IF-MAP
The Interface for Metadata Access Points (IF-MAP) is an open specification for a client/server protocol developed by the Trusted Computing Group (TCG) as one of the core protocols of the Trusted Network Connect (TNC) open architecture.
IF-MAP provides a common interface between the Metadata Access Point (MAP), a database server acting as a clearinghouse for information about security events and objects, and other elements of the TNC architecture.
The IF-MAP protocol defines a publish/subscribe/search mechanism with a set of identifiers and data types.
History
The IF-MAP protocol was first published by the TCG on April 28, 2008. Originally, the IF-MAP specification was developed to support data sharing across various vendor’s devices and applications for network security.[1] The specification has also been adopted for additional use cases of data-sharing including physical security.[2]
The 2.0 version of the IF-MAP spec separated the base protocol from the metadata definitions that define how different types of information are represented. The goal in separating the base protocol from the metadata definitions within the specification was to allow the specification to be adopted across other technologies (such as cloud computing,[3] industrial control systems,[4] or smart grid) to leverage their existing data models within the MAP framework.[5]
Version 2.1 of the IF-MAP spec was published on May 7, 2012. The primary new feature of IF-MAP 2.1 is that the IF-MAP identifier space became extensible.[6]
A reference implementation is available under GPLv3 license on Google Code repository.[7]
IF-MAP adoption
IF-MAP is supported by a variety of vendors:
- HPE/Aruba Aruba (Gateways)
- Byres Security’s Tofino industrial security gateways.
- Great Bay Beacon endpoint profiler;
- Check Point Software Technologies (Identity Awareness Blade);
- Hirsch Electronics Velocity Physical Access Control System
- f5 Networks BIG-IP Application Delivery Firewall and Access Policy Manager;
- Infoblox Core Network Services Appliances and Orchestration (IF-MAP) Server;
- macmon secure GmbH NAC - certified Network Access Control made in Germany;
- Insightix BSA Business Security Assurance suite;
- Juniper Networks Unified Access Control (UAC), SSL VPN appliances (SA), Ringmaster WLAN management, and Smartpass Wireless Guest Portal Authentication;
- LogiSense Billing & OSS / Network Access Control;
- Lumeta IPsonar network discovery solutions;
- NCP Engineering IPsec / SSL VPN Gateway;
- QRadar SIEM (Now IBM Security Systems) Security Information & Event Management;
- strongSwan Open Source IPsec VPN Gateway with IF-MAP Interface;
- Pulse Secure Pulse Policy Secure,
References
- "Archived copy". Archived from the original on 2011-06-13. Retrieved 2010-09-13.CS1 maint: archived copy as title (link)
- http://www.securitymagazine.com/Articles/Online_Exclusives/BNP_GUID_9-5-2006_A_10000000000000886666
- "Archived copy". Archived from the original on 2010-04-24. Retrieved 2010-09-13.CS1 maint: archived copy as title (link)
- http://www.automation.com/content/securing-scada-and-control-networks
- "Archived copy". Archived from the original on 2010-12-06. Retrieved 2010-09-13.CS1 maint: archived copy as title (link)
- See IF-MAP 2.1 FAQ on trustedcomputinggroup.org
- omapd on google code
- Lawton, George. “New Protocol Improves Interaction among Networked Devices and Applications”, “Computing Now”, IEEE Computer Society.
- Reed, Brad. “NAC group expands its scope”, “Network World Magazine”, IDG Publishing.
- Beliles, Robert. “Technology for Securing a “Seat” at the Executive Table”, “Security Magazine”, BNP Media.
- “IF-MAP Based Intercloud Testbed In Planning”
- “Securing SCADA and Control Networks”
- Messmer, Ellen. “Trusted Computing Group eyes cloud security framework”, “Network World Magazine”, IDG Publishing.