[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSec Provisioning Tools
Hi Ricky,
thanks for your reply. I am already on the IPSec policy list. :-)
I have done a review of all the Internet drafts that are on the roadmap of
this IETF WG, I assume the papers you are referring to are on that list. As
you say I concluded that standardised policy management is quite some time
off (2-3 years?) - which is not supposed to diminish the work of the WG, by
all means!
Of course vendors are playing the usual tricks of trying to lock in people
as long as they can. Don't know whether this includes RedCreek. I looked at
a presentation of your Steve Peters for IPSec 2000 in France last year and
found that this is getting closest to what the IETF WG suggests. I haven't
had the time to look at all the policy tools of every vendor yet (list of
almost 30 is lying somewhere on my desk). I will have to do this though
within the next couple of months or so. BT Labs (who I work for) are very
keen to find suitable products.
Is anyone else doing something similar?
Dirk
> Work on standardized configuration of IPsec devices is just in its
> infancy. You can follow the development of
> draft-ietf-ipsp-ipsecpib-02.txt and
> draft-ietf-ipsp-ipsec-conf-mib-00.txt. The real trick of it will be
> getting muitiple vendors to believe in the need for interoperable
> configuration of IPsec devices. Therefore I appreciate your note asking
> for it. And I encourage you to solicite the "IPsec Policy" working group
> for further updates on the progress of inter-vendor configurability. The
> "IPsec Policy" WG email list can be found at:
>
> General Discussion:ipsec-policy@vpnc.org
> To Subscribe: ipsec-policy-request@vpnc.org
> In Body: subscribe
> Archive: http://www.vpnc.org/ipsec-policy/
References: