Internet DRAFT - draft-gstk-ccamp-actn-optical-transport-mgmt
draft-gstk-ccamp-actn-optical-transport-mgmt
CCAMP Working Group A. Farrel
Internet-Draft D. King
Intended status: Standards Track Old Dog Consulting
Expires: 24 April 2024 X. Zhao
CAICT
22 October 2023
Integrating YANG Configuration and Management into an Abstraction and
Control of TE Networks (ACTN) System for Optical Networks
draft-gstk-ccamp-actn-optical-transport-mgmt-01
Abstract
Many network technologies are operated as Traffic Engineered (TE)
networks. Optical networks are a particular, with many technology-
specific details.
Abstraction and Control of TE Networks (ACTN) is a management
architecture that abstracts TE network resources to provide a limited
network view for customers to request and self-manage connectivity
services. It also provides functional components to orchestrate and
operate the network.
Management of legacy optical networks is often provided via Fault,
Configuration, Accounting, Performance, and Security (known as FCAPS)
using mechanisms such as the Multi-Technology Operations System
Interface (MTOSI) and the Common Object Request Broker Architecture
(CORBA). FCAPS can form a critical part of configuration management
and service assurance for network operations. However, ACTN does not
include consideration of FCAPS.
This document enhances the ACTN architecture as applied to optical
networks by introducing support for FCAPS. It considers which
elements of existing IETF YANG work can be used to solve existing
scenarios and emerging technologies, and what new work may be needed.
This enhanced architecture may then be used to evolve networks from
CORBA and MTOSI FCAPS interfaces to IETF-based YANG and RESTful API
capabilities.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Farrel, et al. Expires 24 April 2024 [Page 1]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 24 April 2024.
Copyright Notice
Copyright (c) 2023 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. FCAPS Transport Network Management Approaches . . . . . . 4
1.2. Configuration Management . . . . . . . . . . . . . . . . 4
1.3. Service Assurance . . . . . . . . . . . . . . . . . . . . 5
1.4. Motivation and Scope . . . . . . . . . . . . . . . . . . 6
2. Extending the ACTN Architecture to Include FCAPS . . . . . . 6
3. Functionality at the MPI . . . . . . . . . . . . . . . . . . 8
3.1. Data Models at the MPI . . . . . . . . . . . . . . . . . 8
3.2. Abstraction and Control at the MPI . . . . . . . . . . . 9
4. Introduction to FCAPS . . . . . . . . . . . . . . . . . . . . 10
4.1. Functionalities Covered by FCAPS . . . . . . . . . . . . 10
5. Abstract Control and Fine-Grain Network Management for
ACTN . . . . . . . . . . . . . . . . . . . . . . . . . . 10
5.1. Abstract Control and Fine-Grain Network Management
Functions for the MPI . . . . . . . . . . . . . . . . . . 11
5.2. Fine-Grain Network Management Interfaces . . . . . . . . 12
5.3. Fine-Grain Network Management Data Models . . . . . . . . 12
5.4. Fine-Grain Network Management Example . . . . . . . . . . 14
6. Manageability Considerations . . . . . . . . . . . . . . . . 14
7. Security Considerations . . . . . . . . . . . . . . . . . . . 14
Farrel, et al. Expires 24 April 2024 [Page 2]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 16
10. Informative References . . . . . . . . . . . . . . . . . . . 16
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 18
1. Introduction
Abstraction and Control of Traffic Engineering Networks (ACTN)
[RFC8453] is an architecture that simplifies and optimises the
management and control of network resources to deliver connectivity
services in Traffic Engineering (TE) networks. ACTN abstracts and
controls TE resources to enable end-to-end service provisioning and
management across multiple network domains. It provides a way to
orchestrate and automate the management of network resources,
including connectivity and bandwidth, to meet the requirements of
specific services or applications.
ACTN in an optical network leverages SDN concepts to achieve its
objectives. By applying SDN principles, such as centralised control
and programmability, to the transport layer, ACTN enables efficient
orchestration and service provisioning in a multi-domain environment.
ACTN adds a higher-level framework and management capabilities
specifically tailored for TE transport networks, including the
abstraction of network resources, service provisioning, and resource
optimisation.
The term FCAPS [M-3060] is used in network management and stands for
Fault, Configuration, Accounting, Performance, and Security. It is a
widely accepted framework that documenting different aspects of
network management. FCAPS is a framework that categorises different
aspects of network management and provides a structured approach to
managing and maintaining networks, addressing various operational and
maintenance areas.
While ACTN primarily deals with the abstraction and control of TE
networks for service provisioning, FCAPS covers broader aspects of
network management. In practice, while ACTN provides a suitable
architecture for requesting and monitoring connectivity services,
operators would also like to leverage the FCAPS framework for
specific operational tasks and management activities.
ACTN and FCAPS are not mutually exclusive, and this document explains
how FCAPS can be integrated into the ACTN architecture as applied to
optical networks. It considers which elements of IETF work can be
used, and what new work is needed.
Farrel, et al. Expires 24 April 2024 [Page 3]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
This enhanced ACTN architecture is known as ACTN Fine-Grain Network
Management (ACTN FGNM). It provides an evolution path for FCAPS OSS
functions from Common Object Request Broker Architecture (CORBA)
[CORBA] interfaces and the MTOSI architecture, to IETF YANG-based
models and RESTful APIs.
1.1. FCAPS Transport Network Management Approaches
ITU-T G.805 [G-805] specifies the architecture and framework for the
management of transport (i.e., sub-IP) networks. G.805 provides
guidelines and principles for managing network resources and services
in a coordinated and efficient manner.
The TM Forum (TMF) has developed its own set of standards and
frameworks for managing telecommunications networks and services.
Specifically, the TMF developed the Telecommunications Management
Network (TMN) model and informed the ITU-T M.3060 [M-3060] to align
with G.805. TMN is a framework that defines a comprehensive set of
management functions and interfaces for network operations and
service management, that is, FCAPS.
More recently, ITU-T M.3041 [M-3041] introduced a framework for smart
operation, management, and maintenance (SOMM). In M.3041 provides
the characteristics, scenarios, and the functional architecture of
SOMM to support service operation, network management, and
infrastructure maintenance for both traditional physical networks and
for software-defined networking, and network function virtualisation
(non-SDN/VFN), and SDN/NFV aware networks.
This document shows how the ACTN architecture can accommodate the
principles of G.805 and M.3041 to include FCAPS capabilities. It
outlines existing IETF mechanisms, protocols and data models, and
indicates requirements where gaps exist.
1.2. Configuration Management
MTOSI [MTOSI] is a standard in the telecommunications industry that
provides a common framework for operations support systems (OSS) to
interact with various network elements and technologies. It defines
a set of standardized interfaces and protocols to enable the
integration of different OSS components.
It contains several capabilities and key features:
* Service Management: It focuses on service management, allowing
operators to efficiently provision, activate, and manage services
on the network;
Farrel, et al. Expires 24 April 2024 [Page 4]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
* Interoperability: MTOSI promotes interoperability between
different vendors' OSS components, reducing the complexity of
integrating heterogeneous network elements;
* Common Data Model: It defines a common data model for information
exchanged between OSS components, ensuring consistency and
accuracy in operations.
These features must be introduced into ACTN as ACTN FGNM, to enable
automation of operations, which is crucial for managing large, multi-
technology, complex, telecommunications networks.
Increasingly, network OSSes will require atomic-level views of
network devices and interfaces, instead of only abstracted views and
interactions. This will allow ACTN-based systems to leverage
inventory management, device-level and interface-level views, and
network configuration operations, via RESTful APIs instead of legacy
CORBA-based APIs.
1.3. Service Assurance
Service Assurance refers to the activities and processes that ensure
the quality, availability, and performance of services delivered by a
network. It monitors and manages the end-to-end service experience,
and meets Service Level Agreements (SLAs) and customer expectations.
By applying RESTful FCAPS functions to the ACTN framework, network
operators and service providers can address different aspects of
network management to support Service Assurance. This helps them
detect and resolve faults, manage configurations, track resource
usage, optimise performance, and enhance security, all of which
contributes to delivering reliable and high-quality services to
customers.
Not all Service Assurance requirements can be provided via existing
ACTN YANG models. Fine-grain detail may also be required,
supplementing abstract resource models with inventory-based models
[I-D.ietf-ccamp-network-inventory-yang]. This would provide an
atomic-level view of network devices and components, instead of only
abstracted views. Note that not all FCAPS functions require fine
grain views and control, a mix of abstracted and detailed views will
sometimes be needed.
Farrel, et al. Expires 24 April 2024 [Page 5]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
1.4. Motivation and Scope
Operators who manage optical transport networks can leverage ACTN for
resource abstraction and service provisioning. At the same time,
they can utilise the G.805 architecture and the TMN model to
establish effective network management practices, which will
facilitate service assurance. Combining the two management
approaches aligns with best-practice industry standards and allows
adopting emerging ACTN-based abstraction and control techniques.
This document studies the FCAPS requirements in the context of ACTN
functional components. It analyses the ACTN interfaces from a
management operations perspective. It identifies suitable IETF data
models that meet FCAPS requirements that can be utilised in the ACTN
architecture to support optical transport networks. Gaps and
requirements are identified where necessary so additional models may
be developed.
2. Extending the ACTN Architecture to Include FCAPS
Figure 1 shows the ACTN architecture from [RFC8453] enhanced to
provide FCAPS support. The Customer Network Controller (CNC), Multi-
domain Service Coordinator (MDSC), and Provisioning Network
Controller (PNC) are functional components of ACTN, as described in
RFC 8453. There are two ACTN interfaces between the components: the
CNC-MDSC Interface (CMI) and the MDSC-PNC Interface (MPI). In ACTN,
the CMI and MPI are realised using a combination of IETF data models.
Farrel, et al. Expires 24 April 2024 [Page 6]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
+---------+
| CNC |
+---------+
|
Boundary |
between ===========================|==========
Customer & | CMI
Network Operator |
Policy +---------------+
-----------| MDSC |
/ +---------------+
+-------------+ |
| OSS | | MPI+ FCAPS Extensions
+-------------+ |
\ +---------------------+
-------| Domain |
FCAPS | Controller |
| |
| +-----------+ |
| | NMS/EMS | |
| | .......... |
| | : | : |
| | : | PNC : |
| | :..|.....: |
| | | |
| +-----------+ |
| |
+---------------------+
/ |
/ |
----- |
( ) |
( Phys. ) |
( Net ) -----
----- ( )
( Phys. )
( Net )
-----
Figure 1: The ACTN Architecture Enhanced for FCAPS
Figure 1 shows the ACTN functional components as described in
[RFC8453], but also introduces some common management system
components. The Operational Support System (OSS) is the overarching
management component that the operator uses to coordinate customers,
services, and the network, and to apply policies across the network.
The Network Management System (NMS) allows an operator to manage a
Farrel, et al. Expires 24 April 2024 [Page 7]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
network or set of network elements as a single unit. At the same
time, the Element Management System (EMS) applies configuration and
management to individual network elements.
As described in [RFC8453], the function of the PNC may be provided by
an NMS or an EMS. Thus, Figure 1 shows the PNC overlapping with the
NMS/EMS. To avoid confusion between the three possible components
(NMS, EMS, PNC) that might all be used to operate the devices in the
network, this document groups all of their function together and uses
the term Domain Controller.
In a conventional management system, the OSS uses an interface with
the Domain Controller to exchange FCAPS information. This interface
has previously been based on CORBA/XML.
Furthermore, in an ACTN system, the OSS is likely the point of origin
for policy instructions that guide the MDSC in how it orchestrates
customer service requests and configures the network.
In [RFC8453] the MPI is used by the MDSC to instruct the PNCs about
how the network must be configured to deliver the customers'
services. The MPI also reports to the MDSC on the status of
provisioning commands and the availability of network resources.
However, up to now, the MDSC has had no visibility into the majority
of the FCAPS functions and has, therefore, had limited reactive and
proactive abilities.
Instead of only using abstracted Tunnel and Topology YANG models, the
capability to support network inventory and device models is
required. Facilitating much more detailed modeling, and
configuration management of network resource information.
This document examines how the MPI may be enhanced with extensions
that utilise current YANG models, such as inventory, and future YANG-
based data models to deliver extensions that provide RESTful FCAPS
support.
3. Functionality at the MPI
This section describes the MPI as specified before the addition of
FCAPS capabilities.
3.1. Data Models at the MPI
Figure 2 lists the data models that can be used at the MDI for
abstraction and control of underlying optical networks.
Farrel, et al. Expires 24 April 2024 [Page 8]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
Category | Data Model | Document
---------+---------------------------+--------------------------------
Topology | ietf-network | RFC 8345
+---------------------------+--------------------------------
| ietf-network-topology | RFC 8345
+---------------------------+--------------------------------
| ietf-te-topology | RFC 8795
+---------------------------+--------------------------------
| ietf-wson-topology | RFC9094
+---------------------------+--------------------------------
| ietf-otn-topology | draft-ietf-ccamp-otn-topo-yang
+---------------------------+--------------------------------
| ietf-flex-grid-topology | draft-ietf-ccamp-flexigrid-yang
+---------------------------+--------------------------------
| ietf-optical-impairement- | draft-ietf-ccamp-optical-
| topology | impairment-topology-yang
---------+---------------------------+--------------------------------
Tunnel | ietf-te | draft-ietf-teas-yang-te
+---------------------------+--------------------------------
| ietf-wson-tunnel | draft-ietf-ccamp-wson-tunnel-
| | model
+---------------------------+--------------------------------
| ietf-otn-tunnel | draft-ietf-ccamp-otn-tunnel-
| | model
+---------------------------+--------------------------------
| ietf-flexi-grid-media- | draft-ietf-ccamp-flexigrid-
| channel | media-channel-yang
---------+---------------------------+--------------------------------
Inventory| TBA | TBA
+---------------------------+--------------------------------
| |
Figure 2: ACTN MPI YANG Models
3.2. Abstraction and Control at the MPI
The abstraction of TE modeling is described in Section 3 of
[RFC8795]. The major objects that are modeled include TE topology,
TE node, TE link, TE Link Termination Point (LTP), TE Tunnel
Termination Point (TTP). Also included in the modeling are
transitional TE link, TE node connectivity matrix, and TTP Local Link
Connectivity List to describe the multiplexing relationship of links.
These TE concepts are generic, but they are also applicable within an
optical network. The MPI deals in abstracted TE network concepts and
so can be realised using the YANG models listed in Section 3.1 to
expose the TE modeled objects that can be enhanced using YANG model
augmentations to make them specific to optical technologies.
Farrel, et al. Expires 24 April 2024 [Page 9]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
4. Introduction to FCAPS
4.1. Functionalities Covered by FCAPS
Although the building blocks of FCAPS are Fault, Configuration,
Accounting, Performance, and Security, important functions for
integration with an ACTN system are Configuration and Performance,
which are underpinned by Inventory Management.
Inventory Management describes all objects involved in the network,
including hardware resources (such as network elements, chassis,
slots, boards, ports, optical modules, and cables, etc.) and logical
resource objects used for service provisioning.
The basic Configuration requirement in ACTN is to configure end-to-
end paths across the transport network based on the requirements of
users.
Alarm Management. When a network is running, the Domain Manager
collects alarm information from devices or processes connection-
related alarms and reports the alarms to the OSS of operator. So
that Operations and Management engineers can detect and rectify
network faults in time. The main functionalities include alarm
retrieval, alarm handling, and alarm control.
Performance Monitoring. Based on some Operations and Management
requirement scenarios, engineers need to collect and monitor
performance data from certain physical devices or logical objects to
identify the status of the network. The interfaces of Performance
Management include performance monitoring control, performance
information retrieval, and threshold crossing alert control.
5. Abstract Control and Fine-Grain Network Management for ACTN
Abstract Control represents the high-level strategic view and
objectives, while Fine-Grain Network Management represents the
detailed operational tasks and activities that support the strategic
objectives. Both levels are important for effective management and
control within the operator network.
Abstract Control is often mapped to G.805 [G-805] objects. An
Abstract Control object can also be mapped to several Fine-Grain
Network Management objects. Therefore, we should not see these
concepts as mutually exclusive, but instead as necessary approaches
to be combined for holistic control and operational management of
ACTN- based network infrastructures.
Farrel, et al. Expires 24 April 2024 [Page 10]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
In the context of ACTN, MPI is a concept and a set of mechanisms
within ACTN that enables the interconnection of services across
multiple domains or administrative boundaries. The MPI addresses the
challenge of interconnecting services across multiple administrative
domains. It provides a mechanism to coordinate and manage the
service delivery between domains while ensuring end-to-end service
continuity and quality.
As highlighted earlier in this document FCAPS capabilities are also
vital for smooth operation and troubleshooting of ACTN-based
services. It is expected that FCAPS capabilities will require Fine-
Grained Network Management Functions.
5.1. Abstract Control and Fine-Grain Network Management Functions for
the MPI
The Fine-Grain Network Management Functions can be categorised as
follows. Several aspects of there functions already exist in the
MDSC in the ACTN architecture, and are accessed via the MPI. Others
may be added to the MPI in the future.
Service Provisioning: This involves the detailed provisioning and
activation of services. This includes path computation, configuring
service parameters, policy management, allocating resources, and
ensuring proper service activation and deactivation.
Network Performance Monitoring: This encompasses monitoring and
analysing network performance. It involves collecting and analysing
performance metrics such as latency, jitter, packet loss, and
throughput to identify and resolve performance issues promptly.
Fault Detection and Alarm Management: This includes advanced fault
detection mechanisms to identify and troubleshoot network issues
quickly. It involves monitoring network elements, analysing alarms
and events, and performing fault localisation and isolation to
expedite problem resolution.
Security Management: This covers the management of security measures
within the telecommunications network. It involves activities such
as access control, authentication, encryption, intrusion detection,
and vulnerability management to ensure network security and protect
against threats.
Service Level Agreement (SLA) Management: This involves tracking
service performance against SLA targets, generating SLA reports, and
taking corrective actions to meet or exceed customer expectations.
Farrel, et al. Expires 24 April 2024 [Page 11]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
Capacity Planning: This encompasses detailed capacity planning
activities to ensure optimal resource utilisation and meet future
demands. It involves analysing traffic patterns, forecasting
capacity requirements, and implementing capacity expansion
strategies.
5.2. Fine-Grain Network Management Interfaces
Several legacy Fine-Grain Network Management interfaces, such as
CORBA, exist to facilitate the precise control and management of
network elements and services. These interfaces enable communication
and interaction between different systems, devices, and management
platforms:
* Command Line Interface (CLI)
* Simple Network Management Protocol (SNMP)
* CORBA/XML
New interfaces and data models have been developed that support Fine-
Grain Network Management functions. These models are written in
YANG, and the interfaces use NETCONF and RESTCONF, the latter also
providing RESTful API functions.
5.3. Fine-Grain Network Management Data Models
As noted in Section 5.1, new or enhanced data models may be required
for Fine-Grain Network Management in ACTN-based optical networks.
Figure 3 shows a functional architecture for YANG control in an ACTN
system enhanced with FGNM. The existing ACTN YANG models provide
access to network devices through topology models that map to
inventory and thus to configuration of network devices. The old
MTOSI approach provides access to inventory and device configuration.
The FGNM additions to ACTN retrieve information from the inventory
including performance information viewed through the lens of
topology. It also allows direct manipulation of devices through
configuration of inventory items in a mirror of the MTOSI function.
Lastly, fault and alarm information that is generated in respect of
the inventory may be delivered direct to the FGNM system or may be
correlated before being reported as incidents.
Farrel, et al. Expires 24 April 2024 [Page 12]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
------ ----------------------
| ACTN | | FGNM |
------ ----------------------
: ^ : ^ ^
: : : : :
: : : : ----------
----------:----:- : : | Incident |
| : : | : : ----------
MTOSI | Topology : : | : : ^
\ | : : | : : :
\ ----------:----:- : : Fault Correlation
\ : : : : ^
\ v : v : :
------------- \--------------------- -------------
| | | | | |
| Performance |---| Inventory |---| Fault/Alarm |
| | | | | |
------------- ---------------------\ -------------
| \
| \----------
--------------- | |
| Configuration | | Security |
--------------- | |
| ----------
|
Devices
Figure 3: Functional Model of ACTN with FGNM
Work in the IETF exists to provide optical interface configuration,
resource monitoring, telemetry data, alarm and incident monitoring,
inventory, life cycle management, service assurance, and asset
management. This existing IETF work includes:
* Incident Management for Network Services
[I-D.feng-opsawg-incident-management]
* A YANG Data Model for Network Hardware Inventory
[I-D.ietf-ccamp-network-inventory-yang]
* Service Assurance for Intent-based Networking Architecture
[RFC9417]
* YANG Modules for Service Assurance [RFC9418]
* A Data Manifest for Contextualized Telemetry Data
[I-D.ietf-opsawg-collected-data-manifest]
Farrel, et al. Expires 24 April 2024 [Page 13]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
* Asset Lifecycle Management and Operations Problem Statement
[I-D.palmero-opsawg-ps-almo]
* A YANG Data Model for Optical Resource Performance Monitoring
[I-D.yu-ccamp-optical-resource-pm-yang]
* A YANG model to manage the optical interface parameters for an
external transponder in a WDM network
[I-D.ietf-ccamp-dwdm-if-param-yang]
* A YANG Data Model for Client Signal Performance Monitoring
[I-D.zheng-ccamp-client-pm-yang]
This section will expand the list of the available IETF YANG data
models that could provide Fine-Grain Network Management
functionality, in the context of ACTN, specifically the MDI.
5.4. Fine-Grain Network Management Example
Editors note: An example of Fine-Grain Network Management of an
optical network using the ACTN architecture will be provided in
future versions of this document.
6. Manageability Considerations
TBD
7. Security Considerations
Security requirements will require that measures and protocol
security are applied to ensure the confidentiality, integrity, and
availability of information and resources within the context of an
ACTN FGNM-based OSS.
Key aspects of ACTN FGNM security, will require:
* Authentication: The process of verifying the identity of an ACTN
user, system, or device. Security includes mechanisms to
authenticate users and systems before allowing them to access
sensitive resources or perform certain operations;
* Authorization: Once a user or system is authenticated,
authorization determines what actions or resources they are
allowed to access. MTOSI security mechanisms define roles,
permissions, and access controls to ensure that only authorized
entities can perform specific tasks;
Farrel, et al. Expires 24 April 2024 [Page 14]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
* Data Encryption: Security may employ encryption techniques to
protect sensitive data as it is transmitted over the ACTN-based
OSS network. This prevents unauthorized access or interception of
information;
* Secure Communication Protocols: The use of secure communication
protocols, such as HTTPS (HTTP over SSL/TLS) or other
cryptographic protocols, ensures that data exchanged between ACTN
components remains confidential and secure;
* Secure Data Storage: Security measures are put in place to protect
data stored within the ACTN environment. This includes encryption
of stored inventory, device and service data, access controls, and
regular security audits;
* Auditing and Logging: This includes the capability to record and
monitor ACTN-based activities within the OSS. Audit logs provide
a record of who accessed what resources and when, which is crucial
for investigating security incidents or compliance with
regulations;
* Intrusion Detection and Prevention: Systems may have mechanisms in
place to detect and respond to unauthorized access attempts or
suspicious activities. Intrusion detection systems (IDS) and
intrusion prevention systems (IPS) can play a role in ACTN-based
security;
* Vulnerability Management: Regular security assessments and
vulnerability scans help identify and address potential weaknesses
in the ACTN environment;
* Security Policies and Procedures: Clear security policies and
procedures should be established and communicated to all
stakeholders. This ensures that everyone understands their
responsibilities in maintaining the security of the ACTN system;
* Incident Response: Security should include plans and procedures
for responding to security incidents, including steps for
containment, investigation, mitigation, and recovery
Overall, security is crucial for maintaining the integrity and
reliability of ACTN FGNM operations and support systems, especially
in an environment where sensitive customer data and critical network
resources are involved.
Farrel, et al. Expires 24 April 2024 [Page 15]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
8. IANA Considerations
This document makes no requests for IANA action.
9. Acknowledgements
Thanks to Chaode Yu for discussions that enhanced the material in
this document.
10. Informative References
[CORBA] Object Management Group, "Common Object Request Broker
Architecture (CORBA) Component Model.", Standard OMG,
March 2006, <https://www.omg.org/spec/CCM/>.
[G-805] International Telecommunication Union - Telecommunication
Standardization Sector, "ITU-T G.805, Generic functional
architecture of transport networks.", Recommendation ITU-T
Recommendation G.805, 10 March 2001,
<https://www.itu.int/rec/T-REC-G.805-200003-I/en>.
[I-D.feng-opsawg-incident-management]
Feng, C., Hu, T., Contreras, L. M., Graf, T., Wu, Q., Yu,
C., and N. Davis, "Incident Management for Network
Services", Work in Progress, Internet-Draft, draft-feng-
opsawg-incident-management-02, 21 October 2023,
<https://datatracker.ietf.org/doc/html/draft-feng-opsawg-
incident-management-02>.
[I-D.ietf-ccamp-dwdm-if-param-yang]
Galimberti, G., Kunze, R., Hiremagalur, D., and G.
Grammel, "A YANG model to manage the optical interface
parameters for an external transponder in a WDM network",
Work in Progress, Internet-Draft, draft-ietf-ccamp-dwdm-
if-param-yang-09, 13 March 2023,
<https://datatracker.ietf.org/doc/html/draft-ietf-ccamp-
dwdm-if-param-yang-09>.
[I-D.ietf-ccamp-network-inventory-yang]
Yu, C., Belotti, S., Bouquier, J., Peruzzini, F., and P.
Bedard, "A YANG Data Model for Network Hardware
Inventory", Work in Progress, Internet-Draft, draft-ietf-
ccamp-network-inventory-yang-02, 9 July 2023,
<https://datatracker.ietf.org/doc/html/draft-ietf-ccamp-
network-inventory-yang-02>.
Farrel, et al. Expires 24 April 2024 [Page 16]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
[I-D.ietf-opsawg-collected-data-manifest]
Claise, B., Quilbeuf, J., Lopez, D., Martinez-Casanueva,
I. D., and T. Graf, "A Data Manifest for Contextualized
Telemetry Data", Work in Progress, Internet-Draft, draft-
ietf-opsawg-collected-data-manifest-01, 10 July 2023,
<https://datatracker.ietf.org/doc/html/draft-ietf-opsawg-
collected-data-manifest-01>.
[I-D.palmero-opsawg-ps-almo]
Palmero, M., Brockners, F., Kumar, S., Cardona, C., and D.
Lopez, "Asset Lifecycle Management and Operations, Problem
Statement", Work in Progress, Internet-Draft, draft-
palmero-opsawg-ps-almo-00, 29 June 2023,
<https://datatracker.ietf.org/doc/html/draft-palmero-
opsawg-ps-almo-00>.
[I-D.yu-ccamp-optical-resource-pm-yang]
Yu, C., Peruzzini, F., Yanlei, Z., Busi, I., Guo, A., and
V. Lopez, "A YANG Data Model for Optical Resource
Performance Monitoring", Work in Progress, Internet-Draft,
draft-yu-ccamp-optical-resource-pm-yang-01, 10 July 2023,
<https://datatracker.ietf.org/doc/html/draft-yu-ccamp-
optical-resource-pm-yang-01>.
[I-D.zheng-ccamp-client-pm-yang]
Zheng, H., Busi, I., Yanlei, Z., Lopez, V., and O. G. de
Dios, "A YANG Data Model for Client Signal Performance
Monitoring", Work in Progress, Internet-Draft, draft-
zheng-ccamp-client-pm-yang-08, 9 July 2023,
<https://datatracker.ietf.org/doc/html/draft-zheng-ccamp-
client-pm-yang-08>.
[M-3041] International Telecommunication Union - Telecommunication
Standardization Sector, "ITU-T M.3041, Framework of smart
operation, management and maintenance.",
Recommendation ITU-T Recommendation M.3041, 13 February
2020, <https://www.itu.int/rec/T-REC-M.3041-202002-I/en>.
[M-3060] International Telecommunication Union - Telecommunication
Standardization Sector, "ITU-T M.3060, Principles for the
Management of Next Generation Networks.",
Recommendation ITU-T Recommendation M.3060/Y.2401, 22
March 2006,
<https://www.itu.int/rec/T-REC-M.3060-200603-I/en>.
[MTOSI] TeleManagment Forum (TM Forum), "The Multi-Technology
Operations System Interface.", Web page TM Forum,
<https://www.tmforum.org/mtosi/>.
Farrel, et al. Expires 24 April 2024 [Page 17]
�
Internet-Draft Integrating FCAPS with ACTN October 2023
[RFC8453] Ceccarelli, D., Ed. and Y. Lee, Ed., "Framework for
Abstraction and Control of TE Networks (ACTN)", RFC 8453,
DOI 10.17487/RFC8453, August 2018,
<https://www.rfc-editor.org/info/rfc8453>.
[RFC8795] Liu, X., Bryskin, I., Beeram, V., Saad, T., Shah, H., and
O. Gonzalez de Dios, "YANG Data Model for Traffic
Engineering (TE) Topologies", RFC 8795,
DOI 10.17487/RFC8795, August 2020,
<https://www.rfc-editor.org/info/rfc8795>.
[RFC9417] Claise, B., Quilbeuf, J., Lopez, D., Voyer, D., and T.
Arumugam, "Service Assurance for Intent-Based Networking
Architecture", RFC 9417, DOI 10.17487/RFC9417, July 2023,
<https://www.rfc-editor.org/info/rfc9417>.
[RFC9418] Claise, B., Quilbeuf, J., Lucente, P., Fasano, P., and T.
Arumugam, "A YANG Data Model for Service Assurance",
RFC 9418, DOI 10.17487/RFC9418, July 2023,
<https://www.rfc-editor.org/info/rfc9418>.
Authors' Addresses
Adrian Farrel
Old Dog Consulting
Email: adrian@olddog.co.uk
Daniel King
Old Dog Consulting
Email: daniel@olddog.co.uk
Xing Zhao
CAICT
Email: zhaoxing@caict.ac.cn
Farrel, et al. Expires 24 April 2024 [Page 18]
