In a nutshell, I2NSF wants to define interfaces to the flow based network security functions hosted at different premises.
Network security functions (NSFs) are provided and consumed in increasingly diverse environments. Users of NSFs could consume network security services hosted by one or more providers, which may be their own enterprise, service providers, or a combination of both. Likewise, service providers of NSFs may offer their customers network security services that consist of multiple security products and/or functions from different vendors. NSFs may be provided by physical and/or virtualized infrastructure. Without standard interfaces to express, monitor, and control security policies that govern the behavior of NSFs, it becomes virtually impossible for security service providers to automate their service offerings that utilize different security functions from multiple vendors.
The goal of I2NSF is to define a set of software interfaces and data models for controlling and monitoring aspects of physical and virtual NSFs. If the working group finds it necessary to work on an information model before the data models, to help provide guidance and derive the data models, it may do so. The working group will decide later whether the information model needs to be published as an RFC. Other aspects of NSFs, such as device or network provisioning and configuration, are out of scope.
More detailed I2NSF Q&A can be found at: https://sites.google.com/site/interface2nsf/i2nsf-q-a
To see the collection of prior postings to the list,
visit the I2nsf
Archives.
|
Subscribe to I2nsf by filling out the following
form.
You will be sent email requesting confirmation, to
prevent others from gratuitously subscribing you. This is a private list, which means that the
list of members is not available to non-members.
|