Automated XIoT device management GoldenPath
Michael Maymann
m at maymann.com
Thu Jun 15 21:17:00 UTC 2023
For additional information, I have created a suggestion for SONiC
switches on this subject:
https://github.com/sonic-net/SONiC/issues/1362
Den tors. 15. jun. 2023 kl. 23.08 skrev Michael Maymann <m at maymann.com>:
>
> Hi list,
>
> first Q, so please be nice ;)
> If I am in the wrong list, please just let me know where to ask :)
>
> I am in the process of figuring out the architecture of how to
> automate XIoT device management best possible, and thought the
> following functionality in Radius would be a good approach.
> Are these something that is already supported in FreeRadius?
> Suggestions for better alternatives or guides/links on how to best
> achieve this are much appreciated :)
>
> "ZeroConf" XIoT info:
> - [MUD](https://datatracker.ietf.org/doc/rfc8520) retrieval (-> asset
> management system -> XIoTType ACL creation/approval -> provisioning)
> - [SBOM](https://cyclonedx.org/specification/overview) retrieval (->
> asset management system -> continuous lightweight vulnerability
> scanning -> proactive compromisation actions)
>
> ZeroTrust XIoT PNAC 802.1x EAP-TLS authentication:
> - [FDO](https://github.com/fido-device-onboard)
> - [KeyLime](https://github.com/keylime)
> - [Akri](https://github.com/project-akri/akri)
>
> ZeroTouch XIoT provisioning:
> - [AWS IoT Greengrass](https://github.com/aws-greengrass)
> - [Tinkerbell](https://github.com/tinkerbell/proposals/issues/66)
>
> Thanks in advance :)
>
> Br.
> Michael
More information about the Freeradius-Users
mailing list