[fi-rg] Firewall Virtualization BOF: Monday evening

Inder Monga imonga at nortel.com
Tue Jun 3 05:53:09 CDT 2008 

Thanks to everyone who came to the session and for the engaging
discussion. 

The slides presented and the charter have been uploaded to the OGF site:
http://www.ogf.org/gf/event_schedule/index.php?id=1296

Please feel free to send comments over email or to the mailing lists. 

Inder

> _____________________________________________ 
> From: 	Monga, Inder (BL60:418)  
> Sent:	Monday, June 02, 2008 7:34 AM
> To:	security-area at ogf.org; ghpn-wg at ogf.org; fi-rg at ogf.org
> Subject:	Firewall Virtualization BOF: Monday evening
> 
> 
> Hi All,
> 
> We would like your support for the Firewall Virtualization for Grid
> Applications Working Group BOF. 
> 
> A common complaint we hear is that the firewall configurations to
> connect two new sites takes a long time to negotiate and make happen.
> After the application/experiement between the two sites is completed,
> in many cases the ports stay open. By virtualizing the firewall and
> providing a set of grid services, we believe that the problems/manual
> administrative tasks facing multi-site grid installations and dynamic
> VO formations can be simplified dramatically. By integrating within
> the Grid services, we can leverage the security infrastruture for Grid
> Applications, ensuring that the dynamic, automated firewall port
> opening is fully authorized and authenticated, both from the user and
> application perspective. 
> 
> The BOF has been organized to seek your support in defining the set of
> virtualized services that can integrate any legacy firewall into the
> grid infrastructure. This virtualization, though very useful for grid
> applications, can be leveraged by other applications in the enterprise
> as well under proper security considerations. 
> 
> The three documents we hope to work on within the group are:
> 1.	A standard set of service definitions that provide an abstract
> interface for an authorized grid applications to specify its data-path
> traversal requirements.
> 2.	A set of security recommendations surrounding the application
> interacting with the Firewall service at the control and data plane
> including AAA of the service requests
> 3.	A best practices document for the network-administrator and a
> grid-administrator to understand the architecture and security
> implications of this deployment
> 
> The proposed detailed BOF charter and plan are attached as a word
> document.
>  << File: Charter_FVGA.doc >> 
> Thanks,
> Ralph and Inder
> Co-chairs, Firewall Issues Research Group
> 
> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.ogf.org/pipermail/fi-rg/attachments/20080603/3bb6c9b5/attachment.html

More information about the fi-rg mailing list