Upload File

snmp for the paa-ep protocol pana wg - ietf 62 minneapolis yacine el mghazli (alcatel) yoshihiro...

  • Home
  • Documents
  • SNMP for the PAA-EP protocol PANA wg - IETF 62 Minneapolis Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-03.txt
7
SNMP for the PAA-EP protocol PANA wg - IETF 62 Minneapolis Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-03.txt

Upload: judith-young

Post on 19-Jan-2016

213 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: SNMP for the PAA-EP protocol PANA wg - IETF 62 Minneapolis Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-03.txt

SNMP for the PAA-EP protocolPANA wg - IETF 62 Minneapolis

Yacine El Mghazli (Alcatel)Yoshihiro Ohba (Toshiba)Julien Bournelle (GET/INT)

draft-ietf-pana-snmp-03.txt

Page 2: SNMP for the PAA-EP protocol PANA wg - IETF 62 Minneapolis Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-03.txt

Yacine El Mghazli — 2 All rights reserved © 2004, Alcatel

Changes since -02

> Section on MIB usage examples in the PANA context• Changes based on review by IPSP wg (Robert Story)• A filter example for allowing DHCP traffic to pass through

EP

> Security section• Addings based on review by PANA MIB doctor (David

Perkins)– Use of cryptographic protection is RECOMMENED– Passphrase management issues for USM– Caution for MIB objectes for which SET operation is allowed

– USM or VACM MUST be used for panaL2FilterTable

> Support for reliable notification of PaC presence in section 5.3:

“If reliability needs to be guaranteed for the notifications (panaNewPacIPNotification and panaNewPacL2Notification), hence inform notification, which is acknowledged, MUST be used. Then the PAA needs to have engine-id to be the authoritative of SNMP clock between EP and PAA (for inform operation the responder becomes the authoritative).”

Page 3: SNMP for the PAA-EP protocol PANA wg - IETF 62 Minneapolis Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-03.txt

Yacine El Mghazli — 3 All rights reserved © 2004, Alcatel

Next steps & open issues for -04

> Link-layer protection• PANA separate document for L2 protection provisioning

– 802.11i, etc.

> SNMPv3 usage• Is the security section recommendations enough ?• Some additonal objects design might be needed

> One more iteration before WGLC

Page 4: SNMP for the PAA-EP protocol PANA wg - IETF 62 Minneapolis Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-03.txt

Yacine El Mghazli — 4 All rights reserved © 2004, Alcatel

THANKS

Page 5: SNMP for the PAA-EP protocol PANA wg - IETF 62 Minneapolis Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-03.txt

Yacine El Mghazli — 5 All rights reserved © 2004, Alcatel

Functional basic principle

PAAAAA

backend

EPPaC AR

PANA authAAA auth

SNMPInstall filter

#PaC traffic

One single IP subnet

Page 6: SNMP for the PAA-EP protocol PANA wg - IETF 62 Minneapolis Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-03.txt

Yacine El Mghazli — 6 All rights reserved © 2004, Alcatel

PANA MIB objectsfor L2 access control & Notifications

> PANA-specific objects extends the IPSP SPD-MIB with:• Generic L2 Filters

– Very simple (only the DI)– Not linked with the whole IPSP structure

• New PaC presence Notification triggered by:– L2 or IP unauthorized traffic

• L2 protection (keying material)– Not treated

> IP-level access control re-uses the SPD module

Page 7: SNMP for the PAA-EP protocol PANA wg - IETF 62 Minneapolis Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-03.txt

Yacine El Mghazli — 7 All rights reserved © 2004, Alcatel

Re-use of existing IPSec configuration MIBsfor IP level access control> IPSec configuration MIB splitted into 3 separate

modules

> IPSec SPD configuration MIB module (IPSP wg) • Rule/Filter/Action Policy structure• Various IP filters, including IP header filter• Notification Variables re-usable for the PaC presence notif

> IPSec IKE configuration MIB module (IPSP wg)• For IP-based access control (draft-ietf-pana-ipsec)• Pre-shared key configuration (PSK)

– Derived at the PAA level

• ID_KEY_ID configuration (aggressive mode)– PANA_Session_id|PANA_Key_Id


IETF Status at IETF 76

IPv6 for Mobile and Wireless Internet Alper E. Yegin DoCoMo USA Labs IPv6 Forum Technical Directorate Member, IETF PANA Working Group Chairman

SNMP/WEB Interface UPS SNMP Card - … Netys... · 2015-10-21 · SNMP/WEB Interface UPS SNMP Card ... • Remote UPS monitoring via SNMP ... in one of the SNMP Access Control NMS

Pana, Illinois : some luminous phases of its every-day ...livinghistoryofillinois.com/pdf_files/Pana, Illinois.pdf1RlM^'^ilirnrlmiTnfaiBusuAmrriraitJluitustrial(Er PANA ILLINOIS PresentActivitiesan^^^utureynssibilities

SNMP Management (NET-SNMP) for BS2000

IETF Hackathon IETF 92, March 21-22,Dallas, TX IETF 92IETF Hackathon1

Jnana Pana

Aud Pana Savk82dgn

SNMP - POSTECHdpnm.postech.ac.kr/thesis/01/jungseok/PowerPoint.pdf · POSTECH DP&NM Lab. (5) SNMP SNMP-based NMS (1) SNMP agent SNMP Managed Devices NMS Console

SNMP/WEB Interface UPS SNMP Card - Socomec · SNMP/WEB Interface UPS SNMP Card Installation and operating manual GB

PANA Framework Prakash Jayaraman, Rafa Marin Lopez, Yoshihiro Ohba, Mohan Parthasarathy, Alper Yegin IETF 59

Hamakua wahi pana

SNMP 1. SNMP is an Internet protocol developed by the IETF. It is designed to facilitate the exchange of management information between network elements

PANA Discussion and Open Issues (draft-ietf-pana-pana-01.txt)

Pana chocolate review

1 IETF Status at IETF 76 Russ Housley, IETF Chair

SNMP - Cisco · SNMP ThisdocumentexplainsSimpleNetworkManagementProtocol(SNMP)asimplementedbytheCiscoNCS. • SNMPOverview, page 1 • BasicSNMPComponents, page 3

Kau wahi pana

Puna wahi pana

Implementing SNMP€¦ · Implementing SNMP SimpleNetworkManagementProtocol(SNMP)isanapplication-layerprotocolthatprovidesamessage formatforcommunicationbetweenSNMPmanagersandagents

SNMP 1. SNMP Versions SNMP version 1 (SNMPv1) SNMP version 2 (SNMPv2) SNMP version 3 (SNMPv3) 2

1 IETF Status at IETF 83 Russ Housley IETF Chair

Protocol for Carrying Authentication for Network Access (PANA)PANA messages are sent between the PaC and PAA as part of a PANA session. A PANA session consists of distinct phases:

1 IETF Status at IETF 82 Russ Housley IETF Chair

PANA & Office Romance

SNMP . SNMP Simple Network Management Protocol

O SNMP (Simple Network Management Protocol) · 2020-04-07 · 1. O SNMP (Simple Network Management Protocol) – Padronizado pela Internet Engineering Task Force – IETF • Objetivo:

Hilo wahi pana

Kohala wahi pana

WAHI PANA NÄ PAHUHOPU (objectives) - KS Blogsblogs.ksbe.edu/kaaarona/files/2012/11/WahiPana2012.pdfWahi Pana . WAHI PANA NÄ PAHUHOPU (objectives) ... • Visit a Wahi Pana and record

SNMP - cisco.com · SNMP ThischapterdescribeshowtoconfigureSimpleNetworkManagementProtocol(SNMP)tomonitorthe …

UPS SNMP Card · SNMP-SSL UPS SNMP Card (Web-Based monitoring SNMP Card) User’s Manual

IETF 112 - IETF LLC Briefing

50 th IETF Page 1March 18, 2001JDC's Observations on EOS Evolution of SNMP (eos) 50 th IETF: Minneapolis, MN Jeff Case [email protected] +1 865 573 1434 Knoxville,

PANA Framework