*Action Items*
New
[AI] {Chris} will arrange vendor discussions for a subsequent call.
[AI] {Chris} will contact Bob Morgan to discuss whether there may be IETF activities
that would be open to or in alignment with NetAuth efforts.
[AI] {Eric} will modify figure one of “NetAuth Architecture for Automating
Network Policy Enforcement (Futures Document)”
Carry Over
[AI] {Jeff} will send the presentation for EDUCAUSE Mid-Atlantic regional meeting
in January and review it for possible case study possibility
[AI] {Chris} will post message to the NetAuth and FWNA lists soliciting volunteers
to develop an outline of issues for NetAuth in a federated environment.
[AI] {Chris} will solicit from the WG contributions about NetAuth vendor solutions
currently being used.
[AI] {Mike} will provide a brief summary of ESnet collaborative trust domain
commonalities.
[AI] {Individuals} will send in case studies for potential use in the Strategies
document.
[AI] {Group} will review slides posted for EDUCAUSE regional group meeting.
[AI] {Group} will review information to be used as the appendix for the Strategies
document.
[AI] {Chris} will find editors to help with the appendix of the Strategies document.
[AI] {Chris and Mark} will develop the NetAuth approach to NAT devices as a
discussion topic for submission to the Effective Practices WG.
[AI] {SteveO} will post I2 document standard links to the WG’s website.
*Participants*
Chris Misra, University of Massachusetts (chair)
Phil Rodrigues, New York University
Rich Cropp, Penn State University
Robert Brentrup, Dartmouth University
Eric Gauthier, Boston University
Robert Lowe, Lawrence University
Terrie Clark, Internet2 (scribe)
Renee Frost, Internet2
Ken Klingenstein, Internet2
Steve Olshansky, Internet2
*Discussion*
There will be a NetAuth WG session at the Spring Internet2 Member Meeting, May
2 – 4, 2005 in Washington, DC. For more information please see: http://events.internet2.edu/2005/spring-mm/.
The ResNet 2005 conference will be held in June, 2005 at Georgia Institution of Technology. For more information please see: http://resnet2005.gatech.edu/.
NERCOMP will hold a network security strategy workshop on May 17, 2005 at the University of Massachusetts in Amherst. For more information please see: http://www.nercomp.org/calendar.html.
A Joint Techs workshop will be held in Vancouver, British Columbia from July 17 – 21, 2005. The efforts of the SALSA NetAuth working group will be of interest to attendees.
The final version of the Strategies document is complete and has been posted to the WG’s website. Any subsequent changes to the document will be put into draft format and discussed by the group prior to publishing the document’s next version.
The WG’s revised document roadmap has been published and is available on the WG’s website.
The recent draft of the Futures (architecture) document has been sent to the
group via the list. Draft 2 of the Futures (architecture) document incorporates
updated diagrams and updated text. The group discussed possible changes to figure
one. It was decided that in addition to augmenting text, the figure would be
slightly modified to reflect that an external event triggers a policy evaluation,
and the policy enforcement results in a possible state transition. It was also
decided that figure one will represent workflow and not necessarily state transitions.
Additional language discussing fully compliant and partially compliant states
will be incorporated into figure one. It was also discussed that a device’s
state may or may not change after the policy enforcement of notification. The
group agreed to include a policy repository as a component in the upcoming components
document.
Many vendors have expressed interest in developing products enhancing network
security. The two most notable are Cisco Network Admission Control (NAC) and
Microsoft Network Access Protection (NAP). While these companies differ in network
security approaches, the group agreed that it would be useful to solicit input
and provide feedback to vendors wishing to serve the Research and Education
community.
Figure two of the Futures (architecture) documents will be discussed during
the next call.
The next call is Thursday, May 12, 2005 at 12:00 PM ET. An agenda with the call
in number will be sent out to the WG via the list prior to the call.