Hi Fernando, I am struggling to understand the gap this draft fills.
We read "In many cases, as a result, deployments have been underwhelming in both quantity and quality, and the Internet is noted for its problems with security.", but I wouldn't say firewall deployments are underwhelming in quality and quantity. I believe FW are very ubiquitous in today's networks. Were you referring to something else? Also I am not sure about what the "bickering on the topic" refers to. Finally, with all the "NGFW" products and features out there that section 4 could include many more kinds of fws. Same for section 5. In general, I think that the draft covers legacy firewalls mostly, not all the modern fw features that exist today and I am not sure if it tries to convince readers about their need (because I don't think in today's world firewalling functionality can be rejected as unnecessary by anyone) Panos -----Original Message----- From: OPSEC [mailto:[email protected]] On Behalf Of Fernando Gont Sent: Monday, September 14, 2015 9:05 PM To: [email protected] Cc: Internet Area; '[email protected]'; TSV Area; tsvwg; IPv6 Operations Subject: [OPSEC] "On Firewalls in Internet Security" (Fwd: New Version Notification for draft-gont-opsawg-firewalls-analysis-00.txt) Folks, We have published an I-D entitled "On Firewalls in Internet Security". The I-D is available at: <https://www.ietf.org/internet-drafts/draft-gont-opsawg-firewalls-analysis-00.txt>. Our I-D covers a broad range of topics (ranging from operations to internet and transport area topics) -- hence the crosspost of this announcement to multiple mailing-lists. While we (co-authors) are subscribed to most of the lists to which this announcement is being crossposted, we expect (for the sake of unifying the discussion in a single place) the discussion to happen in the [email protected] mailing-list. Your feedback will be very welcome. Thanks! Best regards, Fernando -------- Forwarded Message -------- Subject: New Version Notification for draft-gont-opsawg-firewalls-analysis-00.txt Date: Mon, 14 Sep 2015 17:49:41 -0700 From: [email protected] To: Paul E. Hoffman <[email protected]>, Fernando Gont <[email protected]>, Fernando Gont <[email protected]>, Fred Baker <[email protected]>, Fred Baker <[email protected]>, Paul Hoffman <[email protected]> A new version of I-D, draft-gont-opsawg-firewalls-analysis-00.txt has been successfully submitted by Fernando Gont and posted to the IETF repository. Name: draft-gont-opsawg-firewalls-analysis Revision: 00 Title: On Firewalls in Internet Security Document date: 2015-09-15 Group: Individual Submission Pages: 17 URL: https://www.ietf.org/internet-drafts/draft-gont-opsawg-firewalls-analysis-00.txt Status: https://datatracker.ietf.org/doc/draft-gont-opsawg-firewalls-analysis/ Htmlized: https://tools.ietf.org/html/draft-gont-opsawg-firewalls-analysis-00 Abstract: This document analyzes the role of firewalls in Internet security, and suggests a line of reasoning about their usage. It analyzes common kinds of firewalls and the claims made for them. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec _______________________________________________ OPSEC mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsec
