From 5fa1a16017dc0b5c3c5244143fca5d1a1cd21701 Mon Sep 17 00:00:00 2001 From: Jim Schaad Date: Sun, 8 Nov 2015 14:57:16 -0800 Subject: [PATCH] Undo Markdown conversion Undo some more of the markdown conversions by switching back to entities and using center for figures. --- draft-ietf-sacm-architecture.xml | 315 ++++++++++--------------------- 1 file changed, 96 insertions(+), 219 deletions(-) diff --git a/draft-ietf-sacm-architecture.xml b/draft-ietf-sacm-architecture.xml index 2810935..cfb6431 100644 --- a/draft-ietf-sacm-architecture.xml +++ b/draft-ietf-sacm-architecture.xml @@ -3,6 +3,15 @@ + + + + + + + + ]> @@ -197,46 +206,43 @@ an interface for data communication directly between a provider and a consumer illustrates the relationships between component roles and interfaces: -
@@ -756,7 +762,7 @@ via querying the controller TODO: once the group reaches consensus on content for the previous sections, revise all this text based upon the agreed-upon architecture -
| | Consumer (Cs) |-----------| | Provider (Pr) | +-| | C +-| | +---------------------+ +------------------------+ - ]]>
SACM’s focus is on the automation of collection, verification and update @@ -808,52 +813,49 @@ SACM (e.g. no interface arrows are shown in the architecture). illustrates an example flow for how Posture Assessment Information may flow. -
Function +--+--------+ |Function | - | | |Collection | +-----------+ +----------+ - | +------------+Provider | | |---| | - | | | |Collection | |Evaluation| - | | | |Consumer | |Provider | - | +----+------+ +----^------+ +---+------+ - ++---------+ | | | - |Collection| +-----v------+ +---+--------+ | - |Guidance | | | |Collection | | - |Function | |Collection | |Provider | | - | | |Consumer |-----| | | - +----------+ +------------+ +------------+ | - | Collection | | - | Data Store | | - +------------+ | - | - +--------------+ +---------------+ | - |Evaluation | |Evaluation | | - |Results | |Consumer <-----+ - |Provider |-----------| | - +-----+--------+ +---------------+ - | |Results Reporting| - | |Function | - | +------------^----+ - | | - +-----v--------+ +----+------+ - |Evaluation | |Reporting | - |Results | |Guidance | - |Consumer | |Data Store | - +---+----------+ +-----------+ +-------------+ - | | Results | - +-----------------------------> Data Store | - | | - +-------------+ - - - +
Function +--+--------+ |Function | + | | |Collection | +-----------+ +----------+ + | +------------+Provider | | |---| | + | | | |Collection | |Evaluation| + | | | |Consumer | |Provider | + | +----+------+ +----^------+ +---+------+ + ++---------+ | | | + |Collection| +-----v------+ +---+--------+ | + |Guidance | | | |Collection | | + |Function | |Collection | |Provider | | + | | |Consumer |-----| | | + +----------+ +------------+ +------------+ | + | Collection | | + | Data Store | | + +------------+ | + | + +--------------+ +---------------+ | + |Evaluation | |Evaluation | | + |Results | |Consumer <-----+ + |Provider |-----------| | + +-----+--------+ +---------------+ + | |Results Reporting| + | |Function | + | +------------^----+ + | | + +-----v--------+ +----+------+ + |Evaluation | |Reporting | + |Results | |Guidance | + |Consumer | |Data Store | + +---+----------+ +-----------+ +-------------+ + | | Results | + +-----------------------------> Data Store | + | | + +-------------+ ]]>
TODO - add example of / more content around interactions with endpoint, possible @@ -913,141 +915,16 @@ that may observe the interfaces flowing through them. - - - - - - - -Key words for use in RFCs to Indicate Requirement Levels - - -In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. - - - - - - - - - - -Endpoint Security Posture Assessment - Enterprise Use Cases - - - - - - - - - - - -This memo documents a sampling of use cases for securely aggregating configuration and operational data and evaluating that data to determine an organization's security posture. From these operational use cases, we can derive common functional capabilities and requirements to guide development of vendor-neutral, interoperable standards for aggregating and evaluating data relevant to security posture. - - - - - - - - - - - -Secure Automation and Continuous Monitoring (SACM) Requirements - - - - - - - - - - - -This document defines the scope and set of requirements for the Secure Automation and Continuous Monitoring (SACM) architecture, data model and transport protocols. The requirements and scope are based on the agreed upon use cases. - - - - - - - - - - - -Secure Automation and Continuous Monitoring (SACM) Terminology - - - - - - - -This memo documents terminology used in the documents produced by SACM (Security Automation and Continuous Monitoring). - - - - - - - - - - + &RFC2119; + &USE-CASES; + &REQUIREMENTS; + &TERMINOLOGY; - - - - - - - -Network Endpoint Assessment (NEA): Overview and Requirements - - - - - - -This document defines the problem statement, scope, and protocol requirements between the components of the NEA (Network Endpoint Assessment) reference model. NEA provides owners of networks (e.g., an enterprise offering remote access) a mechanism to evaluate the posture of a system. This may take place during the request for network access and/or subsequently at any time while connected to the network. The learned posture information can then be applied to a variety of compliance-oriented decisions. The posture information is frequently useful for detecting systems that are lacking or have out-of-date security protection mechanisms such as: anti-virus and host-based firewall software. In order to provide context for the requirements, a reference model and terminology are introduced. This memo provides information for the Internet community. - - - - - - - - - -On the Difference between Information Models and Data Models - - - -There has been ongoing confusion about the differences between Information Models and Data Models for defining managed objects in network management. This document explains the differences between these terms by analyzing how existing network management model specifications (from the IETF and other bodies such as the International Telecommunication Union (ITU) or the Distributed Management Task Force (DMTF)) fit into the universe of Information Models and Data Models. This memo documents the main results of the 8th workshop of the Network Management Research Group (NMRG) of the Internet Research Task Force (IRTF) hosted by the University of Texas at Austin. This memo provides information for the Internet community. - - - - - - - - + &RFC5209; + &RFC3444; - - -