draft-ietf-i2nsf-nsf-monitoring-data-model-16.txt   draft-ietf-i2nsf-nsf-monitoring-data-model-17.txt 
Network Working Group J. Jeong, Ed. Network Working Group J. Jeong, Ed.
Internet-Draft P. Lingga Internet-Draft P. Lingga
Intended status: Standards Track Sungkyunkwan University Intended status: Standards Track Sungkyunkwan University
Expires: 23 September 2022 S. Hares Expires: 15 October 2022 S. Hares
L. Xia L. Xia
Huawei Huawei
H. Birkholz H. Birkholz
Fraunhofer SIT Fraunhofer SIT
22 March 2022 13 April 2022
I2NSF NSF Monitoring Interface YANG Data Model I2NSF NSF Monitoring Interface YANG Data Model
draft-ietf-i2nsf-nsf-monitoring-data-model-16 draft-ietf-i2nsf-nsf-monitoring-data-model-17
Abstract Abstract
This document proposes an information model and the corresponding This document proposes an information model and the corresponding
YANG data model of an interface for monitoring Network Security YANG data model of an interface for monitoring Network Security
Functions (NSFs) in the Interface to Network Security Functions Functions (NSFs) in the Interface to Network Security Functions
(I2NSF) framework. If the monitoring of NSFs is performed with the (I2NSF) framework. If the monitoring of NSFs is performed with the
NSF monitoring interface in a standard way, it is possible to detect NSF monitoring interface in a standard way, it is possible to detect
the indication of malicious activity, anomalous behavior, the the indication of malicious activity, anomalous behavior, the
potential sign of denial-of-service attacks, or system overload in a potential sign of denial-of-service attacks, or system overload in a
skipping to change at page 1, line 46 skipping to change at page 1, line 46
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 23 September 2022. This Internet-Draft will expire on 15 October 2022.
Copyright Notice Copyright Notice
Copyright (c) 2022 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 3, line 24 skipping to change at page 3, line 24
10.1. I2NSF System Detection Alarm . . . . . . . . . . . . . . 86 10.1. I2NSF System Detection Alarm . . . . . . . . . . . . . . 86
10.2. I2NSF Interface Counters . . . . . . . . . . . . . . . . 87 10.2. I2NSF Interface Counters . . . . . . . . . . . . . . . . 87
11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 88 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 88
12. Security Considerations . . . . . . . . . . . . . . . . . . . 89 12. Security Considerations . . . . . . . . . . . . . . . . . . . 89
13. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 91 13. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 91
14. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 91 14. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 91
15. References . . . . . . . . . . . . . . . . . . . . . . . . . 91 15. References . . . . . . . . . . . . . . . . . . . . . . . . . 91
15.1. Normative References . . . . . . . . . . . . . . . . . . 92 15.1. Normative References . . . . . . . . . . . . . . . . . . 92
15.2. Informative References . . . . . . . . . . . . . . . . . 96 15.2. Informative References . . . . . . . . . . . . . . . . . 96
Appendix A. Changes from Appendix A. Changes from
draft-ietf-i2nsf-nsf-monitoring-data-model-15 . . . . . . 97 draft-ietf-i2nsf-nsf-monitoring-data-model-16 . . . . . . 97
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 97 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 97
1. Introduction 1. Introduction
According to [RFC8329], the interface provided by a Network Security According to [RFC8329], the interface provided by a Network Security
Function (NSF) (e.g., Firewall, IPS, or Anti-DDoS function) to enable Function (NSF) (e.g., Firewall, IPS, or Anti-DDoS function) to enable
the collection of monitoring information is referred to as an I2NSF the collection of monitoring information is referred to as an I2NSF
Monitoring Interface. This interface enables the sharing of vital Monitoring Interface. This interface enables the sharing of vital
data from the NSFs (e.g., events, records, and counters) to an NSF data from the NSFs (e.g., events, records, and counters) to an NSF
data collector (e.g., Security Controller) through a variety of data collector (e.g., Security Controller) through a variety of
skipping to change at page 34, line 28 skipping to change at page 34, line 28
identity used in the document gives information or status about the identity used in the document gives information or status about the
current situation of an NSF. This YANG module imports from current situation of an NSF. This YANG module imports from
[RFC6991], [RFC8343], and [I-D.ietf-i2nsf-nsf-facing-interface-dm], [RFC6991], [RFC8343], and [I-D.ietf-i2nsf-nsf-facing-interface-dm],
and makes references to [RFC0768] [RFC0791] [RFC0792] [RFC0826] and makes references to [RFC0768] [RFC0791] [RFC0792] [RFC0826]
[RFC0854] [RFC1939] [RFC0959] [RFC2595] [RFC4340] [RFC4443] [RFC4861] [RFC0854] [RFC1939] [RFC0959] [RFC2595] [RFC4340] [RFC4443] [RFC4861]
[RFC5321] [RFC5646] [RFC6242] [RFC6265] [RFC8200] [RFC8641] [RFC9051] [RFC5321] [RFC5646] [RFC6242] [RFC6265] [RFC8200] [RFC8641] [RFC9051]
[I-D.ietf-httpbis-http2bis] [I-D.ietf-httpbis-messaging] [I-D.ietf-httpbis-http2bis] [I-D.ietf-httpbis-messaging]
[I-D.ietf-httpbis-semantics] [I-D.ietf-tcpm-rfc793bis] [I-D.ietf-httpbis-semantics] [I-D.ietf-tcpm-rfc793bis]
[I-D.ietf-tsvwg-rfc4960-bis] [IANA-HTTP-Status-Code] [IEEE-802.1AB] [I-D.ietf-tsvwg-rfc4960-bis] [IANA-HTTP-Status-Code] [IEEE-802.1AB]
<CODE BEGINS> file "ietf-i2nsf-nsf-monitoring@2022-03-22.yang" <CODE BEGINS> file "ietf-i2nsf-nsf-monitoring@2022-04-13.yang"
module ietf-i2nsf-nsf-monitoring { module ietf-i2nsf-nsf-monitoring {
yang-version 1.1; yang-version 1.1;
namespace namespace
"urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring"; "urn:ietf:params:xml:ns:yang:ietf-i2nsf-nsf-monitoring";
prefix prefix
nsfmi; nsfmi;
import ietf-inet-types { import ietf-inet-types {
prefix inet; prefix inet;
reference reference
"Section 4 of RFC 6991"; "Section 4 of RFC 6991";
skipping to change at page 35, line 35 skipping to change at page 35, line 35
'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED', 'SHALL NOT', 'SHOULD', 'SHOULD NOT', 'RECOMMENDED',
'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this 'NOT RECOMMENDED', 'MAY', and 'OPTIONAL' in this
document are to be interpreted as described in BCP 14 document are to be interpreted as described in BCP 14
(RFC 2119) (RFC 8174) when, and only when, they appear (RFC 2119) (RFC 8174) when, and only when, they appear
in all capitals, as shown here. in all capitals, as shown here.
Copyright (c) 2022 IETF Trust and the persons identified as Copyright (c) 2022 IETF Trust and the persons identified as
authors of the code. All rights reserved. authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject to without modification, is permitted pursuant to, and subject
the license terms contained in, the Simplified BSD License set to the license terms contained in, the Revised BSD License
forth in Section 4.c of the IETF Trust's Legal Provisions set forth in Section 4.c of the IETF Trust's
Relating to IETF Documents Legal Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info). (https://trustee.ietf.org/license-info).
This version of this YANG module is part of RFC XXXX This version of this YANG module is part of RFC XXXX
(https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself (https://www.rfc-editor.org/info/rfcXXXX); see the RFC itself
for full legal notices."; for full legal notices.";
revision "2022-03-22" { revision "2022-04-13" {
description "Latest revision"; description "Latest revision";
reference reference
"RFC XXXX: I2NSF NSF Monitoring Interface YANG Data Model"; "RFC XXXX: I2NSF NSF Monitoring Interface YANG Data Model";
// RFC Ed.: replace XXXX with an actual RFC number and remove // RFC Ed.: replace XXXX with an actual RFC number and remove
// this note. // this note.
} }
/* /*
skipping to change at page 52, line 35 skipping to change at page 52, line 35
as the basic information."; as the basic information.";
leaf message { leaf message {
type string; type string;
description description
"This is a freetext annotation for "This is a freetext annotation for
monitoring a notification's content."; monitoring a notification's content.";
} }
leaf language { leaf language {
type string { type string {
pattern '(([A-Za-z]{2,3}(-[A-Za-z]{3}(-[A-Za-z]{3})' pattern '(([A-Za-z]{2,3}(-[A-Za-z]{3}(-[A-Za-z]{3})'
+ '{,2})?|[A-Za-z]{4}|[A-Za-z]{5,8})(-[A-Za-z]{4})?' + '{0,2})?|[A-Za-z]{4}|[A-Za-z]{5,8})(-[A-Za-z]{4})?'
+ '(-([A-Za-z]{2}|[0-9]{3}))?(-([A-Za-z0-9]{5,8}' + '(-([A-Za-z]{2}|[0-9]{3}))?(-([A-Za-z0-9]{5,8}'
+ '|([0-9][A-Za-z0-9]{3})))*(-[0-9A-WY-Za-wy-z]' + '|([0-9][A-Za-z0-9]{3})))*(-[0-9A-WY-Za-wy-z]'
+ '(-([A-Za-z0-9]{2,8}))+)*(-[Xx](-([A-Za-z0-9]' + '(-([A-Za-z0-9]{2,8}))+)*(-[Xx](-([A-Za-z0-9]'
+ '{1,8}))+)?|[Xx](-([A-Za-z0-9]{1,8}))+|' + '{1,8}))+)?|[Xx](-([A-Za-z0-9]{1,8}))+|'
+ '(([Ee][Nn]-[Gg][Bb]-[Oo][Ee][Dd]|[Ii]-' + '(([Ee][Nn]-[Gg][Bb]-[Oo][Ee][Dd]|[Ii]-'
+ '[Aa][Mm][Ii]|[Ii]-[Bb][Nn][Nn]|[Ii]-' + '[Aa][Mm][Ii]|[Ii]-[Bb][Nn][Nn]|[Ii]-'
+ '[Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Ii]-' + '[Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Ii]-'
+ '[Ee][Nn][Oo][Cc][Hh][Ii][Aa][Nn]' + '[Ee][Nn][Oo][Cc][Hh][Ii][Aa][Nn]'
+ '|[Ii]-[Hh][Aa][Kk]|' + '|[Ii]-[Hh][Aa][Kk]|'
+ '[Ii]-[Kk][Ll][Ii][Nn][Gg][Oo][Nn]|' + '[Ii]-[Kk][Ll][Ii][Nn][Gg][Oo][Nn]|'
skipping to change at page 96, line 8 skipping to change at page 96, line 8
[I-D.ietf-httpbis-semantics] [I-D.ietf-httpbis-semantics]
Fielding, R. T., Nottingham, M., and J. Reschke, "HTTP Fielding, R. T., Nottingham, M., and J. Reschke, "HTTP
Semantics", Work in Progress, Internet-Draft, draft-ietf- Semantics", Work in Progress, Internet-Draft, draft-ietf-
httpbis-semantics-19, 12 September 2021, httpbis-semantics-19, 12 September 2021,
<https://www.ietf.org/archive/id/draft-ietf-httpbis- <https://www.ietf.org/archive/id/draft-ietf-httpbis-
semantics-19.txt>. semantics-19.txt>.
[I-D.ietf-i2nsf-capability-data-model] [I-D.ietf-i2nsf-capability-data-model]
Hares, S., Jeong, J. (., Kim, J. (., Moskowitz, R., and Q. Hares, S., Jeong, J. (., Kim, J. (., Moskowitz, R., and Q.
Lin, "I2NSF Capability YANG Data Model", Work in Progress, Lin, "I2NSF Capability YANG Data Model", Work in Progress,
Internet-Draft, draft-ietf-i2nsf-capability-data-model-26, Internet-Draft, draft-ietf-i2nsf-capability-data-model-29,
10 February 2022, <https://www.ietf.org/archive/id/draft- 25 March 2022, <https://www.ietf.org/archive/id/draft-
ietf-i2nsf-capability-data-model-26.txt>. ietf-i2nsf-capability-data-model-29.txt>.
[I-D.ietf-i2nsf-nsf-facing-interface-dm] [I-D.ietf-i2nsf-nsf-facing-interface-dm]
Kim, J. (., Jeong, J. (., Park, J., Hares, S., and Q. Lin, Kim, J. (., Jeong, J. (., Park, J., Hares, S., and Q. Lin,
"I2NSF Network Security Function-Facing Interface YANG "I2NSF Network Security Function-Facing Interface YANG
Data Model", Work in Progress, Internet-Draft, draft-ietf- Data Model", Work in Progress, Internet-Draft, draft-ietf-
i2nsf-nsf-facing-interface-dm-22, 21 March 2022, i2nsf-nsf-facing-interface-dm-24, 6 April 2022,
<https://www.ietf.org/archive/id/draft-ietf-i2nsf-nsf- <https://www.ietf.org/archive/id/draft-ietf-i2nsf-nsf-
facing-interface-dm-22.txt>. facing-interface-dm-24.txt>.
[I-D.ietf-tcpm-rfc793bis] [I-D.ietf-tcpm-rfc793bis]
Eddy, W. M., "Transmission Control Protocol (TCP) Eddy, W. M., "Transmission Control Protocol (TCP)
Specification", Work in Progress, Internet-Draft, draft- Specification", Work in Progress, Internet-Draft, draft-
ietf-tcpm-rfc793bis-28, 7 March 2022, ietf-tcpm-rfc793bis-28, 7 March 2022,
<https://www.ietf.org/archive/id/draft-ietf-tcpm- <https://www.ietf.org/archive/id/draft-ietf-tcpm-
rfc793bis-28.txt>. rfc793bis-28.txt>.
[I-D.ietf-tsvwg-rfc4960-bis] [I-D.ietf-tsvwg-rfc4960-bis]
Stewart, R. R., Tüxen, M., and K. E. E. Nielsen, "Stream Stewart, R. R., Tüxen, M., and K. E. E. Nielsen, "Stream
skipping to change at page 97, line 14 skipping to change at page 97, line 14
[RFC8792] Watsen, K., Auerswald, E., Farrel, A., and Q. Wu, [RFC8792] Watsen, K., Auerswald, E., Farrel, A., and Q. Wu,
"Handling Long Lines in Content of Internet-Drafts and "Handling Long Lines in Content of Internet-Drafts and
RFCs", RFC 8792, DOI 10.17487/RFC8792, June 2020, RFCs", RFC 8792, DOI 10.17487/RFC8792, June 2020,
<https://www.rfc-editor.org/info/rfc8792>. <https://www.rfc-editor.org/info/rfc8792>.
[I-D.ietf-i2nsf-consumer-facing-interface-dm] [I-D.ietf-i2nsf-consumer-facing-interface-dm]
Jeong, J. (., Chung, C., Ahn, T., Kumar, R., and S. Hares, Jeong, J. (., Chung, C., Ahn, T., Kumar, R., and S. Hares,
"I2NSF Consumer-Facing Interface YANG Data Model", Work in "I2NSF Consumer-Facing Interface YANG Data Model", Work in
Progress, Internet-Draft, draft-ietf-i2nsf-consumer- Progress, Internet-Draft, draft-ietf-i2nsf-consumer-
facing-interface-dm-16, 28 January 2022, facing-interface-dm-17, 23 March 2022,
<https://www.ietf.org/archive/id/draft-ietf-i2nsf- <https://www.ietf.org/archive/id/draft-ietf-i2nsf-
consumer-facing-interface-dm-16.txt>. consumer-facing-interface-dm-17.txt>.
[IANA-HTTP-Status-Code] [IANA-HTTP-Status-Code]
Internet Assigned Numbers Authority (IANA), "Hypertext Internet Assigned Numbers Authority (IANA), "Hypertext
Transfer Protocol (HTTP) Status Code Registry", September Transfer Protocol (HTTP) Status Code Registry", September
2018, <https://www.iana.org/assignments/http-status-codes/ 2018, <https://www.iana.org/assignments/http-status-codes/
http-status-codes.xhtml>. http-status-codes.xhtml>.
[IEEE-802.1AB] [IEEE-802.1AB]
Institute of Electrical and Electronics Engineers, "IEEE Institute of Electrical and Electronics Engineers, "IEEE
Standard for Local and metropolitan area networks - Standard for Local and metropolitan area networks -
Station and Media Access Control Connectivity Discovery", Station and Media Access Control Connectivity Discovery",
March 2016, March 2016,
<https://ieeexplore.ieee.org/document/7433915>. <https://ieeexplore.ieee.org/document/7433915>.
Appendix A. Changes from draft-ietf-i2nsf-nsf-monitoring-data-model-15 Appendix A. Changes from draft-ietf-i2nsf-nsf-monitoring-data-model-16
The following changes are made from draft-ietf-i2nsf-nsf-monitoring- The following changes are made from draft-ietf-i2nsf-nsf-monitoring-
data-model-15: data-model-16:
* This version is added following Benjamin Kaduk, Francesca * This version is added following Benjamin Kaduk, Francesca
Palombini, and Robert Wilton's comments Palombini, and Robert Wilton's comments
* This version updated the IETF Trust Copyright statement in the
YANG data model.
Authors' Addresses Authors' Addresses
Jaehoon (Paul) Jeong (editor) Jaehoon (Paul) Jeong (editor)
Department of Computer Science and Engineering Department of Computer Science and Engineering
Sungkyunkwan University Sungkyunkwan University
2066 Seobu-Ro, Jangan-Gu 2066 Seobu-Ro, Jangan-Gu
Suwon Suwon
Gyeonggi-Do Gyeonggi-Do
16419 16419
Republic of Korea Republic of Korea
 End of changes. 17 change blocks. 
21 lines changed or deleted 24 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/