Linda, Similar work (i.e. gap analysis with the goal of identifying and focusing the scope) is also done by SUPA.
It would be good to share the information and the recommendations when you talk with them in the SUPA call on Monday. Thanks and Regards, Dan > -----Original Message----- > From: I2nsf [mailto:[email protected]] On Behalf Of Linda Dunbar > Sent: Thursday, March 05, 2015 12:05 AM > To: Hosnieh Rafiee; '[email protected]' > Cc: [email protected] > Subject: Re: [I2nsf] gap analysis - I2NSF vs. I2RS > > Hosnieh, > > > Since the Flow Based Security Functions (FW/IPS/IDS/Webfilter) examine > packets (deeper to the layer) and make actions, which is similar to routers, > the gap analysis need to document the key differences in matching criteria > and actions. > > For example, the matching criteria for Flow Based Security Functions can be > deeper in the data packets, can also be vendor specific service flavors > registered by the security functions: > - TCP port, > - UDP port, > - HTTP header > - QoS field, > - packet size, etc, > - special events > - time of the day, time span > - service flavors (vendor specific) > - combination of any fields above. > > > I2RS/BGP primarily deal with L2/L3 header. Most forward based on > destination addresses, some may forward based on source address: > - Ingress port > - destination MAC, > - source MAC, > - MPLS, > - VN_id, > - destination IP, > - source IP, or > > > In addition to the actions that are commonly supported by routers: > Pass/drop/mirror, there may be more actions by the Security Functions: > Statistics (report Destination) or /Function call (IPS/IDS/AV/URL > filter/authentication/...) > > Cheers, > > Linda > > -----Original Message----- > From: I2nsf [mailto:[email protected]] On Behalf Of Hosnieh Rafiee > Sent: Tuesday, February 24, 2015 2:20 PM > To: '[email protected]' > Cc: [email protected] > Subject: [I2nsf] gap analysis - I2NSF vs. I2RS > > Hello, > > We are working on a new version of gap analysis document for I2NSF. Since it > is important for us to identify the exact scope of each WG that might have > any overlap with the work we are doing in I2NSF, we invite you to provide > us your inputs on our work. > > > The following is our current context about your group. > > ------ > > I2NSF should leverage the protocols developed by I2RS. I2NSF is only > to develop the additional information models and data models for > distributed security functions, like FW and IPS/IDS. > The Policy structure specified by [bnpModel] can be used by I2NSF to > be extended to include recursive actions to other security functions. > > > [bnpModel] Hares, S., Wu, Q.,"An Information Model for > Basic Network Policy", > https://urldefense.proofpoint.com/v2/url?u=http- > 3A__tools.ietf.org_html_draft-2Dhares-2Di2rs-2Dbnp-2Dinfo-2Dmodel- > 2D01&d=AwICAg&c=BFpWQw8bsuKpl1SgiZH64Q&r=I4dzGxR31OcNXCJfQzvls > iLQfucBXRucPvdrphpBsFA&m=BrlaTAYtStGj20DwyA6nNMk4SyQHJLrWDlLdA > SXxZ0c&s=jgyDDwVK8hfvcy9_WUQ8PhIw_zd8dm7FFksynl1HZf0&e= , > > October 2014 > ----- > > Thanks, > Best, > Hosnieh > > > _______________________________________________ > I2nsf mailing list > [email protected] > https://urldefense.proofpoint.com/v2/url?u=https- > 3A__www.ietf.org_mailman_listinfo_i2nsf&d=AwICAg&c=BFpWQw8bsuKpl1 > SgiZH64Q&r=I4dzGxR31OcNXCJfQzvlsiLQfucBXRucPvdrphpBsFA&m=BrlaTAYt > StGj20DwyA6nNMk4SyQHJLrWDlLdASXxZ0c&s=Zg2uWB4Q0pnzimErbr1sS_fO > C5_D99mmcqroWpkCzp0&e= > > _______________________________________________ > I2nsf mailing list > [email protected] > https://urldefense.proofpoint.com/v2/url?u=https- > 3A__www.ietf.org_mailman_listinfo_i2nsf&d=AwICAg&c=BFpWQw8bsuKpl1 > SgiZH64Q&r=I4dzGxR31OcNXCJfQzvlsiLQfucBXRucPvdrphpBsFA&m=BrlaTAYt > StGj20DwyA6nNMk4SyQHJLrWDlLdASXxZ0c&s=Zg2uWB4Q0pnzimErbr1sS_fO > C5_D99mmcqroWpkCzp0&e= _______________________________________________ i2rs mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2rs
