RFC 4111

Security Framework for Provider-Provisioned Virtual Private Networks (PPVPNs), July 2005

File formats:
icon for text file icon for PDF icon for HTML icon for inline errata
Updated by:
RFC 8996
L. Fang, Ed.
l3vpn (int)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC4111

Discuss this RFC: Send questions or comments to the mailing list l3vpn@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 4111


This document addresses security aspects pertaining to Provider-Provisioned Virtual Private Networks (PPVPNs). First, it describes the security threats in the context of PPVPNs and defensive techniques to combat those threats. It considers security issues deriving both from malicious behavior of anyone and from negligent or incorrect behavior of the providers. It also describes how these security attacks should be detected and reported. It then discusses possible user requirements for security of a PPVPN service. These user requirements translate into corresponding provider requirements. In addition, the provider may have additional requirements to make its network infrastructure secure to a level that can meet the PPVPN customer's expectations. Finally, this document defines a template that may be used to describe and analyze the security characteristics of a specific PPVPN technology. This memo provides information for the Internet community.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Advanced Search