[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Referenceing 3704 in OPSEC filtering document ?

To: <gmj@pobox.com>
Subject: RE: Referenceing 3704 in OPSEC filtering document ?
From: "Budd, Fred" <Fred.Budd@wiltel.com>
Date: Thu, 10 Mar 2005 08:39:47 -0600
Cc: "Christopher L. Morrow" <christopher.morrow@mci.com>, "Pekka Savola" <pekkas@netcore.fi>, "Merike Kaeo" <kaeo@merike.com>, <opsec@ops.ietf.org>

I think Chris' filtering capabilities draft should be modified to include the process of how the filtering rules are configured. 3704 would then be a reference to an implementation.

Regards,
Fred Budd  

-----Original Message-----
From: George Jones [mailto:eludom@gmail.com]
> There are three possibilities that come to mind immediately:
> - manual configuration (implementation being static ACLs)
> - dynamic based on something known (implementation being uRPF)
> - triggered by external source/API (implementation being shunning, quarantine, VOIP midcom pinholes)
> 
> It adds some complexity to the draft, but gives more flexibility in mapping capabilities to profiles, or requirements docs.

I'm not sure I'm following you.  What are you saying we shuold do in
which drafts (Merike's practices survey, Chris' filtering features vs. what's in 3704 now?)

Follow-Ups:
- RE: Referenceing 3704 in OPSEC filtering document ?
  - From: "Barry Raveendran Greene" <bgreene@cisco.com>
- Re: Referenceing 3704 in OPSEC filtering document ?
  - From: George Jones <eludom@gmail.com>

Prev by Date: Re: Referenceing 3704 in OPSEC filtering document ?
Next by Date: Re: Referenceing 3704 in OPSEC filtering document ?
Previous by thread: Re: Referenceing 3704 in OPSEC filtering document ?
Next by thread: Re: Referenceing 3704 in OPSEC filtering document ?
Index(es):
- Date
- Thread