Protocol Action: 'IPFIX Information Elements for logging NAT Events' to Proposed Standard (draft-ietf-behave-ipfix-nat-logging-13.txt)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The IESG has approved the following document:
- 'IPFIX Information Elements for logging NAT Events'
  (draft-ietf-behave-ipfix-nat-logging-13.txt) as Proposed Standard

This document has been reviewed in the IETF but is not the product of an
IETF Working Group.

The IESG contact person is Spencer Dawkins.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-behave-ipfix-nat-logging/


Technical Summary

   Network operators require NAT devices to log events like creation and
   deletion of translations and information about the resources that the
   NAT device is managing.  The logs are essential in many cases to
   identify an attacker or a host that was used to launch malicious
   attacks and for various other purposes of accounting.  Since there is
   no standard way of logging this information, different NAT devices
   log the information using proprietary formats and hence it is
   difficult to expect a consistent behavior.  The lack of a consistent
   way to log the data makes it difficult to write the collector
   applications that would receive this data and process it to present
   useful information.  This document describes the formats for logging
   of NAT events.

Working Group Summary

   For much of its life, this work existed in the BEHAVE working group. 
   It became an AD-sponsored draft when the BEHAVE working group
   was concluded. As a working group draft, it was not controversial,
   and much of the focus of discussion was between the authors of this 
   draft, an MIB NAT management document (now RFCs 7658-7659, and 
   a SYSLOG NAT management document, working to make sure each 
   NAT management tool provided equivalent functionality, to the extent 
   possible.

Document Quality

   Reviews were provided by Dan Wing (former BEHAVE WG chair), Paul 
   Aitken (on general use of IPFIX), Phillip Hallam-Baker (for 
   SECDIR), Dan Romascanu (for OPDIR), Paul Aitken (for IANA), 
   Juergen Quittek and Brian Trammell (for IPFIX IE-doctors),
    
   Tom Taylor checked this draft for consistency with the NAT MIB
   draft and the SYSLOG draft, and provided comments.

Personnel

   The responsible Area Director is Spencer Dawkins, who is also 
   acting as document shepherd.




[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux