idnits 2.17.1 

draft-waltermire-panic-scope-02.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

     No issues found here.

  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the IETF Trust and authors Copyright Line does not
     match the current year

  == The document doesn't use any RFC 2119 keywords, yet seems to have RFC
     2119 boilerplate text.

  -- The document date (June 25, 2017) is 2491 days in the past.  Is this
     intentional?


  Checking references for intended status: Informational
  ----------------------------------------------------------------------------

     No issues found here.

     Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.
--------------------------------------------------------------------------------


2	Internet Engineering Task Force                            D. Waltermire
3	Internet-Draft                                                      NIST
4	Intended status: Informational                       J. Fitzgerald-McKay
5	Expires: December 27, 2017                         Department of Defense
6	                                                           June 25, 2017

8	  Posture Assessment Through Posture Information Collection Discussion
9	                                 Scope
10	                    draft-waltermire-panic-scope-02

12	Abstract

14	   This document defines an intended discussion scope for the non-
15	   working group posture assessment through network information
16	   collection (PANIC) non-WG discussion list.

18	Status of This Memo

20	   This Internet-Draft is submitted in full conformance with the
21	   provisions of BCP 78 and BCP 79.

23	   Internet-Drafts are working documents of the Internet Engineering
24	   Task Force (IETF).  Note that other groups may also distribute
25	   working documents as Internet-Drafts.  The list of current Internet-
26	   Drafts is at http://datatracker.ietf.org/drafts/current/.

28	   Internet-Drafts are draft documents valid for a maximum of six months
29	   and may be updated, replaced, or obsoleted by other documents at any
30	   time.  It is inappropriate to use Internet-Drafts as reference
31	   material or to cite them other than as "work in progress."

33	   This Internet-Draft will expire on December 27, 2017.

35	Copyright Notice

37	   Copyright (c) 2017 IETF Trust and the persons identified as the
38	   document authors.  All rights reserved.

40	   This document is subject to BCP 78 and the IETF Trust's Legal
41	   Provisions Relating to IETF Documents
42	   (http://trustee.ietf.org/license-info) in effect on the date of
43	   publication of this document.  Please review these documents
44	   carefully, as they describe your rights and restrictions with respect
45	   to this document.  Code Components extracted from this document must
46	   include Simplified BSD License text as described in Section 4.e of
47	   the Trust Legal Provisions and are provided without warranty as
48	   described in the Simplified BSD License.

50	Table of Contents

52	   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
53	   2.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   2
54	   3.  Components  . . . . . . . . . . . . . . . . . . . . . . . . .   2
55	   4.  PANIC Solution Requirements . . . . . . . . . . . . . . . . .   3
56	   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   4
57	   6.  Security Considerations . . . . . . . . . . . . . . . . . . .   4
58	   7.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   5
59	     7.1.  Normative References  . . . . . . . . . . . . . . . . . .   5
60	     7.2.  Informative References  . . . . . . . . . . . . . . . . .   5
61	   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   5

63	1.  Introduction

65	   Network operators need to know what is connected to their
66	   organization's networks so that they can properly manage those
67	   network elements.  Managing these network elements, consisting of
68	   physical and virtual network infrastructure devices, requires access
69	   to information pertaining to these endpoint devices, including
70	   endpoint identity, the identity of software installed on the
71	   endpoint, and the configuration settings for the installed software.
72	   This information can be collected from different classes of endpoints
73	   over different protocols and using different data models.  PANIC will
74	   identify a standardized solution to collect posture information for
75	   network devices, and allow that information to be shared with
76	   authorized users and devices on the network supporting security
77	   automation.  PANIC aims to reuse available standards for posture
78	   assessment where possible.  In particular, PANIC will leverage
79	   NETCONF [RFC6241]", extending the YANG [RFC6020] data model as
80	   necessary to meet PANIC requirements.  The PANIC effort will avoid
81	   redefining information exchange technologies for use cases that have
82	   already been defined.

84	2.  Terminology

86	   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
87	   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
88	   document are to be interpreted as described in RFC 2119 [RFC2119].

90	3.  Components

92	   The solution will consist of the following components:

94	   Network Device:  Endpoints such as routers, switches, firewalls.
95	      Virtualized network functions are currently considered in scope.

97	   Posture Server:  Collects information from the network device.
98	      Receives information via pushes, and requests information via
99	      pulls.

101	   Data Repository:  Stores the information collected by the posture
102	      server from the network device.

104	                             PANIC components

106	                 ------------
107	                 | Network  |----------
108	                 |  Device  |         |
109	                 ------------   ------------
110	                                | Posture  |    ________
111	                                |  Server  |---/        \
112	                 ------------   ------------   |  Data  |
113	                 | Network  |         |        | Store  |
114	                 |  Device  |----------        \________/
115	                 ------------

117	                                 Figure 1

119	4.  PANIC Solution Requirements

121	   The solution will meet the following requirements:

123	   Information Requirements for Network Device Management:  PANIC will
124	      identify a minimal set of information necessary to manage network
125	      devices and to support network security functions including
126	      configuration and vulnerability management.  Additional
127	      information may also be used through extension mechanisms
128	      identified by PANIC.

130	   Authorized Posture Server Discovery:  Network devices will be able to
131	      identify the posture servers with which they are authorized to
132	      communicate.  PANIC will identify requirements in support of a
133	      Posture Server discovery capability.

135	   Data Push Functionality:  Network devices will push information to an
136	      authorized Posture Server.  Data pushes will be event driven.
137	      PANIC will identify what data should be pushed from the network
138	      device, and what events will trigger a push.  Data pushes from
139	      Posture Server to Network Device (for example, pushing new
140	      configurations to a network device) are out of scope for PANIC.

142	   Data Pull Functionality:  A Posture Server will pull information from
143	      a network device.  Data pulls will be driven by requests to the
144	      server.  PANIC will identify what data should be pulled from the
145	      network device, and how requests for the server to pull will be
146	      made.

148	   Secure Transport of Data:  Data between the network device and the
149	      Posture Server will be protected in transit by a protocol that
150	      provides authorization and authentication.  PANIC will identify
151	      the protocols that can be used for transport of posture
152	      information.

154	   Secure Storage of Data:  Network device data reported to a posture
155	      server will be stored in a data repository.  This data can be used
156	      to support numerous security functions on the network; therefore,
157	      this repository should be accessible by (and only by) authorized
158	      users and devices.  PANIC will identify requirements for a
159	      centralized data repository, including requirements for a secure
160	      interface between between a Posture Server and a Data Repository.

162	   Standardized Data Model:  Network device data will be expressed in a
163	      standardized data model that enables use and reuse of the data.
164	      PANIC will identify available data models for the expression of
165	      required information and the models used for a given exchange of
166	      posture.

168	   Note: Use of [RFC2119] text is omitted at this point.  More
169	   discussion is needed around these requirements.

171	5.  IANA Considerations

173	   This memo includes no request to IANA.

175	6.  Security Considerations

177	   The solution described by this document provides a mechanism to
178	   gather network device posture into a centralized datastore.
179	   Discussion is needed here about:

181	      The need to protect such an information collection from
182	      unauthorized access or disclosure

184	      Privacy considerations around how the endpoint devices is
185	      identified when posture is gathered

187	      The threat introduced to the network elements by the posture
188	      information collection.  There should be protections implemented
189	      to prevent the element from being vulnerable to DoS attacks by
190	      frequent polling or pushing of posture data.

192	7.  References

194	7.1.  Normative References

196	   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
197	              Requirement Levels", BCP 14, RFC 2119,
198	              DOI 10.17487/RFC2119, March 1997,
199	              <http://www.rfc-editor.org/info/rfc2119>.

201	7.2.  Informative References

203	   [RFC6020]  Bjorklund, M., Ed., "YANG - A Data Modeling Language for
204	              the Network Configuration Protocol (NETCONF)", RFC 6020,
205	              DOI 10.17487/RFC6020, October 2010,
206	              <http://www.rfc-editor.org/info/rfc6020>.

208	   [RFC6241]  Enns, R., Ed., Bjorklund, M., Ed., Schoenwaelder, J., Ed.,
209	              and A. Bierman, Ed., "Network Configuration Protocol
210	              (NETCONF)", RFC 6241, DOI 10.17487/RFC6241, June 2011,
211	              <http://www.rfc-editor.org/info/rfc6241>.

213	Authors' Addresses

215	   David Waltermire
216	   National Institute of Standards and Technology
217	   100 Bureau Drive
218	   Gaithersburg, Maryland  20877
219	   USA

221	   Email: david.waltermire@nist.gov

223	   Jessica Fitzgerald-McKay
224	   Department of Defense
225	   9800 Savage Road
226	   Ft. Meade, Maryland
227	   USA

229	   Email: jmfitz2@nsa.gov