[OPSEC] I-D Action:draft-ietf-opsec-protect-control-plane-02.txt posted today
Rodney Dunn <rodunn@cisco.com> Fri, 06 August 2010 22:00 UTC
Return-Path: <rodunn@cisco.com>
X-Original-To: opsec@core3.amsl.com
Delivered-To: opsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 362A83A67D4 for <opsec@core3.amsl.com>; Fri, 6 Aug 2010 15:00:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.599
X-Spam-Level:
X-Spam-Status: No, score=-10.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F6WYU+Ilbs23 for <opsec@core3.amsl.com>; Fri, 6 Aug 2010 15:00:20 -0700 (PDT)
Received: from av-tac-rtp.cisco.com (hen.cisco.com [64.102.19.198]) by core3.amsl.com (Postfix) with ESMTP id 2BF103A6767 for <opsec@ietf.org>; Fri, 6 Aug 2010 15:00:20 -0700 (PDT)
X-TACSUNS: Virus Scanned
Received: from rooster.cisco.com (localhost.cisco.com [127.0.0.1]) by av-tac-rtp.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id o76M0pjE020386 for <opsec@ietf.org>; Fri, 6 Aug 2010 18:00:51 -0400 (EDT)
Received: from rtp-rodunn-8711.cisco.com (rtp-rodunn-8711.cisco.com [10.116.190.130]) by rooster.cisco.com (8.13.8+Sun/8.13.8) with ESMTP id o76M0oLa028040 for <opsec@ietf.org>; Fri, 6 Aug 2010 18:00:51 -0400 (EDT)
Message-ID: <4C5C8612.4070702@cisco.com>
Date: Fri, 06 Aug 2010 18:00:50 -0400
From: Rodney Dunn <rodunn@cisco.com>
Organization: Cisco Systems Inc.
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2
MIME-Version: 1.0
To: opsec@ietf.org
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: [OPSEC] I-D Action:draft-ietf-opsec-protect-control-plane-02.txt posted today
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: rodunn@cisco.com
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/opsec>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Aug 2010 22:00:21 -0000
OPSEC members, We have posted the -02 revision today to draft-ietf-opsec-protect-control-plane. http://www.ietf.org/internet-drafts/draft-ietf-opsec-protect-control-plane-02.txt In it we have addressed all feedback thus far including the much requested V6 additions which represented the last outstanding item we had not previously incorporated. We would appreciate any and all review comments. Thanks, Rodney/David/Carlos -------- Original Message -------- Subject: [OPSEC] I-D Action:draft-ietf-opsec-protect-control-plane-02.txt Date: Fri, 6 Aug 2010 14:45:02 -0700 (PDT) From: Internet-Drafts@ietf.org To: i-d-announce@ietf.org CC: opsec@ietf.org A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Operational Security Capabilities for IP Network Infrastructure Working Group of the IETF. Title : Protecting The Router Control Plane Author(s) : D. Dugal, et al. Filename : draft-ietf-opsec-protect-control-plane-02.txt Pages : 22 Date : 2010-08-06 This memo provides a method for protecting a router's control plane from undesired or malicious traffic. In this approach, all legitimate router control plane traffic is identified. Once legitimate traffic has been identified, a filter is deployed in the router's forwarding plane. That filter prevents traffic not specifically identified as legitimate from reaching the router's control plane or rate limited to an acceptable level. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-opsec-protect-control-plane-02.txt Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/ Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft.