Interesting concept. One thought that might be helpful -- > * Firewall > * DDOS/Anti-DOS > * Intrusion Detection System/ Intrusion Prevention System > (IDS/IPS) > * Access control/Authorization/Authentication
I think I would try to frame things in terms of services, rather than devices, or a mix of the two. For instance -- what does a "firewall" really do? Stateful packet inspection, deep packet inspection, and... ?? So maybe a list something like this might make sense -- (and remember, this is brainstorming, nothing more) -- - Stateful packet inspection - Deep packet inspection - Packet/flow/stream filtering (remote and local) - Packet/flow/stream redirect (remote and local) - Intrusion detection (or perhaps flow/stream pattern matching?) - AAA Don't know if this is a useful line of thought or not. :-) Russ _______________________________________________ i2rs mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2rs
