| draft-ietf-i2nsf-nsf-monitoring-data-model-16.txt | draft-ietf-i2nsf-nsf-monitoring-data-model-17.txt | |||
|---|---|---|---|---|
| Network Working Group J. Jeong, Ed. | Network Working Group J. Jeong, Ed. | |||
| Internet-Draft P. Lingga | Internet-Draft P. Lingga | |||
| Intended status: Standards Track Sungkyunkwan University | Intended status: Standards Track Sungkyunkwan University | |||
| Expires: 23 September 2022 S. Hares | Expires: 15 October 2022 S. Hares | |||
| L. Xia | L. Xia | |||
| Huawei | Huawei | |||
| H. Birkholz | H. Birkholz | |||
| Fraunhofer SIT | Fraunhofer SIT | |||
| 22 March 2022 | 13 April 2022 | |||
| I2NSF NSF Monitoring Interface YANG Data Model | I2NSF NSF Monitoring Interface YANG Data Model | |||
| draft-ietf-i2nsf-nsf-monitoring-data-model-16 | draft-ietf-i2nsf-nsf-monitoring-data-model-17 | |||
| Abstract | Abstract | |||
| This document proposes an information model and the corresponding | This document proposes an information model and the corresponding | |||
| YANG data model of an interface for monitoring Network Security | YANG data model of an interface for monitoring Network Security | |||
| Functions (NSFs) in the Interface to Network Security Functions | Functions (NSFs) in the Interface to Network Security Functions | |||
| (I2NSF) framework. If the monitoring of NSFs is performed with the | (I2NSF) framework. If the monitoring of NSFs is performed with the | |||
| NSF monitoring interface in a standard way, it is possible to detect | NSF monitoring interface in a standard way, it is possible to detect | |||
| the indication of malicious activity, anomalous behavior, the | the indication of malicious activity, anomalous behavior, the | |||
| potential sign of denial-of-service attacks, or system overload in a | potential sign of denial-of-service attacks, or system overload in a | |||
| skipping to change at page 1, line 46 ¶ | skipping to change at page 1, line 46 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 23 September 2022. | This Internet-Draft will expire on 15 October 2022. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2022 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| skipping to change at page 3, line 24 ¶ | skipping to change at page 3, line 24 ¶ | |||
| 10.1. I2NSF System Detection Alarm . . . . . . . . . . . . . . 86 | 10.1. I2NSF System Detection Alarm . . . . . . . . . . . . . . 86 | |||
| 10.2. I2NSF Interface Counters . . . . . . . . . . . . . . . . 87 | 10.2. I2NSF Interface Counters . . . . . . . . . . . . . . . . 87 | |||
| 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 88 | 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 88 | |||
| 12. Security Considerations . . . . . . . . . . . . . . . . . . . 89 | 12. Security Considerations . . . . . . . . . . . . . . . . . . . 89 | |||
| 13. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 91 | 13. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 91 | |||
| 14. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 91 | 14. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 91 | |||
| 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 91 | 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 91 | |||
| 15.1. Normative References . . . . . . . . . . . . . . . . . . 92 | 15.1. Normative References . . . . . . . . . . . . . . . . . . 92 | |||
| 15.2. Informative References . . . . . . . . . . . . . . . . . 96 | 15.2. Informative References . . . . . . . . . . . . . . . . . 96 | |||
| Appendix A. Changes from | Appendix A. Changes from | |||
| draft-ietf-i2nsf-nsf-monitoring-data-model-15 . . . . . . 97 | draft-ietf-i2nsf-nsf-monitoring-data-model-16 . . . . . . 97 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 97 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 97 | |||
| 1. Introduction | 1. Introduction | |||
| According to [RFC8329], the interface provided by a Network Security | According to [RFC8329], the interface provided by a Network Security | |||
| Function (NSF) (e.g., Firewall, IPS, or Anti-DDoS function) to enable | Function (NSF) (e.g., Firewall, IPS, or Anti-DDoS function) to enable | |||
| the collection of monitoring information is referred to as an I2NSF | the collection of monitoring information is referred to as an I2NSF | |||
| Monitoring Interface. This interface enables the sharing of vital | Monitoring Interface. This interface enables the sharing of vital | |||
| data from the NSFs (e.g., events, records, and counters) to an NSF | data from the NSFs (e.g., events, records, and counters) to an NSF | |||
| data collector (e.g., Security Controller) through a variety of | data collector (e.g., Security Controller) through a variety of | |||
| skipping to change at page 34, line 28 ¶ | skipping to change at page 34, line 28 ¶ | |||
| identity used in the document gives information or status about the | identity used in the document gives information or status about the | |||
| current situation of an NSF. This YANG module imports from | current situation of an NSF. This YANG module imports from | |||
| [RFC6991], [RFC8343], and [I-D.ietf-i2nsf-nsf-facing-interface-dm], | [RFC6991], [RFC8343], and [I-D.ietf-i2nsf-nsf-facing-interface-dm], | |||
| and makes references to [RFC0768] [RFC0791] [RFC0792] [RFC0826] | and makes references to [RFC0768] [RFC0791] [RFC0792] [RFC0826] | |||
| [RFC0854] [RFC1939] [RFC0959] [RFC2595] [RFC4340] [RFC4443] [RFC4861] | [RFC0854] [RFC1939] [RFC0959] [RFC2595] [RFC4340] [RFC4443] [RFC4861] | |||
| [RFC5321] [RFC5646] [RFC6242] [RFC6265] [RFC8200] [RFC8641] [RFC9051] | [RFC5321] [RFC5646] [RFC6242] [RFC6265] [RFC8200] [RFC8641] [RFC9051] | |||
| [I-D.ietf-httpbis-http2bis] [I-D.ietf-httpbis-messaging] | [I-D.ietf-httpbis-http2bis] [I-D.ietf-httpbis-messaging] | |||
| [I-D.ietf-httpbis-semantics] [I-D.ietf-tcpm-rfc793bis] | [I-D.ietf-httpbis-semantics] [I-D.ietf-tcpm-rfc793bis] | |||
| [I-D.ietf-tsvwg-rfc4960-bis] [IANA-HTTP-Status-Code] [IEEE-802.1AB] | [I-D.ietf-tsvwg-rfc4960-bis] [IANA-HTTP-Status-Code] [IEEE-802.1AB] | |||
| <CODE BEGINS> file "ietf-i2nsf-nsf-monitoring@2022-03-22.yang" | <CODE BEGINS> file "ietf-i2nsf-nsf-monitoring@2022-04-13.yang" | |||
| module ietf-i2nsf-nsf-monitoring { | module ietf-i2nsf-nsf-monitoring { | |||
| yang-version 1.1; | yang-version 1.1; | |||
| namespace | namespace | |||
| "urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring"; | "urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring"; | |||
| prefix | prefix | |||
| nsfmi; | nsfmi; | |||
| import ietf-inet-types { | import ietf-inet-types { | |||
| prefix inet; | prefix inet; | |||
| reference | reference | |||
| "Section 4 of RFC 6991"; | "Section 4 of RFC 6991"; | |||
| skipping to change at page 35, line 35 ¶ | skipping to change at page 35, line 35 ¶ | |||
| 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', | 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', | |||
| 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this | 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this | |||
| document are to be interpreted as described in BCP 14 | document are to be interpreted as described in BCP 14 | |||
| (RFC 2119) (RFC 8174) when, and only when, they appear | (RFC 2119) (RFC 8174) when, and only when, they appear | |||
| in all capitals, as shown here. | in all capitals, as shown here. | |||
| Copyright (c) 2022 IETF Trust and the persons identified as | Copyright (c) 2022 IETF Trust and the persons identified as | |||
| authors of the code. All rights reserved. | authors of the code. All rights reserved. | |||
| Redistribution and use in source and binary forms, with or | Redistribution and use in source and binary forms, with or | |||
| without modification, is permitted pursuant to, and subject to | without modification, is permitted pursuant to, and subject | |||
| the license terms contained in, the Simplified BSD License set | to the license terms contained in, the Revised BSD License | |||
| forth in Section 4.c of the IETF Trust's Legal Provisions | set forth in Section 4.c of the IETF Trust's | |||
| Relating to IETF Documents | Legal Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info). | (https://trustee.ietf.org/license-info). | |||
| This version of this YANG module is part of RFC XXXX | This version of this YANG module is part of RFC XXXX | |||
| (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself | (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself | |||
| for full legal notices."; | for full legal notices."; | |||
| revision "2022-03-22" { | revision "2022-04-13" { | |||
| description "Latest revision"; | description "Latest revision"; | |||
| reference | reference | |||
| "RFC XXXX: I2NSF NSF Monitoring Interface YANG Data Model"; | "RFC XXXX: I2NSF NSF Monitoring Interface YANG Data Model"; | |||
| // RFC Ed.: replace XXXX with an actual RFC number and remove | // RFC Ed.: replace XXXX with an actual RFC number and remove | |||
| // this note. | // this note. | |||
| } | } | |||
| /* | /* | |||
| skipping to change at page 52, line 35 ¶ | skipping to change at page 52, line 35 ¶ | |||
| as the basic information."; | as the basic information."; | |||
| leaf message { | leaf message { | |||
| type string; | type string; | |||
| description | description | |||
| "This is a freetext annotation for | "This is a freetext annotation for | |||
| monitoring a notification's content."; | monitoring a notification's content."; | |||
| } | } | |||
| leaf language { | leaf language { | |||
| type string { | type string { | |||
| pattern '(([A-Za-z]{2,3}(-[A-Za-z]{3}(-[A-Za-z]{3})' | pattern '(([A-Za-z]{2,3}(-[A-Za-z]{3}(-[A-Za-z]{3})' | |||
| + '{,2})?|[A-Za-z]{4}|[A-Za-z]{5,8})(-[A-Za-z]{4})?' | + '{0,2})?|[A-Za-z]{4}|[A-Za-z]{5,8})(-[A-Za-z]{4})?' | |||
| + '(-([A-Za-z]{2}|[0-9]{3}))?(-([A-Za-z0-9]{5,8}' | + '(-([A-Za-z]{2}|[0-9]{3}))?(-([A-Za-z0-9]{5,8}' | |||
| + '|([0-9][A-Za-z0-9]{3})))*(-[0-9A-WY-Za-wy-z]' | + '|([0-9][A-Za-z0-9]{3})))*(-[0-9A-WY-Za-wy-z]' | |||
| + '(-([A-Za-z0-9]{2,8}))+)*(-[Xx](-([A-Za-z0-9]' | + '(-([A-Za-z0-9]{2,8}))+)*(-[Xx](-([A-Za-z0-9]' | |||
| + '{1,8}))+)?|[Xx](-([A-Za-z0-9]{1,8}))+|' | + '{1,8}))+)?|[Xx](-([A-Za-z0-9]{1,8}))+|' | |||
| + '(([Ee][Nn]-[Gg][Bb]-[Oo][Ee][Dd]|[Ii]-' | + '(([Ee][Nn]-[Gg][Bb]-[Oo][Ee][Dd]|[Ii]-' | |||
| + '[Aa][Mm][Ii]|[Ii]-[Bb][Nn][Nn]|[Ii]-' | + '[Aa][Mm][Ii]|[Ii]-[Bb][Nn][Nn]|[Ii]-' | |||
| + '[Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Ii]-' | + '[Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Ii]-' | |||
| + '[Ee][Nn][Oo][Cc][Hh][Ii][Aa][Nn]' | + '[Ee][Nn][Oo][Cc][Hh][Ii][Aa][Nn]' | |||
| + '|[Ii]-[Hh][Aa][Kk]|' | + '|[Ii]-[Hh][Aa][Kk]|' | |||
| + '[Ii]-[Kk][Ll][Ii][Nn][Gg][Oo][Nn]|' | + '[Ii]-[Kk][Ll][Ii][Nn][Gg][Oo][Nn]|' | |||
| skipping to change at page 96, line 8 ¶ | skipping to change at page 96, line 8 ¶ | |||
| [I-D.ietf-httpbis-semantics] | [I-D.ietf-httpbis-semantics] | |||
| Fielding, R. T., Nottingham, M., and J. Reschke, "HTTP | Fielding, R. T., Nottingham, M., and J. Reschke, "HTTP | |||
| Semantics", Work in Progress, Internet-Draft, draft-ietf- | Semantics", Work in Progress, Internet-Draft, draft-ietf- | |||
| httpbis-semantics-19, 12 September 2021, | httpbis-semantics-19, 12 September 2021, | |||
| <https://www.ietf.org/archive/id/draft-ietf-httpbis- | <https://www.ietf.org/archive/id/draft-ietf-httpbis- | |||
| semantics-19.txt>. | semantics-19.txt>. | |||
| [I-D.ietf-i2nsf-capability-data-model] | [I-D.ietf-i2nsf-capability-data-model] | |||
| Hares, S., Jeong, J. (., Kim, J. (., Moskowitz, R., and Q. | Hares, S., Jeong, J. (., Kim, J. (., Moskowitz, R., and Q. | |||
| Lin, "I2NSF Capability YANG Data Model", Work in Progress, | Lin, "I2NSF Capability YANG Data Model", Work in Progress, | |||
| Internet-Draft, draft-ietf-i2nsf-capability-data-model-26, | Internet-Draft, draft-ietf-i2nsf-capability-data-model-29, | |||
| 10 February 2022, <https://www.ietf.org/archive/id/draft- | 25 March 2022, <https://www.ietf.org/archive/id/draft- | |||
| ietf-i2nsf-capability-data-model-26.txt>. | ietf-i2nsf-capability-data-model-29.txt>. | |||
| [I-D.ietf-i2nsf-nsf-facing-interface-dm] | [I-D.ietf-i2nsf-nsf-facing-interface-dm] | |||
| Kim, J. (., Jeong, J. (., Park, J., Hares, S., and Q. Lin, | Kim, J. (., Jeong, J. (., Park, J., Hares, S., and Q. Lin, | |||
| "I2NSF Network Security Function-Facing Interface YANG | "I2NSF Network Security Function-Facing Interface YANG | |||
| Data Model", Work in Progress, Internet-Draft, draft-ietf- | Data Model", Work in Progress, Internet-Draft, draft-ietf- | |||
| i2nsf-nsf-facing-interface-dm-22, 21 March 2022, | i2nsf-nsf-facing-interface-dm-24, 6 April 2022, | |||
| <https://www.ietf.org/archive/id/draft-ietf-i2nsf-nsf- | <https://www.ietf.org/archive/id/draft-ietf-i2nsf-nsf- | |||
| facing-interface-dm-22.txt>. | facing-interface-dm-24.txt>. | |||
| [I-D.ietf-tcpm-rfc793bis] | [I-D.ietf-tcpm-rfc793bis] | |||
| Eddy, W. M., "Transmission Control Protocol (TCP) | Eddy, W. M., "Transmission Control Protocol (TCP) | |||
| Specification", Work in Progress, Internet-Draft, draft- | Specification", Work in Progress, Internet-Draft, draft- | |||
| ietf-tcpm-rfc793bis-28, 7 March 2022, | ietf-tcpm-rfc793bis-28, 7 March 2022, | |||
| <https://www.ietf.org/archive/id/draft-ietf-tcpm- | <https://www.ietf.org/archive/id/draft-ietf-tcpm- | |||
| rfc793bis-28.txt>. | rfc793bis-28.txt>. | |||
| [I-D.ietf-tsvwg-rfc4960-bis] | [I-D.ietf-tsvwg-rfc4960-bis] | |||
| Stewart, R. R., Tüxen, M., and K. E. E. Nielsen, "Stream | Stewart, R. R., Tüxen, M., and K. E. E. Nielsen, "Stream | |||
| skipping to change at page 97, line 14 ¶ | skipping to change at page 97, line 14 ¶ | |||
| [RFC8792] Watsen, K., Auerswald, E., Farrel, A., and Q. Wu, | [RFC8792] Watsen, K., Auerswald, E., Farrel, A., and Q. Wu, | |||
| "Handling Long Lines in Content of Internet-Drafts and | "Handling Long Lines in Content of Internet-Drafts and | |||
| RFCs", RFC 8792, DOI 10.17487/RFC8792, June 2020, | RFCs", RFC 8792, DOI 10.17487/RFC8792, June 2020, | |||
| <https://www.rfc-editor.org/info/rfc8792>. | <https://www.rfc-editor.org/info/rfc8792>. | |||
| [I-D.ietf-i2nsf-consumer-facing-interface-dm] | [I-D.ietf-i2nsf-consumer-facing-interface-dm] | |||
| Jeong, J. (., Chung, C., Ahn, T., Kumar, R., and S. Hares, | Jeong, J. (., Chung, C., Ahn, T., Kumar, R., and S. Hares, | |||
| "I2NSF Consumer-Facing Interface YANG Data Model", Work in | "I2NSF Consumer-Facing Interface YANG Data Model", Work in | |||
| Progress, Internet-Draft, draft-ietf-i2nsf-consumer- | Progress, Internet-Draft, draft-ietf-i2nsf-consumer- | |||
| facing-interface-dm-16, 28 January 2022, | facing-interface-dm-17, 23 March 2022, | |||
| <https://www.ietf.org/archive/id/draft-ietf-i2nsf- | <https://www.ietf.org/archive/id/draft-ietf-i2nsf- | |||
| consumer-facing-interface-dm-16.txt>. | consumer-facing-interface-dm-17.txt>. | |||
| [IANA-HTTP-Status-Code] | [IANA-HTTP-Status-Code] | |||
| Internet Assigned Numbers Authority (IANA), "Hypertext | Internet Assigned Numbers Authority (IANA), "Hypertext | |||
| Transfer Protocol (HTTP) Status Code Registry", September | Transfer Protocol (HTTP) Status Code Registry", September | |||
| 2018, <https://www.iana.org/assignments/http-status-codes/ | 2018, <https://www.iana.org/assignments/http-status-codes/ | |||
| http-status-codes.xhtml>. | http-status-codes.xhtml>. | |||
| [IEEE-802.1AB] | [IEEE-802.1AB] | |||
| Institute of Electrical and Electronics Engineers, "IEEE | Institute of Electrical and Electronics Engineers, "IEEE | |||
| Standard for Local and metropolitan area networks - | Standard for Local and metropolitan area networks - | |||
| Station and Media Access Control Connectivity Discovery", | Station and Media Access Control Connectivity Discovery", | |||
| March 2016, | March 2016, | |||
| <https://ieeexplore.ieee.org/document/7433915>. | <https://ieeexplore.ieee.org/document/7433915>. | |||
| Appendix A. Changes from draft-ietf-i2nsf-nsf-monitoring-data-model-15 | Appendix A. Changes from draft-ietf-i2nsf-nsf-monitoring-data-model-16 | |||
| The following changes are made from draft-ietf-i2nsf-nsf-monitoring- | The following changes are made from draft-ietf-i2nsf-nsf-monitoring- | |||
| data-model-15: | data-model-16: | |||
| * This version is added following Benjamin Kaduk, Francesca | * This version is added following Benjamin Kaduk, Francesca | |||
| Palombini, and Robert Wilton's comments | Palombini, and Robert Wilton's comments | |||
| * This version updated the IETF Trust Copyright statement in the | ||||
| YANG data model. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Jaehoon (Paul) Jeong (editor) | Jaehoon (Paul) Jeong (editor) | |||
| Department of Computer Science and Engineering | Department of Computer Science and Engineering | |||
| Sungkyunkwan University | Sungkyunkwan University | |||
| 2066 Seobu-Ro, Jangan-Gu | 2066 Seobu-Ro, Jangan-Gu | |||
| Suwon | Suwon | |||
| Gyeonggi-Do | Gyeonggi-Do | |||
| 16419 | 16419 | |||
| Republic of Korea | Republic of Korea | |||
| End of changes. 17 change blocks. | ||||
| 21 lines changed or deleted | 24 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||