[fi-rg] Firewall Virtualization BOF: Monday evening
Inder Monga
imonga at nortel.com
Tue Jun 3 05:53:09 CDT 2008
Thanks to everyone who came to the session and for the engaging
discussion.
The slides presented and the charter have been uploaded to the OGF site:
http://www.ogf.org/gf/event_schedule/index.php?id=1296
Please feel free to send comments over email or to the mailing lists.
Inder
> _____________________________________________
> From: Monga, Inder (BL60:418)
> Sent: Monday, June 02, 2008 7:34 AM
> To: security-area at ogf.org; ghpn-wg at ogf.org; fi-rg at ogf.org
> Subject: Firewall Virtualization BOF: Monday evening
>
>
> Hi All,
>
> We would like your support for the Firewall Virtualization for Grid
> Applications Working Group BOF.
>
> A common complaint we hear is that the firewall configurations to
> connect two new sites takes a long time to negotiate and make happen.
> After the application/experiement between the two sites is completed,
> in many cases the ports stay open. By virtualizing the firewall and
> providing a set of grid services, we believe that the problems/manual
> administrative tasks facing multi-site grid installations and dynamic
> VO formations can be simplified dramatically. By integrating within
> the Grid services, we can leverage the security infrastruture for Grid
> Applications, ensuring that the dynamic, automated firewall port
> opening is fully authorized and authenticated, both from the user and
> application perspective.
>
> The BOF has been organized to seek your support in defining the set of
> virtualized services that can integrate any legacy firewall into the
> grid infrastructure. This virtualization, though very useful for grid
> applications, can be leveraged by other applications in the enterprise
> as well under proper security considerations.
>
> The three documents we hope to work on within the group are:
> 1. A standard set of service definitions that provide an abstract
> interface for an authorized grid applications to specify its data-path
> traversal requirements.
> 2. A set of security recommendations surrounding the application
> interacting with the Firewall service at the control and data plane
> including AAA of the service requests
> 3. A best practices document for the network-administrator and a
> grid-administrator to understand the architecture and security
> implications of this deployment
>
> The proposed detailed BOF charter and plan are attached as a word
> document.
> << File: Charter_FVGA.doc >>
> Thanks,
> Ralph and Inder
> Co-chairs, Firewall Issues Research Group
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.ogf.org/pipermail/fi-rg/attachments/20080603/3bb6c9b5/attachment.html
More information about the fi-rg
mailing list