Skip to main content

Applicability of Interfaces to Network Security Functions to Network-Based Security Services

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc:, The IESG <>,,, Linda Dunbar <>,,,
Subject: Document Action: 'Applicability of Interfaces to Network Security Functions to Network-Based Security Services' to Informational RFC (draft-ietf-i2nsf-applicability-18.txt)

The IESG has approved the following document:
- 'Applicability of Interfaces to Network Security Functions to Network-
   Based Security Services'
  (draft-ietf-i2nsf-applicability-18.txt) as Informational RFC

This document is the product of the Interface to Network Security Functions
Working Group.

The IESG contact persons are Benjamin Kaduk and Roman Danyliw.

A URL of this Internet Draft is:

Ballot Text

Technical Summary

   This document describes the applicability of Interface to Network
   Security Functions (I2NSF) to network-based security services in
   Network Functions Virtualization (NFV) environments, such as
   firewall, deep packet inspection, or attack mitigation engines.

Working Group Summary

This document is specifically written for I2NSF WG as one of the milestones specified by the I2NSF Charter. This document is not considered by any other WGs. 

There was nothing exceptional in the WG processing for this document.

There was careful debate resulting in merging contents from other drafts into this document.

Document Quality

This applicability document is not directly implementable, but it describes how I2NSF work are used in NFV environment to achieve software defined security policy enforcement.  At least two organizations are building a system based on the work of the working group and following this approach as an architecture. There has also been experimentation at IETF hackathons that is consistent with the work.


Linda Dunbar is the document shepherd. 
Roman Danyliw is the responsible AD. 

RFC Editor Note