Hi Fred,
http://www.ietf.org/proceedings/84/id/draft-ietf-opsawg-firewalls-00.txt - It is definitely worth mentioning behavioral analysis techniques like sFlow/Netflow; a suggested place for this would be section 2.3. - Deep packet inspection (DPI) in firewalls (e.g. signature analysis) comes at a performance cost. It would be worthwhile to mention that some category of flows from a source to a destination, say long-lived large flows like long-form video content can bypass DPI in firewalls. A suggested place for this would be the recommendations section. If you desire, I can write up detailed text which can be added to the draft. thanks, ramki
_______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
