Protecting The Router Control Plane draft-ietf-opsec-protect-control-plane-01 David Dugal Carlos Pignataro Rodney Dunn Presented by Andrew Yourtchenko.

Slides:



Advertisements
Similar presentations
Security Assessment of the Internet Protocol version 4 (IPv4) draft-ietf-opsec-ip-security Fernando Gont project carried out on behalf of UK CPNI 76th.
Advertisements

NAT64 Operational Experiences draft-chen-v6ops-nat64-experience-03 IETF 84- Vancouver, Aug 2012 Gang Chen China Mobile Zhen Cao China Mobile Cameron Byrne.
Status of L3 PPVPN Working Group Documents Ross Callon Ron Bonica Rick Wilder.
1 Behcet Sarikaya Frank Xia July 2010 Flexible DHCPv6 Prefix Delegation in Mobile Networks IETF 78
IETF NEA WG (NEA = Network Endpoint Assessment) Chairs:Steve Hanna, Susan Thomson,
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
Certificate Path Building draft-ietf-pkix-certpathbuild-01.txt Peter Hesse Matt Cooper Yuriy Dzambasow Susan Joseph Richard Nicholas.
Draft-ietf-sfc-architecture Prepared by Carlos Pignataro and Joel Halpern.
Common Log Format (CLF) DISPATCH ad hoc – IETF 75 Spencer Dawkins Theo Zourzouvillys
A Framework for Management and Control of Optical Interfaces supporting G draft-kunze-g management-control-framework-02 March rd IETF.
IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: MIIS and Its Higher Layer Transport Requirements: Ad hoc Update and Discussion on.
Multicast Distribution Tree Extensions for IS-IS draft-yong-isis-ext-4-distribution-tree-02 Lucy Yong Donald Eastlake Andrew Qu July
Mtrace Version 2: Traceroute Facility for IP Multicast draft-ietf-mboned-mtrace-v2-07 Hitoshi Asaeda Tatsuya Jinmei Bill Fenner Steve Casner 78 th IETF,
BGP operations and security draft-jdurand-bgp-security-02.txt Jerome Durand Gert Doering Ivan Pepelnjak.
1 Behcet Sarikaya Frank Xia Ted Lemon July 2011 DHCPv6 Prefix Delegation as IPv6 Migration Tool in Mobile Networks IETF 81
1 DHCP Authentication Discussion INTAREA meeting, 70th IETF Vancouver, Canada Jari Arkko and Ralph Droms.
Softwire IETF 84. Preparation Blue sheet Note taker? Jabber room? …
Mary Barnes (WG co-chair) Cullen Jennings (WG co-chair) DISPATCH WG IETF 89.
TSVWG IETF-76 (Hiroshima) James Polk Gorry Fairhurst With an assist for this meeting from **Magnus Westerlund**
OPSREA Open Meeting Area Directors: Dan Romascanu and Ron Bonica Monday, July 26, 2010 Afternoon Session 2, 15:20– 17:20, Brussels Room Discussion list.
Business Writing Thomas Tasker English Language Fellow Program
Enterprise IPv6 Transition Analysis IETF 62 IPv6 Operations Working Group March 7-11, 2005 Minneapolis, MN Presenter Jim Bound Jim Bound (Editor), Yanick.
Device Reset Characterization draft-ietf-bmwg-reset-02 Rajiv Asati Carlos Pignataro Fernando Calabria Cesar Olvera Presented by Andrew.
Benchmarking Methodology WG (bmwg) 61st IETF – Washington, D.C. Thursday, November 11, 2004, Chairs: –Kevin Dubray –Al.
Managing the Use of Privacy Extensions for SLAAC in IPv6 (draft-gont-6man-managing-privacy- extensions-01.txt) Fernando Gont (UTN/FRH) Ron Broersma (DREN)
Status of L3 PPVPN Working Group Documents March 2005 – Minneapolis IETF Ross Callon Ron Bonica Rick Wilder.
Support of fragmentation of RADIUS packets in authorization exchanges draft-perez-radext-radius-fragmentation IETF87 – RADEXT Diego R. Lopez - Telefónica.
Audio/Video Transport Core Maintenance Working Group Magnus Westerlund Roni Even Jabber room:
LISP Architecture Document(s) LISP WG IETF 84 July 30th, 2012 Vince Fuller / Noel Chiappa.
Interface to The Internet Routing System (IRS) draft-atlas-irs-problem-statement-00 draft-ward-irs-framework-00 Alia Atlas Thomas Nadeau David Ward IETF.
July 28, 2010IETF 78 – Maastricht, Netherlands1 IP Multicast Performance Monitoring: update on IPPM experience Vero Zheng Alberto Tempia Bonda.
Service Function Chaining (SFC) IETF 89 London WG Chairs: Jim Guichard Thomas Narten
MEXT Deliverable status IETF 71. Deliverables (I) Dec 2007Submit I-D 'Mobile IPv6 Dual-Stack Operation' to IESG –draft-ietf-mip6-nemo-v4traversal-06 –WGLC.
P2PSIP WG IETF 87 P2PSIP WG Agenda & Status Thursday, August 1 st, 2013 Brian Rosen, Carlos J. Bernardos.
RADEXT WG IETF 81 Agenda July 25, Please join the Jabber room:
Balanced Security for IPv6 CPE draft-ietf-v6ops-balanced-ipv6-security-01 IETF89 London M. Gysi, G. Leclanche, E. Vyncke, R. Anfinsen.
Requirements for Internet Traffic Engineering Measurement IETF’58 TEWG Meeting Minneapolis, November 13, 2003 Wai Sum Lai, Richard Tibbs, Steven Van den.
Joint CCAMP, L2VPN, MPLS & PWE3 meeting on MPLS-TP Dublin
Gap Analysis for Operating IPv6- only MPLS Networks draft-george-mpls-ipv6-only-gap-01 Wes George (operator asking for it) Carlos Pignataro, Rajiv Asati.
/ Jonne Soininen v6ops-3GPP Design Team IETF#55, v6ops wg Atlanta, USA Jonne Soininen / Juha Wiljakka
1 Authors: Scott Poretsky, Reef Point Systems Shankar Rao, Qwest Communications 64th IETF Meeting – Vancouver Accelerated Stress Benchmarking draft-ietf-bmwg-acc-bench-term-07.txt.
IETF 69, July 2007Slide 1 Preferential Forwarding Status bit Definition draft-muley-dutta-pwe3-redundancy-bit-01.txt Praveen Muley, Pranjal K. Dutta, Mustapha.
IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: IETF Liaison Report Date Submitted: September 16, 2010 Presented at IEEE session.
IDR WG Document Status Update Sue Hares, Yakov Rekhter November 2005.
Draft-atlas-icmp-unnumbered-06: Extending ICMP for Interface and Next-hop Identification Alia Atlas, Ron Bonica, JR Rivers, Naiming Shen, Enke Chen IETF.
Draft-ietf-v6ops-ipsec-tunnels-03 Using IPsec to Secure IPv6-in-IPv4 Tunnels draft-ietf-v6ops-ipsec-tunnels-03 Richard Graveman Mohan Parthasarathy Pekka.
IETF 80: NETEXT Working Group – Logical Interface Support for IP Hosts 1 Logical Interface Support for IP Hosts Telemaco Melia, Sri Gundavelli, Carlos.
PANA in DSL networks draft-morand-pana-panaoverdsl-00.txt Lionel Morand Roberta Maglione John Kaippallimalil Alper Yegin IETF-67, San Diego.
IPv6 Transition/Co-existence Security Considerations draft-ietf-v6ops-security-overview-04.txt Elwyn Davies Suresh Krishnan Pekka Savola IETF-66, Montreal,
1 Benchmarking Methodology WG (bmwg) 78th IETF Thursday, July 29, 2010, CET (GMT – 0:00, due to DST in Europe) Chairs: –Al Morton
Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.
1 Security Framework for MPLS and GMPLS Networks draft-mpls-mpls-gmpls-security-framework-03.txt Luyuan Fang Michael Behringer Ross Callon Jean-Luis Le.
Pseudowire And LDP-enabled Services (PALS) WG Status IETF-92 Dallas Co-Chairs: Stewart Bryant and Andy Malis
Source Packet Routing in Networking WG (spring) IETF 89 – London Chairs: John Scudder Alvaro Retana
Mary Barnes (WG co-chair) Cullen Jennings (WG co-chair) DISPATCH WG IETF-86.
1 IGP Data Plane Convergence draft-ietf-bmwg-igp-dataplane-conv-meth-21 draft-ietf-bmwg-igp-dataplane-conv-term-21 BMWG, IETF-78 Maastricht, July 2010.
Authors: Scott Poretsky, Quarry Technologies Brent Imhoff, LightCore
SNMP usage for PAA-EP PANA wg - IETF 63 Paris
Gunter Van de Velde Kiran Kumar Chitimaneni Warren Kumari
IETF 78th Maastricht, Netherlands, July 2010
Pseudowire And LDP-enabled Services (PALS) WG Status IETF-93 Prague
Distributed Mobility Management Working Group
A Research Companion to Principles and Standards
IEEE MEDIA INDEPENDENT HANDOVER DCN: bcast
draft-ali-spring-srv6-oam-02.txt SRv6 OAM
BIER WG IETF 105 Montreal, Canada 24 July 2019.
Distributed Mobility Management Working Group
Update for “Multicast Considerations over IEEE 802 Wireless Media”
Update for “Multicast Considerations over IEEE 802 Wireless Media”
draft-ietf-pim-drlb-08
Presentation transcript:

Protecting The Router Control Plane draft-ietf-opsec-protect-control-plane-01 David Dugal Carlos Pignataro Rodney Dunn Presented by Andrew Yourtchenko IETF 78, July 2010, Maastricht, Netherlands

Motivation  Driver:  Author an OPSEC WG document that recommends, and demonstrates through example, a mechanism to protect the router control plane.  Focus Area:  Protecting a critical and precious resource: The Router Control Plane  Intended Status:  Informational Router Control Plane Protection Control Plane Forwarding Plane

Document Approach  Introduction  Explain the concept of router control plane router protection from an architectural perspective  Applicability  Methodology  Clear definition of initial set of “legitimate traffic”  Filter and Policy Design  Design Trade-Offs and “Gotchas”  Security Considerations  Basic Multi-Vendor Configuration Examples  Provides starting point from which environment-specific additions can be made

 Accepted as an official OPSEC WG document  All* feedback received to date included in revision -01  *Addition of IPv6 references, examples and recommendations currently being added, will be included in revision -02  Goal is to have revision -02 ready for Working Group Last Call by mid-August 2010 Document Status

 Please continue to provide valuable review, comments, questions and feedback  Would like to WGLC after we ship IPv6 in rev -02  The authors would like to thank all who provided assistance in increasing the validity and value of the document to the OPSEC community:  Ron Bonica, Pekka Savola, Warren Kumari, Xu Chen, John Kristoff, Christopher Morrow, Donald Smith, Joel Jaeggli, Richard Graveman, Danny McPherson, Gregg Schudel, Eddie Parra, Seo Boon, Manav Bhatia, Jim Bailey, Andrew Yourtchenko, and many others Requests and Acknowledgements

Thank You!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.