[RPRWG] [Fwd: [802SEC] FW: [New-work] WG Review: Operational Security Capabilities for IPNetwork Infrastructure (opsec)]
FYI
-------- Original Message --------
Subject: [802SEC] FW: [New-work] WG Review: Operational Security
Capabilities for IPNetwork Infrastructure (opsec)
Date: Sun, 3 Oct 2004 20:57:55 -0700
From: "Congdon, Paul T (ProCurve)" <paul.congdon@HP.COM>
Reply-To: "Congdon, Paul T (ProCurve)" <paul.congdon@HP.COM>
To: STDS-802-SEC@listserv.ieee.org
The following announcement of new work in the IETF may be of interest to
members of your working group. Feel free to forward this to your
working group if appropriate.
Paul Congdon
-----Original Message-----
From: new-work-bounces@ietf.org [mailto:new-work-bounces@ietf.org] On
Behalf Of The IESG
Sent: Friday, September 17, 2004 8:43 AM
To: new-work@ietf.org
Subject: [New-work] WG Review: Operational Security Capabilities for
IPNetwork Infrastructure (opsec)
A new IETF working group has been proposed in the Operations and
Management Area.
The IESG has not made any determination as yet. The following
description was submitted, and is provided for informational purposes
only. Please send your comments to the IESG mailing list (iesg@ietf.org)
by September 24.
Operational Security Capabilities for IP Network Infrastructure (opsec)
=======================================================================
Current Status: Proposed Working Group
Description of Working Group:
Goals
The goal of the Operational Security Working Group is to codify
knowledge gained through operational experience about feature sets that
are needed to securely deploy and operate managed network elements
providing transit services at the data link and IP layers.
It is anticipated that the codification of this knowledge will be an aid
to vendors in producing more securable network elements, and an aid to
operators in increasing security by deploying and configuring more
secure network elements.
Scope
The working group will list capabilities appropriate for devices use in:
* Internet Service Provider (ISP) Networks
* Enterprise Networks
The following areas are excluded from the charter at this time:
* Wireless devices
* Small-Office-Home-Office (SOHO) devices
* Security devices (firewalls, Intrusion Detection Systems,
Authentication Servers)
* Hosts
Methods
Framework Document
A framework document will be produced describing the scope, format,
intended use and documents to be produced.
Current Practices Document
A single document will be produced that attempts to capture curent
practices related to secure operation. This will be primarily based on
operational experience. Each entry will list:
* threats addressed,
* current practices for addressing the threat,
* protocols, tools and technologies extant at the time of writing that
are used to address the threat.
Individual Capability Documents
A series of documents will be produced covering various groupings of
security management capabilities needed to operate network elements in a
secure fashion. The capabilities will be described in terms that allow
implementations to change over time and will attempt to avoid requiring
any particular implementation.
The capabilities documents will cite the Current Practices document
where possible for justification.
Profile Documents
Profiles documents will be produced, which cite the capabilities
relevant to different operating environments.
Operator Outreach
Much of the operational security knowledge that needs to be codified
resides with operators. In order to access their knowledge and reach the
working group goal, informal BoFs will be held at relevant operator
fora.
http://www.ietf.org/internet-drafts/draft-jones-opsec-06.txt will be
used as a jumping off point.
_______________________________________________
New-work mailing list
New-work@ietf.org
https://www1.ietf.org/mailman/listinfo/new-work
----------
This email is sent from the 802 Executive Committee email reflector.
This list is maintained by Listserv.
--
Michael Takefman tak@cisco.com
Distinguished Engineer, Cisco Systems
Chair IEEE 802.17 Stds WG
3000 Innovation Dr, Ottawa, Canada, K2K 3E8
voice: 613-254-3399 cell:613-220-6991