[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ipfc-developer] IPFC extensions
From: |
Alexandre Dulaunoy |
Subject: |
Re: [Ipfc-developer] IPFC extensions |
Date: |
Tue, 25 Mar 2003 13:15:37 +0100 (CET) |
On Mon, 24 Mar 2003, Glauber Reis wrote:
> I think,it's my humble opinion, IPFC should also
> support remote configuration like when an XML-message
> is delivered to the DR-Server the (new kind of)
> wrapper ( the "
> i-know-how-to-configure-localhost-services" kind)
> could also verify if there is a "message" awating it,
> then it would get the message, configure the necessary
> files, restart the service and report back to the
> "IPFC layer" if it was succeful or not (rolling back
> if something went wrong). I think it would be
> necessary to extend IPFC protocol itself and i think
> there is no drawback at all since only the
> "extended-wrapper" and the dr-server would be aware of
> that new type of message. I dont think that creating
> another MSS framework would be of any good, a
> IPFC-protocol extension would be much better since the
> IPFC framework itself is very good. This way, one can
> tackle two problems, remotely monitoring security
> applications and configuring them.
> I am going to code a basic wrapper that would
> understand some local-host-configuration extension,
> not useful at all, just to see if it fits...
> The extensions still need to be agreed upon (if they
> are desired anyways).
>
> What do you folks think?
You can use the IPFC infrastructure (XML message and the 3 zone
structure) to distribute in the other way the messages. This is also
the purpose of the infrastructure.
You have also to add the verification of XML signature on the agent
side and add some complexity in the agent in order to manage
configuration and software install.
IMHO, the structure for configuration (on the backend side) should be
fully separated from the event side.
> Do you think of extending IPFC to a much broader
> focus, i mean jumping from a MSS framework to a MS
> framework?
It's still a MSS framework ;-)
Have a nice day,
adulau
--
Alexandre Dulaunoy -- http://www.foo.be/
3B12 DCC2 82FA 2931 2F5B 709A 09E2 CD49 44E6 CBCD --- AD993-6BONE
"People who fight may lose.People who do not fight have already lost."
Bertolt Brecht