David, > On Mar 26, 2017, at 5:34 PM, Waltermire, David A. (Fed) > <david.walterm...@nist.gov> wrote: > > > The US Government has been working within the IETF SACM work group to > standardize the collection of endpoint configuration and other posture > information from enterprise endpoints. Collecting this information is > critical to support automation of common network security tasks, including > asset, software, vulnerability, and configuration management. Thus far, our > efforts have focused primarily on standards to collect information in support > of asset, software and vulnerability management use cases, and has worked > with other IETF members to determine what data would need to be to be > collected, and how that data would be securely communicated across the > network. Through such exchanges an organization can know what client > endpoints are connected to their network, and if they are vulnerable to > attack. > > Given the proliferation of attacks against network infrastructure devices, it > is clear that the next step in our enterprise security automation effort must > be to enable standardized reporting of similar information from network > infrastructure devices. With the growing number of Yang models and increased > adoption of NETCONF, RESTCONF, and related protocol work, the time is right > to work out how these standards can be used to measure the health of network > devices. This information will, as in our efforts in SACM for client devices, > support asset, software, vulnerability, and configuration management use > cases. Standards-based reporting of this information from network > infrastructure devices will help network defenders protect against known > attacks, and provide the necessary knowledge to detect and mitigate future > attacks. > > We would like to start a discussion about how to leverage the existing IETF > network management protocols to best address security automation for network > infrastructure devices. We would like your ideas on how to best pursue this > work, and your insights into network infrastructure security problems that > will impact our networks in the future. We are holding a side meeting at IETF > 98 on Wednesday, March 29th at 6:30pm CDT to start a discussion about how to > move forward. We will be meeting in Vevey 4 at the IETF meeting venue.
Maybe this was discussed in the BoF … The best way to have a discussion would be to present the proposal in the form of a draft in the NETCONF WG. > > Here is a summary of the meeting details: > > PANIC (Posture Assessment through Network Information Collection) Bar BoF > Wednesday, March 29th, 2017 @ 6:30pm CDT > Swissotel Conference Center - Vevey 4 > > We look forward to working with you, and hope to see you in Chicago at the > PANIC Bar BoF. > > Regards, > Dave > > David Waltermire > Information Technology Laboratory | Computer Security Division > National Institute of Standards and Technology > > _______________________________________________ > Netconf mailing list > netc...@ietf.org > https://www.ietf.org/mailman/listinfo/netconf Mahesh Jethanandani mjethanand...@gmail.com _______________________________________________ netmod mailing list netmod@ietf.org https://www.ietf.org/mailman/listinfo/netmod
