Dear all,
I have review the use case draft and have the following questions.
Looking forward to your reply.
In the section 3.1.9, it is described that the mechanism to accept external
alerts to trigger automatic configuration change is needed. In addition, the
DDoS mitigation is taken as a example.
However, in general, the automatic DDoS traffic scrubbing system is composed
of two part: a) the traffic monitoring part for the signaling of the threat;
b) DDoS mitigation part. By monitoring the network alerts, the system will
automatically trigger the defense part for the traffic scrubbing. So I think
that the current system can achieve the automatic configuration change
without the I2NSF controller. This example is not appropriate to illustrate
this use case.
Maybe my understanding is not correct. Looking forward to your guidance.
Best Regards,
Lishan
_______________________________________________
I2nsf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/i2nsf
