I agree with Diego.
As a manager of networks, I have used ECA for both. I’m currently experimenting
with declarative policies for both. I do NOT think that this is a “new” type of
policy rule or statement. In fact, I’m not sure that we even need a blank
condition clause for the first type.
I
Hi,
I am afraid we have a language gap here, Rakesh. In my view, you are talking of
two kind of rules that can be expressed with an ECA model, only that those in
the first class would have an empty (or wildcard or default) condition
expression that will make them applicable whenever a certain
Hi Linda,
One more thing regarding how a policy/rule is to be enforced. We see two
distinct requirements:
1. Static security posture --> The security admin determines what
security policies need to be enforced in their network based on their business
needs (access policies such as who
Hi Linda,
Thanks a lot for the review.
One of the biggest challenges in the security world today is that, it is too
complex with each vendor having their own set of features and functionality
exposed in a very proprietary manner. We have to simplify this with I2NSF
client-facing interface so
Rakesh,
By the way, the I2NSF framework has specified to use ECA (Event Condition
Action) to describe “Rules”.
https://datatracker.ietf.org/doc/draft-xibassnez-i2nsf-capability/ has the
detailed description on how “Rules” information model.
Is there any issue to utilize those information