[fi-rg] Firewall Virtualization BOF: Monday evening

Inder Monga imonga at nortel.com
Mon Jun 2 08:48:30 CDT 2008 

Hi All,

We would like your support for the Firewall Virtualization for Grid
Applications Working Group BOF. 

A common complaint we hear is that the firewall configurations to
connect two new sites takes a long time to negotiate and make happen.
After the application/experiement between the two sites is completed, in
many cases the ports stay open. By virtualizing the firewall and
providing a set of grid services, we believe that the problems/manual
administrative tasks facing multi-site grid installations and dynamic VO
formations can be simplified dramatically. By integrating within the
Grid services, we can leverage the security infrastruture for Grid
Applications, ensuring that the dynamic, automated firewall port opening
is fully authorized and authenticated, both from the user and
application perspective. 

The BOF has been organized to seek your support in defining the set of
virtualized services that can integrate any legacy firewall into the
grid infrastructure. This virtualization, though very useful for grid
applications, can be leveraged by other applications in the enterprise
as well under proper security considerations. 

The three documents we hope to work on within the group are:
1.	A standard set of service definitions that provide an abstract
interface for an authorized grid applications to specify its data-path
traversal requirements.
2.	A set of security recommendations surrounding the application
interacting with the Firewall service at the control and data plane
including AAA of the service requests
3.	A best practices document for the network-administrator and a
grid-administrator to understand the architecture and security
implications of this deployment

The proposed detailed BOF charter and plan are attached as a word
document.
 <<Charter_FVGA.doc>> 
Thanks,
Ralph and Inder
Co-chairs, Firewall Issues Research Group


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.ogf.org/pipermail/fi-rg/attachments/20080602/c48f8bb6/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Charter_FVGA.doc
Type: application/msword
Size: 50688 bytes
Desc: Charter_FVGA.doc
Url : http://www.ogf.org/pipermail/fi-rg/attachments/20080602/c48f8bb6/attachment-0001.doc

More information about the fi-rg mailing list