← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #57178

[Bug 1628658] [NEW] [RFE] FWaaS integration with Congress for firewall policy validation

  Thread PreviousDate PreviousThread Next 
Public bug reported:

FWaaS is a repository for storing and applying security rules to permit
or deny network access. Rules should be able to be validated and
accepted or rejected based on security policy. Since Congress is the
engine for policy validation, work to link FWaaS and Congress.

Use case: For example as a company we may decided that connections from,
say, North Korea (NK ip space, if there is such a thing) should not be
allowed on port 3306. So we may have policy that will check all incoming
firewall rules that may allow that and if they do reject them.

This information has also been enqueued for consideration by Congress,
see [1].

[1] https://blueprints.launchpad.net/congress/+spec/congress-fwaas

** Affects: neutron
     Importance: Undecided
     Assignee: Nate Johnston (nate-johnston)
         Status: New


** Tags: fwaas

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1628658

Title:
  [RFE] FWaaS integration with Congress for firewall policy validation

Status in neutron:
  New

Bug description:
  FWaaS is a repository for storing and applying security rules to
  permit or deny network access. Rules should be able to be validated
  and accepted or rejected based on security policy. Since Congress is
  the engine for policy validation, work to link FWaaS and Congress.

  Use case: For example as a company we may decided that connections
  from, say, North Korea (NK ip space, if there is such a thing) should
  not be allowed on port 3306. So we may have policy that will check all
  incoming firewall rules that may allow that and if they do reject
  them.

  This information has also been enqueued for consideration by Congress,
  see [1].

  [1] https://blueprints.launchpad.net/congress/+spec/congress-fwaas

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1628658/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next