draft-ietf-rtfm-meter-mib-05.txt   draft-ietf-rtfm-meter-mib-06.txt 
Internet Engineering Task Force Nevil Brownlee Internet Engineering Task Force Nevil Brownlee
INTERNET-DRAFT The University of Auckland INTERNET-DRAFT The University of Auckland
Expires January 1999 September 1998
Traffic Flow Measurement: Meter MIB Traffic Flow Measurement: Meter MIB
<draft-ietf-rtfm-meter-mib-05.txt> <draft-ietf-rtfm-meter-mib-06.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft. Internet-Drafts are working This document is an Internet-Draft. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its Areas, and documents of the Internet Engineering Task Force (IETF), its Areas, and
its Working Groups. Note that other groups may also distribute working its Working Groups. Note that other groups may also distribute working
documents as Internet-Drafts. This Internet Draft is a product of the documents as Internet-Drafts. This Internet Draft is a product of the
Realtime Traffic Flow Measurement Working Group of the IETF. Realtime Traffic Flow Measurement Working Group of the IETF.
Internet Drafts are draft documents valid for a maximum of six months. Internet Drafts are draft documents valid for a maximum of six months.
skipping to change at page 2, line ? skipping to change at page 2, line ?
use in controlling a traffic meter, in particular for specifying the use in controlling a traffic meter, in particular for specifying the
flows to be measured. It also provides an efficient mechanism for flows to be measured. It also provides an efficient mechanism for
retrieving flow data from the meter using SNMP. Security issues retrieving flow data from the meter using SNMP. Security issues
concerning the operation of traffic meters are summarised. concerning the operation of traffic meters are summarised.
Contents Contents
1 Introduction 2 1 Introduction 2
2 The Network Management Framework 2 2 The Network Management Framework 2
3 Objects 3 3 Objects 3
3.1 Format of Definitions . . . . . . . . . . . . . . . . . . . . . 4 3.1 Format of Definitions . . . . . . . . . . . . . . . . . . . . 4
4 Overview 4 4 Overview 4
4.1 Scope of Definitions, Textual Conventions . . . . . . . . . . . 4 4.1 Scope of Definitions, Textual Conventions . . . . . . . . . . 4
4.2 Usage of the MIB variables . . . . . . . . . . . . . . . . . . 5 4.2 Usage of the MIB variables . . . . . . . . . . . . . . . . . . 5
5 Definitions 7 5 Definitions 7
6 Security Considerations 44 6 Security Considerations 44
6.1 SNMP Concerns . . . . . . . . . . . . . . . . . . . . . . . . 44
6.2 Traffic Meter Concerns . . . . . . . . . . . . . . . . . . . . 44
7 Appendix A: Changes Introduced Since RFC 2064 45 7 Appendix A: Changes Introduced Since RFC 2064 46
8 Acknowledgements 46 8 Acknowledgements 47
9 References 46 9 References 47
10 Author's Address 47 10 Author's Address 48
1 Introduction 1 Introduction
This memo defines a portion of the Management Information Base (MIB) for This memo defines a portion of the Management Information Base (MIB) for
use with network management protocols in the Internet community. In use with network management protocols in the Internet community. In
particular, it describes objects for managing and collecting data from particular, it describes objects for managing and collecting data from
network Realtime Traffic Flow Meters, as described in [9]. network Realtime Traffic Flow Meters, as described in [9].
The MIB is 'basic' in the sense that it provides more than enough The MIB is 'basic' in the sense that it provides more than enough
information for everyday traffic measurment. Furthermore, it can be information for everyday traffic measurment. Furthermore, it can be
skipping to change at page 44, line 7 skipping to change at page 44, line 12
flowDataTableGroup2, flowDataTableGroup2,
flowDataPackageGroup, flowDataPackageGroup,
flowRuleTableGroup flowRuleTableGroup
} }
::= { flowMIBCompliances 1 } ::= { flowMIBCompliances 1 }
END END
6 Security Considerations 6 Security Considerations
6.1 SNMP Concerns
There are a number of management objects defined in this MIB that have a
MAX-ACCESS clause of read-write and/or read-create. Such objects may be
considered sensitive or vulnerable in some network environments. The
support for SET operations in a non-secure environment without proper
protection can have a negative effect on network operations.
There are a number of managed objects in this MIB that may contain
sensitive information. These include all the objects in the Control
Group (since they control access to meter resources by Managers and
Meter Readers) and those in the Flow Table (since they hold the
collected traffic flow data).
It is thus important to control even GET access to these objects and
possibly to even encrypt the values of these object when sending them
over the network via SNMP. Not all versions of SNMP provide features for
such a secure environment.
SNMPv1 by itself is not a secure environment. Even if the network
itself is secure (for example by using IPSec), even then, there is no
control as to who on the secure network is allowed to access and GET/SET
(read/change/create/delete) the objects in this MIB.
It is recommended that the implementers consider the security features
as provided by the SNMPv3 framework. Specifically, the use of the
User-based Security Model [14] and the View-based Access Control Model
[15] is recommended.
It is then a customer/user responsibility to ensure that the SNMP entity
giving access to an instance of this MIB is properly configured to give
access to the objects only to those principals (users) that have
legitimate rights to indeed GET or SET (change/create/delete) them.
6.2 Traffic Meter Concerns
This MIB describes how an RTFM traffic meter is controlled, and provides This MIB describes how an RTFM traffic meter is controlled, and provides
a way for traffic flow data to be retrieved from it by a meter reader. a way for traffic flow data to be retrieved from it by a meter reader.
This is essentially an application using SNMP as a method of This is essentially an application using SNMP as a method of
communication between co-operating hosts; it does not - in itself - have communication between co-operating hosts; it does not - in itself - have
any inherent security risks. any inherent security risks.
Since, however, the traffic flow data can be extremely valuable for Since, however, the traffic flow data can be extremely valuable for
network management purposes it is vital that sensible precautions be network management purposes it is vital that sensible precautions be
taken to keep the meter and its data secure. This requires that access taken to keep the meter and its data secure. This requires that access
to the meter for control purposes (e.g. loading RuleSets and reading to the meter for control purposes (e.g. loading RuleSets and reading
flow data) be restricted. Such restriction could be achieved in many flow data) be restricted. Such restriction could be achieved in many
ways, for example ways, for example
skipping to change at page 44, line 27 skipping to change at page 45, line 22
flow data) be restricted. Such restriction could be achieved in many flow data) be restricted. Such restriction could be achieved in many
ways, for example ways, for example
- Physical Separation. Meter(s) and meter reader(s) could be - Physical Separation. Meter(s) and meter reader(s) could be
deployed so that control capabilities are kept within a separate deployed so that control capabilities are kept within a separate
network, access to which is carefully controlled. network, access to which is carefully controlled.
- Application-layer Security. A minimal level of security for SNMP - Application-layer Security. A minimal level of security for SNMP
is provided by using 'community' strings, which are essentially is provided by using 'community' strings, which are essentially
clear-text passwords. Stronger security for SNMP is being clear-text passwords. Stronger security for SNMP is being
developed within the IETF; when this becomes available it should be developed within the IETF (see above); when this becomes available
used to protect managed network equipment. it should be used to protect managed network equipment.
- Lower-layer Security. Access to the meter can be protected using - Lower-layer Security. Access to the meter can be protected using
encryption at the network layer. For example, one could run SNMP encryption at the network layer. For example, one could run SNMP
to the meter through an encrypted TCP tunnel. to the meter through an encrypted TCP tunnel.
When implementing a meter it may be sensible to use separate network When implementing a meter it may be sensible to use separate network
interfaces for control and for metering. If this is done the control interfaces for control and for metering. If this is done the control
network can be set up so that it doesn't carry any 'user' traffic, and network can be set up so that it doesn't carry any 'user' traffic, and
the metering interfaces can ignore any user attempts to take control of the metering interfaces can ignore any user attempts to take control of
the meter. the meter.
skipping to change at page 46, line 29 skipping to change at page 47, line 20
to Jim Barnes, Sig Handelman and Stephen Stibler for their support and to Jim Barnes, Sig Handelman and Stephen Stibler for their support and
their assistance with checking early versions of the MIB. their assistance with checking early versions of the MIB.
Stephen Stibler shared the development workload of producing the MIB Stephen Stibler shared the development workload of producing the MIB
changes summarized in chpter 5 (above). changes summarized in chpter 5 (above).
9 References 9 References
[1] McCloghrie, K., and Rose, M., Editors, "Management [1] McCloghrie, K., and Rose, M., Editors, "Management
Information Base for Network Management of TCP/IP-based Information Base for Network Management of TCP/IP-based
internets," RFC 1213, Performance Systems International, March internets," RFC 1213, Performance Systems International,
1991. March 1991.
[2] Case J., McCloghrie K., Rose M., and Waldbusser S., [2] Case J., McCloghrie K., Rose M., and Waldbusser S.,
"Structure of Management Information for version 2 of the "Structure of Management Information for version 2 of the
Simple Network Managemenet Protocol," RFC 1902, SNMP Research Simple Network Managemenet Protocol," RFC 1902, SNMP
Inc., Hughes LAN Systems, Dover Beach Consulting, Carnegie Research Inc., Hughes LAN Systems, Dover Beach Consulting,
Mellon University, January 1996. Carnegie Mellon University, January 1996.
[3] Case J., McCloghrie, K., Rose, M., and Waldbusser, S., [3] Case J., McCloghrie, K., Rose, M., and Waldbusser, S.,
"Textual Conventions for version 2 of the Simple Network "Textual Conventions for version 2 of the Simple Network
Managemenet Protocol SNMPv2", RFC 1903, SNMP Research Inc., Managemenet Protocol SNMPv2", RFC 1903, SNMP Research Inc.,
Hughes LAN Systems, Dover Beach Consulting, Carnegie Mellon Hughes LAN Systems, Dover Beach Consulting, Carnegie Mellon
University, January 1996. University, January 1996.
[4] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., [4] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S.,
"Conformance Statements for version 2 of the Simple Network "Conformance Statements for version 2 of the Simple Network
Managemenet Protocol (SNMPv2)," RFC 1904, SNMP Research Inc., Managemenet Protocol (SNMPv2)," RFC 1904, SNMP Research Inc.,
skipping to change at page 47, line 31 skipping to change at page 48, line 20
[8] Mills, C., Hirsch, G. and Ruth, G., "Internet Accounting [8] Mills, C., Hirsch, G. and Ruth, G., "Internet Accounting
Background," RFC 1272, Bolt Beranek and Newman Inc., Meridian Background," RFC 1272, Bolt Beranek and Newman Inc., Meridian
Technology Corporation, November 1991. Technology Corporation, November 1991.
[9] Brownlee, N., Mills, C., and G. Ruth, "Traffic Flow [9] Brownlee, N., Mills, C., and G. Ruth, "Traffic Flow
Measurement: Architecture", RFC 2063, The University of Measurement: Architecture", RFC 2063, The University of
Auckland, Bolt Beranek and Newman Inc., GTE Laboratories, Inc, Auckland, Bolt Beranek and Newman Inc., GTE Laboratories, Inc,
January 1997. January 1997.
[10] Waldbusser, S., "Remote Network Monitoring Management [10] Waldbusser, S., "Remote Network Monitoring Management
Information Base Version 2 using SMIv2," RFC 2021, INS, January Information Base Version 2 using SMIv2," RFC 2021, INS,
1997. January 1997.
[11] Reynolds, J., Postel, J., "Assigned Numbers," RFC 1700, [11] Reynolds, J., Postel, J., "Assigned Numbers," RFC 1700,
ISI, October 1994. ISI, October 1994.
[12] Case, J., "FDDI Management Information Base," RFC 1285, [12] Case, J., "FDDI Management Information Base," RFC 1285,
SNMP Research Incorporated, January 1992. SNMP Research Incorporated, January 1992.
[13] Hinden, R., Deering, S., "IP Version 6 Addressing [13] Hinden, R., Deering, S., "IP Version 6 Addressing
Architecture," RFC 1884, Ipsilon Networks, Xerox PARC, December Architecture," RFC 1884, Ipsilon Networks, Xerox PARC,
1995. December 1995.
[14] Blumenthal, U., and B. Wijnen, "User-based Security Model
(USM) for version 3 of the Simple Network Management
Protocol (SNMPv3)", RFC 2274, January 1998.
[15] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based
Access Control Model for the Simple Network Management
Protocol (SNMP)", RFC 2275, January 1998.
10 Author's Address 10 Author's Address
Nevil Brownlee Nevil Brownlee
Information Technology Systems & Services Information Technology Systems & Services
The University of Auckland The University of Auckland
Phone: +64 9 373 7599 x8941 Phone: +64 9 373 7599 x8941
E-mail: n.brownlee@auckland.ac.nz E-mail: n.brownlee@auckland.ac.nz
Expires January 1999
 End of changes. 19 change blocks. 
21 lines changed or deleted 67 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/