subject: [Nsaas] New Non-WG Mailing List: NSaaS: Network Security as a Service
X-BeenThere: nsaas@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "*NSaaS: Network Security as a Service mailing list*" <nsaas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/nsaas>, <mailto:nsaas-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/nsaas/>
List-Post: <mailto:nsaas@ietf.org>
List-Help: <mailto:nsaas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/nsaas>, <mailto:nsaas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Aug 2014 22:15:43 -0000
A new IETF non-working group email list has been created. List address: nsaas@ietf.org Archive: http://www.ietf.org/mail-archive/web/nsaas/ To subscribe: https://www.ietf.org/mailman/listinfo/nsaas Purpose: Network Security as a Service (NSaaS) mailing list is for discussing topics related to protocols (or the interface) and architectures for “Requesters” to negotiate the network security related functions, that are not physically present at Requesters’ premises, as well as the associated attributes. The security functions under discussion are the ones that can be requested by one domain (e.g., two different domains of one service provider, enterprise clients, or applications, etc.) but may be owned or managed by another domain (e.g., service provider). Those security functions may be hosted on physical appliances or instantiated as virtual machines on common compute server (i.e. the Virtualized network functions defined by ETSI NFV). The “requester <-> provider” relationship has different connotations in different scenarios: · Client <-> Provider relationship, i.e. client requesting some network functions from its provider; · Inter-domain, e.g. Domain A <-> Domain B relationship, i.e. one operator domain requesting some network functions from another operator domain, where “A” and “B” can be from same operator or different operators; or · Applications <-> Network relationship, i.e. an application (e.g. cluster of servers) requesting some functions from network, etc. The security functions offered by 3rd party need Bi-directional periodic communications between the requesters and the providers for policy negotiation, validation, potentially re-directing traffic to higher level security functions, etc. Therefore, the service requires protocol exchange. Simply, an API is not enough. The proposed protocols between requester and provider can be used for the following scenarios: · A Client requests a certain network security function from a provider · The provider fulfills the request for example, by instantiating an instance of the service in question, or configures additional rules in an already provisioned service. Even though OpenStack has done a project on FW as a service: https://datatracker.ietf.org/doc/draft-dunbar-nsaas-problem-statement/, the specifications are very primitive, far from enough for NSaaS, due to it is open source code and there is no validation on its accuracy or completeness. Our goal is for IETF to take up the role of defining the complete specification, and providing a hand-off to OpenStack or other Open Source communities to provide the source code. For additional information, please contact the list administrators.
- [Nsaas] New Non-WG Mailing List: NSaaS: Network S… IETF Secretariat