Prospective Architecture for SACM
draft-schaad-sacm-architecture-00
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Authors | Jim Schaad, David Waltermire | ||
| Last updated | 2017-05-04 (Latest revision 2016-10-31) | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document describes the high level architecture for Security Automation and Continuous Monitoring (SACM). The architecture identifies the components that provide for the collection, storage, dissemination, and evaluation of posture information. This architecture also describes the interfaces and associated operations that define the interactions between these components. This information will inform future engineering work around identifying existing standards for collecting, storing, disseminating, and evaluating endpoint posture information. This architecture will also help in identifying standardization gaps that require new engineering effort. Security practitioners need to request, analyze, and aggregate posture information from disparate sources that use differing means to identify endpoints, hardware, software, and configurations. This task is made harder by the large number of different protocols and formats needed to bring together all of this information into a single view. This architecture provides a means to automatically gather posture data together for standardized dissemination to downstream components. This allows security practitioners that leverage this architecture to focus on managing security problems, not data.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)