Review and contribution requested: draft-boesch-idxp-idpef-01 (Bjoern-C. Boesch)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear community,

I have post the attached draft and looking for feedback from people with security management and / or security (IDS) operations expertise (including IDS developer). I am particularly interested in your opinions on the communication proceedings, the parametrization methodology and the provided attributes (and such I did not think of). If the text needs updating by your point of view, please let me know that as well. Here is the link to the new draft:

http://www.ietf.org/id/draft-boesch-idxp-idpef-01.txt

At the first view the draft looks very long but after page 44 a lot of examples and definitions are included for better understanding. So the first 43 pages are primary in scope for feedback but feedback for the other pages is welcome, too.

Abstract

The Intrusion Detection Parametrization Exchange Format (IDPEF) defines data formats and exchange procedures to standardize parametrization information exchange into intrusion detection and response systems from an independent central Manager to any Analyzer. The IDPEF enables a combination of different (vendor and analyzing technique) IDS Analyzers under one independent central Manager. A separate operations of IDS is not longer needed. Base is a new parametrization methodology where IDS operating parameters (configurations) are separated in an environmental parametrization part and a vendor-specific analyzing part.

This Internet-Draft describes a data model to represent parametrization information of intrusion detection system entities, and explains the rationale for using this model. An implementation of the data model in the Extensible Markup Language (XML) is presented, a XML Document Type Definition is developed, and parametrization examples are provided.



I am looking forward to your suggestions, feedback, notations, hints, recommendations, etc. to improve the Internet Draft. Also native speaker feedback with scope on wording and typo is welcome.

Kind regards,

Bjoern-C.






[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]