[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Referenceing 3704 in OPSEC filtering document ?
From an operations perspective this is one case where the configuration how is as interesting as the functional what (filtering).
There are three possibilities that come to mind immediately:
- manual configuration (implementation being static ACLs)
- dynamic based on something known (implementation being uRPF)
- triggered by external source/API (implementation being shunning, quarantine, VOIP midcom pinholes)
It adds some complexity to the draft, but gives more flexibility in mapping capabilities to profiles, or requirements docs.
Regards,
Fred Budd
-----Original Message-----
From: owner-opsec@psg.com [mailto:owner-opsec@psg.com]On Behalf Of
George Jones
Sent: Monday, March 07, 2005 4:41 PM
To: Christopher L. Morrow
Cc: Pekka Savola; Merike Kaeo; opsec@ops.ietf.org
Subject: Referenceing 3704 in OPSEC filtering document ?
So the question I have is, given the excellent work that Pekka and Fred did
on 3704, does Chris' doc need any more than a citation saying "do that/
provide features capapable of doing that" ?
---George