Hosnieh,
Since the Flow Based Security Functions (FW/IPS/IDS/Webfilter) examine packets (deeper to the layer) and make actions, which is similar to routers, the gap analysis need to document the key differences in matching criteria and actions. For example, the matching criteria for Flow Based Security Functions can be deeper in the data packets, can also be vendor specific service flavors registered by the security functions: - TCP port, - UDP port, - HTTP header - QoS field, - packet size, etc, - special events - time of the day, time span - service flavors (vendor specific) - combination of any fields above. I2RS/BGP primarily deal with L2/L3 header. Most forward based on destination addresses, some may forward based on source address: - Ingress port - destination MAC, - source MAC, - MPLS, - VN_id, - destination IP, - source IP, or In addition to the actions that are commonly supported by routers: Pass/drop/mirror, there may be more actions by the Security Functions: Statistics (report Destination) or /Function call (IPS/IDS/AV/URL filter/authentication/...) Cheers, Linda -----Original Message----- From: I2nsf [mailto:[email protected]] On Behalf Of Hosnieh Rafiee Sent: Tuesday, February 24, 2015 2:20 PM To: '[email protected]' Cc: [email protected] Subject: [I2nsf] gap analysis - I2NSF vs. I2RS Hello, We are working on a new version of gap analysis document for I2NSF. Since it is important for us to identify the exact scope of each WG that might have any overlap with the work we are doing in I2NSF, we invite you to provide us your inputs on our work. The following is our current context about your group. ------ I2NSF should leverage the protocols developed by I2RS. I2NSF is only to develop the additional information models and data models for distributed security functions, like FW and IPS/IDS. The Policy structure specified by [bnpModel] can be used by I2NSF to be extended to include recursive actions to other security functions. [bnpModel] Hares, S., Wu, Q.,"An Information Model for Basic Network Policy", http://tools.ietf.org/html/draft-hares-i2rs-bnp-info-model-01, October 2014 ----- Thanks, Best, Hosnieh _______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf _______________________________________________ i2rs mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2rs
