Presentation is loading. Please wait.

Presentation is loading. Please wait.

SNMP for the PAA-EP protocol PANA wg - IETF 62 Minneapolis Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-03.txt.

Published byJudith Young Modified over 8 years ago

Similar presentations

Presentation on theme: "SNMP for the PAA-EP protocol PANA wg - IETF 62 Minneapolis Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-03.txt."— Presentation transcript:

1 SNMP for the PAA-EP protocol PANA wg - IETF 62 Minneapolis Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-03.txt

2 Yacine El Mghazli — 2 All rights reserved © 2004, Alcatel Changes since -02 > Section on MIB usage examples in the PANA context Changes based on review by IPSP wg (Robert Story) A filter example for allowing DHCP traffic to pass through EP > Security section Addings based on review by PANA MIB doctor (David Perkins) – Use of cryptographic protection is RECOMMENED – Passphrase management issues for USM – Caution for MIB objectes for which SET operation is allowed – USM or VACM MUST be used for panaL2FilterTable > Support for reliable notification of PaC presence in section 5.3: “If reliability needs to be guaranteed for the notifications (panaNewPacIPNotification and panaNewPacL2Notification), hence inform notification, which is acknowledged, MUST be used. Then the PAA needs to have engine-id to be the authoritative of SNMP clock between EP and PAA (for inform operation the responder becomes the authoritative).”

3 Yacine El Mghazli — 3 All rights reserved © 2004, Alcatel Next steps & open issues for -04 > Link-layer protection PANA separate document for L2 protection provisioning – 802.11i, etc. > SNMPv3 usage Is the security section recommendations enough ? Some additonal objects design might be needed > One more iteration before WGLC

4 Yacine El Mghazli — 4 All rights reserved © 2004, Alcatel THANKS

5 Yacine El Mghazli — 5 All rights reserved © 2004, Alcatel Functional basic principle PAA AAA backend EP PaCAR PANA auth AAA auth SNMP Install filter # PaC traffic One single IP subnet

6 Yacine El Mghazli — 6 All rights reserved © 2004, Alcatel PANA MIB objects for L2 access control & Notifications > PANA-specific objects extends the IPSP SPD-MIB with: Generic L2 Filters – Very simple (only the DI) – Not linked with the whole IPSP structure New PaC presence Notification triggered by: – L2 or IP unauthorized traffic L2 protection (keying material) – Not treated > IP-level access control re-uses the SPD module

7 Yacine El Mghazli — 7 All rights reserved © 2004, Alcatel Re-use of existing IPSec configuration MIBs for IP level access control > IPSec configuration MIB splitted into 3 separate modules > IPSec SPD configuration MIB module (IPSP wg) Rule/Filter/Action Policy structure Various IP filters, including IP header filter Notification Variables re-usable for the PaC presence notif > IPSec IKE configuration MIB module (IPSP wg) For IP-based access control (draft-ietf-pana-ipsec) Pre-shared key configuration (PSK) – Derived at the PAA level ID_KEY_ID configuration (aggressive mode) – PANA_Session_id|PANA_Key_Id

Download ppt "SNMP for the PAA-EP protocol PANA wg - IETF 62 Minneapolis Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-03.txt."

Similar presentations

1 PANA-IETF70 PANA WG Work Items March 12-13, 2008 IETF 71.

1 PANA-IETF70 PANA WG Work Items March 12-13, 2008 IETF 71.
Washinton D.C., November 2004 IETF 61 st – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena.

Washinton D.C., November 2004 IETF 61 st – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena.
SNMP v3.

SNMP v3.
PANA Requirements and Terminology - IETF54 -. PANA WG, IETF 54, Requirements and Terminology draft-ietf-pana-requirements-02.txt Changes Comments/questions.

PANA Requirements and Terminology - IETF54 -. PANA WG, IETF 54, Requirements and Terminology draft-ietf-pana-requirements-02.txt Changes Comments/questions.
December 10, 20001 Policy Terminology - 01 Report for 49th IETF Preview for AAA Arch RG John Schnizlein.

December 10, Policy Terminology - 01 Report for 49th IETF Preview for AAA Arch RG John Schnizlein.
NS-H0503-02/11041 SNMP. NS-H0503-02/11042 Outline Basic Concepts of SNMP SNMPv1 Community Facility SNMPv3 Recommended Reading and WEB Sites.

NS-H /11041 SNMP. NS-H /11042 Outline Basic Concepts of SNMP SNMPv1 Community Facility SNMPv3 Recommended Reading and WEB Sites.
Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec)
SNMP for the PAA-EP protocol PANA wg - IETF 61 Washington DC Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-02.txt.

SNMP for the PAA-EP protocol PANA wg - IETF 61 Washington DC Yacine El Mghazli (Alcatel) Yoshihiro Ohba (Toshiba) Julien Bournelle (GET/INT) draft-ietf-pana-snmp-02.txt.
SNMPv3 Yen-Cheng Chen Department of Information Management National Chi Nan University

SNMPv3 Yen-Cheng Chen Department of Information Management National Chi Nan University
Session-based Security Model for SNMPv3 (SNMPv3/SBSM) David T. Perkins Wes Hardaker IETF November 12, 2003.

Session-based Security Model for SNMPv3 (SNMPv3/SBSM) David T. Perkins Wes Hardaker IETF November 12, 2003.
12/05/2007IETF70 PANA WG1 PANA Network Selection draft-ohba-pana-netsel-00.txt Yoshihiro Ohba.

12/05/2007IETF70 PANA WG1 PANA Network Selection draft-ohba-pana-netsel-00.txt Yoshihiro Ohba.
July 15, 2002IETF54 PANA WG1 PANA Usage Scenarios Updates (draft-ietf-pana-usage-scenarios-02.txt) Yoshihiro Ohba Subir Das

July 15, 2002IETF54 PANA WG1 PANA Usage Scenarios Updates (draft-ietf-pana-usage-scenarios-02.txt) Yoshihiro Ohba Subir Das
March 20, 2006IETF65 PANA WG PANA Specification Updates (draft-ietf-pana-pana-11.txt) Yoshihiro Ohba

March 20, 2006IETF65 PANA WG PANA Specification Updates (draft-ietf-pana-pana-11.txt) Yoshihiro Ohba
December 13, 20001 Policy Terminology - 01 Report for 49th IETF Andrea Westerinen.

December 13, Policy Terminology - 01 Report for 49th IETF Andrea Westerinen.
Issues to Consider w.r.t Protocol Solution - IETF54 -

Issues to Consider w.r.t Protocol Solution - IETF54 -
7/14/2003IETF57 PANA enabling IPsec based Access control draft-mohanp-pana-ipsec-00.txt Mohan Parthasarathy Tahoe Networks - Presented by Hannes Tschofenig.

7/14/2003IETF57 PANA enabling IPsec based Access control draft-mohanp-pana-ipsec-00.txt Mohan Parthasarathy Tahoe Networks - Presented by Hannes Tschofenig.
1 EAP Usage Issues Feb 05 Jari Arkko. 2 Typical EAP Usage PPP authentication Wireless LAN authentication –802.1x and 802.11i IKEv2 EAP authentication.

1 EAP Usage Issues Feb 05 Jari Arkko. 2 Typical EAP Usage PPP authentication Wireless LAN authentication –802.1x and i IKEv2 EAP authentication.
IETF54 Charter Issues Dealt with since IETF53 PANA WG Meeting Basavaraj Patil.

IETF54 Charter Issues Dealt with since IETF53 PANA WG Meeting Basavaraj Patil.
August 1, 2005IETF63 PANA WG Pre-authentication Support for PANA (draft-ohba-pana-preauth-00.txt) Yoshihiro Ohba

August 1, 2005IETF63 PANA WG Pre-authentication Support for PANA (draft-ohba-pana-preauth-00.txt) Yoshihiro Ohba
1 Course Number Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt.

1 Course Number Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt.

Similar presentations

Ads by Google