sphinx.addnodesdocument)}( rawsource children]docutils.nodessection)}(hhh](h title)}(h/Appendix A - Guidelines For Application Vendorsh]h Text/Appendix A - Guidelines For Application Vendors}(hhparenth _documenthsourceNlineNuba
attributes}(ids]classes]names]dupnames]backrefs]utagnamehhhhhhJ/var/jenkins_home/workspace/cntt-tox/doc/ref_model/chapters/appendix-a.rsthKubh)}(hhh](h)}(hGoalsh]hGoals}(hh2hh0hhhNhNubah}(h!]h#]h%]h']h)]uh+hhh-hhhh,hKubh paragraph)}(hThis Appendix has two goals:h]hThis Appendix has two goals:}(hhBhh@hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKhh-hhubh enumerated_list)}(hhh](h list_item)}(hvProvide guidance to VNF or more generally Application vendors on how to consume CNTT Reference Model and Architecturesh]h?)}(hhWh]hvProvide guidance to VNF or more generally Application vendors on how to consume CNTT Reference Model and Architectures}(hhWhhYhhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK hhUubah}(h!]h#]h%]h']h)]uh+hShhPhhhh,hNubhT)}(hProvide usable definitions of maturity levels for VNF software architecture between Physical-to-Virtual migration and “Cloud Native”.
h]h?)}(hProvide usable definitions of maturity levels for VNF software architecture between Physical-to-Virtual migration and “Cloud Native”.h]hProvide usable definitions of maturity levels for VNF software architecture between Physical-to-Virtual migration and “Cloud Native”.}(hhrhhphhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK
hhlubah}(h!]h#]h%]h']h)]uh+hShhPhhhh,hNubeh}(h!]h#]h%]h']h)]enumtypearabicprefixhsuffix.uh+hNhh-hhhh,hK ubh?)}(hThe goal is not to be prescriptive on how to re-architect existing or architect new applications but rather staying within scope of focusing on interface and interaction between applications and platform.h]hThe goal is not to be prescriptive on how to re-architect existing or architect new applications but rather staying within scope of focusing on interface and interaction between applications and platform.}(hhhhhhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKhh-hhubeh}(h!]goalsah#]h%]goalsah']h)]uh+h
hhhhhh,hKubh)}(hhh](h)}(hIntro and Terminologyh]hIntro and Terminology}(hhhhhhhNhNubah}(h!]h#]h%]h']h)]uh+hhhhhhh,hKubh?)}(hXO Taking advantage of RM and RA environments with common capabilities, applications can be developed and deployed more rapidly, providing more service agility and easier operations. The extent to which this can be achieved will depend on levels of decoupling between application and infrastructure or platform underneath the application:h]hXO Taking advantage of RM and RA environments with common capabilities, applications can be developed and deployed more rapidly, providing more service agility and easier operations. The extent to which this can be achieved will depend on levels of decoupling between application and infrastructure or platform underneath the application:}(hhhhhhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKhhhhubh?)}(h**1. Infrastructure**:h](h strong)}(h**1. Infrastructure**h]h1. Infrastructure}(hhhhhhhNhNubah}(h!]h#]h%]h']h)]uh+hhhubh:}(h:hhhhhNhNubeh}(h!]h#]h%]h']h)]uh+h>hh,hKhhhhubh bullet_list)}(hhh](hT)}(hX# a. Application functionality or application control requires infrastructure components beyond RM profiles or infrastructure configuration changes beyond RA exposed APIs. Generally, such an application is tightly coupled with the infrastructure which results in an Appliance deployment model.h]hO)}(hhh]hT)}(hX Application functionality or application control requires infrastructure components beyond RM profiles or infrastructure configuration changes beyond RA exposed APIs. Generally, such an application is tightly coupled with the infrastructure which results in an Appliance deployment model.h]h?)}(hhh]hX Application functionality or application control requires infrastructure components beyond RM profiles or infrastructure configuration changes beyond RA exposed APIs. Generally, such an application is tightly coupled with the infrastructure which results in an Appliance deployment model.}(hhhhhhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKhhubah}(h!]h#]h%]h']h)]uh+hShhubah}(h!]h#]h%]h']h)]h
loweralphahhhhuh+hNhhubah}(h!]h#]h%]h']h)]uh+hShhhhhNhNubhT)}(hX b. Application control using RA APIs finds node (already configured in support of the profiles) with required infrastructure component(s), and in that node using RA APIs configures infrastructure components that make application work. Example is application that to achieve latency requirements needs certain acceleration adapter available in RM profile and is exposed through RA APIs.h]hO)}(hhh]hT)}(hX~ Application control using RA APIs finds node (already configured in support of the profiles) with required infrastructure component(s), and in that node using RA APIs configures infrastructure components that make application work. Example is application that to achieve latency requirements needs certain acceleration adapter available in RM profile and is exposed through RA APIs.h]h?)}(hj h]hX~ Application control using RA APIs finds node (already configured in support of the profiles) with required infrastructure component(s), and in that node using RA APIs configures infrastructure components that make application work. Example is application that to achieve latency requirements needs certain acceleration adapter available in RM profile and is exposed through RA APIs.}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKhj ubah}(h!]h#]h%]h']h)]uh+hShj ubah}(h!]h#]h%]h']h)]hj hhhhstartKuh+hNhj ubah}(h!]h#]h%]h']h)]uh+hShhhhhNhNubhT)}(hX c. Application control using RA APIs finds node (already configured in support of the profiles) with optional infrastructure component(s), and in that node using RA APIs configures infrastructure component(s) that make application work better (like more performant) than without that infrastructure component. Example is application that would have better TCO with certain acceleration adapter but can also work without it.h]hO)}(hhh]hT)}(hX Application control using RA APIs finds node (already configured in support of the profiles) with optional infrastructure component(s), and in that node using RA APIs configures infrastructure component(s) that make application work better (like more performant) than without that infrastructure component. Example is application that would have better TCO with certain acceleration adapter but can also work without it.h]h?)}(hjG h]hX Application control using RA APIs finds node (already configured in support of the profiles) with optional infrastructure component(s), and in that node using RA APIs configures infrastructure component(s) that make application work better (like more performant) than without that infrastructure component. Example is application that would have better TCO with certain acceleration adapter but can also work without it.}(hjG hjI hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKhjE ubah}(h!]h#]h%]h']h)]uh+hShjB ubah}(h!]h#]h%]h']h)]hj hhhhj7 Kuh+hNhj> ubah}(h!]h#]h%]h']h)]uh+hShhhhhNhNubhT)}(hod. Application control using RA APIs finds general profile node without any specific infrastructure component.
h]hO)}(hhh]hT)}(hlApplication control using RA APIs finds general profile node without any specific infrastructure component.
h]h?)}(hkApplication control using RA APIs finds general profile node without any specific infrastructure component.h]hkApplication control using RA APIs finds general profile node without any specific infrastructure component.}(hju hjs hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKhjo ubah}(h!]h#]h%]h']h)]uh+hShjl ubah}(h!]h#]h%]h']h)]hj hhhhj7 Kuh+hNhjh ubah}(h!]h#]h%]h']h)]uh+hShhhhhNhNubeh}(h!]h#]h%]h']h)]bullet-uh+hhh,hKhhhhubh?)}(h**2. Platform Services**h]h)}(hj h]h2. Platform Services}(hhhj hhhNhNubah}(h!]h#]h%]h']h)]uh+hhj ubah}(h!]h#]h%]h']h)]uh+h>hh,hKhhhhubh)}(hhh](hT)}(ha. Application functionality or application control can work only with its own components instead of using RA-defined Platform Services.h]hO)}(hhh]hT)}(hApplication functionality or application control can work only with its own components instead of using RA-defined Platform Services.h]h?)}(hj h]hApplication functionality or application control can work only with its own components instead of using RA-defined Platform Services.}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKhj ubah}(h!]h#]h%]h']h)]uh+hShj ubah}(h!]h#]h%]h']h)]hj hhhhuh+hNhj ubah}(h!]h#]h%]h']h)]uh+hShj hhhNhNubhT)}(h_b. With custom integration effort, application can be made to use RA-defined Platform Services.h]hO)}(hhh]hT)}(h\With custom integration effort, application can be made to use RA-defined Platform Services.h]h?)}(hj h]h\With custom integration effort, application can be made to use RA-defined Platform Services.}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKhj ubah}(h!]h#]h%]h']h)]uh+hShj ubah}(h!]h#]h%]h']h)]hj hhhhj7 Kuh+hNhj ubah}(h!]h#]h%]h']h)]uh+hShj hhhNhNubhT)}(h`c. Application is designed and can be configured for running with RA-defined Platform Services.
h]hO)}(hhh]hT)}(h]Application is designed and can be configured for running with RA-defined Platform Services.
h]h?)}(h\Application is designed and can be configured for running with RA-defined Platform Services.h]h\Application is designed and can be configured for running with RA-defined Platform Services.}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKhj ubah}(h!]h#]h%]h']h)]uh+hShj
ubah}(h!]h#]h%]h']h)]hj hhhhj7 Kuh+hNhj ubah}(h!]h#]h%]h']h)]uh+hShj hhhNhNubeh}(h!]h#]h%]h']h)]j j uh+hhh,hKhhhhubh?)}(h**3. Application Resiliency**h]h)}(hj< h]h3. Application Resiliency}(hhhj> hhhNhNubah}(h!]h#]h%]h']h)]uh+hhj: ubah}(h!]h#]h%]h']h)]uh+h>hh,hK hhhhubh)}(hhh](hT)}(ha. Application was designed and tested to run only on Carrier Grade platform with predictable infrastructure availability and performance.h]hO)}(hhh]hT)}(hApplication was designed and tested to run only on Carrier Grade platform with predictable infrastructure availability and performance.h]h?)}(hj] h]hApplication was designed and tested to run only on Carrier Grade platform with predictable infrastructure availability and performance.}(hj] hj_ hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK"hj[ ubah}(h!]h#]h%]h']h)]uh+hShjX ubah}(h!]h#]h%]h']h)]hj hhhhuh+hNhjT ubah}(h!]h#]h%]h']h)]uh+hShjQ hhhNhNubhT)}(hb. Application was designed and tested for full failures of infrastructure HW and SW components, but not for infrastructure impairment as the Application still needs predictable infrastructure performance (like CPU cycles and network latencies).h]hO)}(hhh]hT)}(hApplication was designed and tested for full failures of infrastructure HW and SW components, but not for infrastructure impairment as the Application still needs predictable infrastructure performance (like CPU cycles and network latencies).h]h?)}(hj h]hApplication was designed and tested for full failures of infrastructure HW and SW components, but not for infrastructure impairment as the Application still needs predictable infrastructure performance (like CPU cycles and network latencies).}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK#hj ubah}(h!]h#]h%]h']h)]uh+hShj ubah}(h!]h#]h%]h']h)]hj hhhhj7 Kuh+hNhj~ ubah}(h!]h#]h%]h']h)]uh+hShjQ hhhNhNubhT)}(hvc. Application was designed to run on shared Cloud platforms and tested for resilience to infrastructure impairments.
h]hO)}(hhh]hT)}(hsApplication was designed to run on shared Cloud platforms and tested for resilience to infrastructure impairments.
h]h?)}(hrApplication was designed to run on shared Cloud platforms and tested for resilience to infrastructure impairments.h]hrApplication was designed to run on shared Cloud platforms and tested for resilience to infrastructure impairments.}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK$hj ubah}(h!]h#]h%]h']h)]uh+hShj ubah}(h!]h#]h%]h']h)]hj hhhhj7 Kuh+hNhj ubah}(h!]h#]h%]h']h)]uh+hShjQ hhhNhNubeh}(h!]h#]h%]h']h)]j j uh+hhh,hK"hhhhubh?)}(hRelevant for sizing infrastructure and application operations (which often is another telco organizational unit or external 3rd party) is also how much is application decomposed from:h]hRelevant for sizing infrastructure and application operations (which often is another telco organizational unit or external 3rd party) is also how much is application decomposed from:}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK&hhhhubh?)}(hp**4. Other application functionality** (decomposition and manageability for scaling, availability and upgrades):h](h)}(h&**4. Other application functionality**h]h"4. Other application functionality}(hhhj hhhNhNubah}(h!]h#]h%]h']h)]uh+hhj ubhJ (decomposition and manageability for scaling, availability and upgrades):}(hJ (decomposition and manageability for scaling, availability and upgrades):hj hhhNhNubeh}(h!]h#]h%]h']h)]uh+h>hh,hK(hhhhubh)}(hhh](hT)}(ha. Application consists of huge monolithic components including algorithms that have different scaling (for example depending on type of traffic) and/or availability requirements.h]hO)}(hhh]hT)}(hApplication consists of huge monolithic components including algorithms that have different scaling (for example depending on type of traffic) and/or availability requirements.h]h?)}(hj h]hApplication consists of huge monolithic components including algorithms that have different scaling (for example depending on type of traffic) and/or availability requirements.}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK*hj ubah}(h!]h#]h%]h']h)]uh+hShj ubah}(h!]h#]h%]h']h)]hj hhhhuh+hNhj ubah}(h!]h#]h%]h']h)]uh+hShj hhhNhNubhT)}(h>b. Application consists of smaller tightly coupled components.h]hO)}(hhh]hT)}(h;Application consists of smaller tightly coupled components.h]h?)}(hj: h]h;Application consists of smaller tightly coupled components.}(hj: hj< hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK+hj8 ubah}(h!]h#]h%]h']h)]uh+hShj5 ubah}(h!]h#]h%]h']h)]hj hhhhj7 Kuh+hNhj1 ubah}(h!]h#]h%]h']h)]uh+hShj hhhNhNubhT)}(h@c. Decomposed application with loosely- or decoupled components.h]hO)}(hhh]hT)}(h=Decomposed application with loosely- or decoupled components.h]h?)}(hjd h]h=Decomposed application with loosely- or decoupled components.}(hjd hjf hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK,hjb ubah}(h!]h#]h%]h']h)]uh+hShj_ ubah}(h!]h#]h%]h']h)]hj hhhhj7 Kuh+hNhj[ ubah}(h!]h#]h%]h']h)]uh+hShj hhhNhNubhT)}(hmd. Availability like N+K or 1+1 is defined during application design and not configurable at deployment time.h]hO)}(hhh]hT)}(hjAvailability like N+K or 1+1 is defined during application design and not configurable at deployment time.h]h?)}(hj h]hjAvailability like N+K or 1+1 is defined during application design and not configurable at deployment time.}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK-hj ubah}(h!]h#]h%]h']h)]uh+hShj ubah}(h!]h#]h%]h']h)]hj hhhhj7 Kuh+hNhj ubah}(h!]h#]h%]h']h)]uh+hShj hhhNhNubhT)}(h=e. Mutable or immutable instances of application components.
h]hO)}(hhh]hT)}(h:Mutable or immutable instances of application components.
h]h?)}(h9Mutable or immutable instances of application components.h]h9Mutable or immutable instances of application components.}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK.hj ubah}(h!]h#]h%]h']h)]uh+hShj ubah}(h!]h#]h%]h']h)]hj hhhhj7 Kuh+hNhj ubah}(h!]h#]h%]h']h)]uh+hShj hhhNhNubeh}(h!]h#]h%]h']h)]j j uh+hhh,hK*hhhhubeh}(h!]intro-and-terminologyah#]h%]intro and terminologyah']h)]uh+h
hhhhhh,hKubh)}(hhh](h)}(hVNF Design Guidelinesh]hVNF Design Guidelines}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+hhj hhhh,hK1ubh?)}(hX A number of software design guidelines (industry best practices) have been developed over the years including micro-services, cohesion and coupling.
In addition to the industry best-practices, there are additonal guidelines and requirements specified by ONAP in
"`VNF or PNF Requirements Documentation `__." This section
does not supplant these well-known guidelines and practices. The content here only draws attention to some other design consideration that VNF
Developers need to incorporate in their practices. Please note that some of these guidelines may be incorporated by operators in their contracts with
VNF Vendors.h](hX A number of software design guidelines (industry best practices) have been developed over the years including micro-services, cohesion and coupling.
In addition to the industry best-practices, there are additonal guidelines and requirements specified by ONAP in
“}(hX A number of software design guidelines (industry best practices) have been developed over the years including micro-services, cohesion and coupling.
In addition to the industry best-practices, there are additonal guidelines and requirements specified by ONAP in
"hj hhhNhNubh reference)}(hq`VNF or PNF Requirements Documentation `__h]h%VNF or PNF Requirements Documentation}(h%VNF or PNF Requirements Documentationhj hhhNhNubah}(h!]h#]h%]h']h)]name%VNF or PNF Requirements DocumentationrefuriEhttps://docs.onap.org/projects/onap-vnfrqts-requirements/en/istanbul/uh+j hj ubhXC .” This section
does not supplant these well-known guidelines and practices. The content here only draws attention to some other design consideration that VNF
Developers need to incorporate in their practices. Please note that some of these guidelines may be incorporated by operators in their contracts with
VNF Vendors.}(hXA ." This section
does not supplant these well-known guidelines and practices. The content here only draws attention to some other design consideration that VNF
Developers need to incorporate in their practices. Please note that some of these guidelines may be incorporated by operators in their contracts with
VNF Vendors.hj hhhNhNubeh}(h!]h#]h%]h']h)]uh+h>hh,hK3hj hhubh?)}(hThese guidelines are written in an informal style and any resemblance to requirements is incidental. The VNF Developer **should** ensure that their
software and the resultant VNF image:h](hwThese guidelines are written in an informal style and any resemblance to requirements is incidental. The VNF Developer }(hwThese guidelines are written in an informal style and any resemblance to requirements is incidental. The VNF Developer hj" hhhNhNubh)}(h
**should**h]hshould}(hhhj+ hhhNhNubah}(h!]h#]h%]h']h)]uh+hhj" ubh8 ensure that their
software and the resultant VNF image:}(h8 ensure that their
software and the resultant VNF image:hj" hhhNhNubeh}(h!]h#]h%]h']h)]uh+h>hh,hK:hj hhubhO)}(hhh](hT)}(hCdoes not contain malicious code (e.g., malware, logic bombs, etc.).h]h?)}(hjI h]hCdoes not contain malicious code (e.g., malware, logic bombs, etc.).}(hjI hjK hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK=hjG ubah}(h!]h#]h%]h']h)]uh+hShjD hhhh,hNubhT)}(h@does not contain code such as daemons that exposes them to risk.h]h?)}(hj` h]h@does not contain code such as daemons that exposes them to risk.}(hj` hjb hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK>hj^ ubah}(h!]h#]h%]h']h)]uh+hShjD hhhh,hNubhT)}(h$does not contain clear text secrets.h]h?)}(hjw h]h$does not contain clear text secrets.}(hjw hjy hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK?hju ubah}(h!]h#]h%]h']h)]uh+hShjD hhhh,hNubhT)}(h=are only created with content and files from trusted sources.h]h?)}(hj h]h=are only created with content and files from trusted sources.}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hK@hj ubah}(h!]h#]h%]h']h)]uh+hShjD hhhh,hNubhT)}(hWare only packaged with files that have been found free of malware and vulnerabilities.
h]h?)}(hVare only packaged with files that have been found free of malware and vulnerabilities.h]hVare only packaged with files that have been found free of malware and vulnerabilities.}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKAhj ubah}(h!]h#]h%]h']h)]uh+hShjD hhhh,hNubeh}(h!]h#]h%]h']h)]hhhhhhuh+hNhj hhhh,hK=ubh?)}(hzAdditionally, in the design and implementation of their software, the VNF Developer **should** follow the guidance in the:h](hTAdditionally, in the design and implementation of their software, the VNF Developer }(hTAdditionally, in the design and implementation of their software, the VNF Developer hj hhhNhNubh)}(h
**should**h]hshould}(hhhj hhhNhNubah}(h!]h#]h%]h']h)]uh+hhj ubh follow the guidance in the:}(h follow the guidance in the:hj hhhNhNubeh}(h!]h#]h%]h']h)]uh+h>hh,hKChj hhubhO)}(hhh](hT)}(h~`CSA Security Guidance for Critical Areas of Focus in Cloud Computing (latest version) `__.h]h?)}(hj h](j )}(h}`CSA Security Guidance for Critical Areas of Focus in Cloud Computing (latest version) `__h]hUCSA Security Guidance for Critical Areas of Focus in Cloud Computing (latest version)}(hUCSA Security Guidance for Critical Areas of Focus in Cloud Computing (latest version)hj hhhNhNubah}(h!]h#]h%]h']h)]nameUCSA Security Guidance for Critical Areas of Focus in Cloud Computing (latest version)j !https://cloudsecurityalliance.orguh+j hj ubh.}(hhhj hhhNhNubeh}(h!]h#]h%]h']h)]uh+h>hh,hKEhj ubah}(h!]h#]h%]h']h)]uh+hShj hhhh,hNubhT)}(h`OWASP Cheat Sheet Series (OCSS) `__ from the `Open Web Application Security Project `__.h]h?)}(hj h](j )}(hO`OWASP Cheat Sheet Series (OCSS) `__h]hOWASP Cheat Sheet Series (OCSS)}(hOWASP Cheat Sheet Series (OCSS)hj hhhNhNubah}(h!]h#]h%]h']h)]nameOWASP Cheat Sheet Series (OCSS)j )https://github.com/OWASP/CheatSheetSeriesuh+j hj ubh
from the }(h
from the hj hhhNhNubj )}(hA`Open Web Application Security Project `__h]h%Open Web Application Security Project}(h%Open Web Application Security Projecthj- hhhNhNubah}(h!]h#]h%]h']h)]name%Open Web Application Security Projectj https://www.owasp.orguh+j hj ubh.}(hhhj hhhNhNubeh}(h!]h#]h%]h']h)]uh+h>hh,hKFhj ubah}(h!]h#]h%]h']h)]uh+hShj hhhh,hNubhT)}(hn:ref:`ref_model/chapters/chapter07:Workload Security - Vendor Responsibility` section of the Reference Model.
h]h?)}(hm:ref:`ref_model/chapters/chapter07:Workload Security - Vendor Responsibility` section of the Reference Model.h](h pending_xref)}(hM:ref:`ref_model/chapters/chapter07:Workload Security - Vendor Responsibility`h]h inline)}(hj[ h]hFref_model/chapters/chapter07:Workload Security - Vendor Responsibility}(hhhj_ hhhNhNubah}(h!]h#](xrefstdstd-refeh%]h']h)]uh+j] hjY ubah}(h!]h#]h%]h']h)]refdocchapters/appendix-a refdomainjj reftyperefrefexplicitrefwarn reftargetFref_model/chapters/chapter07:workload security - vendor responsibilityuh+jW hh,hKGhjS ubh section of the Reference Model.}(h section of the Reference Model.hjS hhhNhNubeh}(h!]h#]h%]h']h)]uh+h>hh,hKGhjO ubah}(h!]h#]h%]h']h)]uh+hShj hhhh,hNubeh}(h!]h#]h%]h']h)]hhhhhhuh+hNhj hhhh,hKEubh?)}(hThe VNF Developer **should** ensure that their code is not vulnerable to the `OWASP Top Ten Security Risks `__ created
by the `Open Web Application Security Project `__.h](hThe VNF Developer }(hThe VNF Developer hj hhhNhNubh)}(h
**should**h]hshould}(hhhj hhhNhNubah}(h!]h#]h%]h']h)]uh+hhj ubh1 ensure that their code is not vulnerable to the }(h1 ensure that their code is not vulnerable to the hj hhhNhNubj )}(hI`OWASP Top Ten Security Risks `__h]hOWASP Top Ten Security Risks}(hOWASP Top Ten Security Riskshj hhhNhNubah}(h!]h#]h%]h']h)]nameOWASP Top Ten Security Risksj &https://owasp.org/www-project-top-ten/uh+j hj ubh created
by the }(h created
by the hj hhhNhNubj )}(hA`Open Web Application Security Project `__h]h%Open Web Application Security Project}(h%Open Web Application Security Projecthj hhhNhNubah}(h!]h#]h%]h']h)]name%Open Web Application Security Projectj https://www.owasp.orguh+j hj ubh.}(hhhj hhhNhNubeh}(h!]h#]h%]h']h)]uh+h>hh,hKIhj hhubeh}(h!]vnf-design-guidelinesah#]h%]vnf design guidelinesah']h)]uh+h
hhhhhh,hK1ubh)}(hhh](h)}(h
Miscellaneoush]h
Miscellaneous}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+hhj hhhh,hKMubh target)}(h2.. _vnf-network-monitoring-capabilities---usecase:h]h}(h!]h#]h%]h']h)]refid+vnf-network-monitoring-capabilities-usecaseuh+j hKOhj hhhh,ubh)}(hhh](h)}(h.VNF Network Monitoring Capabilities - UseCase.h]h.VNF Network Monitoring Capabilities - UseCase.}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+hhj hhhh,hKRubh?)}(hNetwork Monitoring capabilities exposed by NFVI Platform are used for the passive observation of VNF-specific traffic traversing the NFVI when:h]hNetwork Monitoring capabilities exposed by NFVI Platform are used for the passive observation of VNF-specific traffic traversing the NFVI when:}(hj hj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKThj hhubh)}(hhh](hT)}(h6Performance issues and/or packet drops reported in VNFh]h?)}(hj/ h]h6Performance issues and/or packet drops reported in VNF}(hj/ hj1 hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKVhj- ubah}(h!]h#]h%]h']h)]uh+hShj* hhhh,hNubhT)}(h1Determining performance bottle necks at VNF levelh]h?)}(hjF h]h1Determining performance bottle necks at VNF level}(hjF hjH hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKWhjD ubah}(h!]h#]h%]h']h)]uh+hShj* hhhh,hNubhT)}(h.Doing anomaly detection and network forensics
h]h?)}(h-Doing anomaly detection and network forensicsh]h-Doing anomaly detection and network forensics}(hja hj_ hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hh,hKXhj[ ubah}(h!]h#]h%]h']h)]uh+hShj* hhhh,hNubeh}(h!]h#]h%]h']h)]j j uh+hhh,hKVhj hhubh?)}(hX **Note:** It is responsibility of NFVI Platform to expose capability to create virtual interface having mirrored traffic from monitored VNF. This port can be attached to Monitoring VNF so that all traffic from Monitored VNF would be available for troubleshooting/debugging purpose.h](h)}(h **Note:**h]hNote:}(hhhj} hhhNhNubah}(h!]h#]h%]h']h)]uh+hhjy ubhX It is responsibility of NFVI Platform to expose capability to create virtual interface having mirrored traffic from monitored VNF. This port can be attached to Monitoring VNF so that all traffic from Monitored VNF would be available for troubleshooting/debugging purpose.}(hX It is responsibility of NFVI Platform to expose capability to create virtual interface having mirrored traffic from monitored VNF. This port can be attached to Monitoring VNF so that all traffic from Monitored VNF would be available for troubleshooting/debugging purpose.hjy hhhNhNubeh}(h!]h#]h%]h']h)]uh+h>hh,hKZhj hhubeh}(h!](j
id1eh#]h%](.vnf network monitoring capabilities - usecase.-vnf-network-monitoring-capabilities---usecaseeh']h)]uh+h
hj hhhh,hKRexpect_referenced_by_name}j j sexpect_referenced_by_id}j
j subeh}(h!]
miscellaneousah#]h%]
miscellaneousah']h)]uh+h
hhhhhh,hKMubeh}(h!]-appendix-a-guidelines-for-application-vendorsah#]h%]/appendix a - guidelines for application vendorsah']h)]uh+h
hhhhhh,hKubah}(h!]h#]h%]h']h)]sourceh,uh+hcurrent_sourceNcurrent_lineNsettingsdocutils.frontendValues)}(hN generatorN datestampNsource_linkN
source_urlN
toc_backlinksentryfootnote_backlinksK
sectnum_xformKstrip_commentsNstrip_elements_with_classesN
strip_classesNreport_levelK
halt_levelKexit_status_levelKdebugNwarning_streamN tracebackinput_encoding utf-8-siginput_encoding_error_handlerstrictoutput_encodingutf-8output_encoding_error_handlerj error_encodingutf-8error_encoding_error_handlerbackslashreplace
language_codeenrecord_dependenciesNconfigN id_prefixhauto_id_prefixid
dump_settingsNdump_internalsNdump_transformsNdump_pseudo_xmlNexpose_internalsNstrict_visitorN_disable_configN_sourceh,_destinationN
_config_files]file_insertion_enabledraw_enabledKline_length_limitM'pep_referencesNpep_base_url https://www.python.org/dev/peps/pep_file_url_templatepep-%04drfc_referencesNrfc_base_urlhttps://tools.ietf.org/html/ tab_widthKtrim_footnote_reference_spacesyntax_highlightlongsmart_quotessmartquotes_locales]character_level_inline_markupdoctitle_xform
docinfo_xformKsectsubtitle_xformembed_stylesheetcloak_email_addressesenvNubreporterNindirect_targets]substitution_defs}substitution_names}refnames}refids}j
]j asnameids}(j j hhj j j j j j j j
j j u nametypes}(j NhNj Nj Nj Nj j Nuh!}(j hhh-j hj j j j j
j j j u
footnote_refs}
citation_refs}
autofootnotes]autofootnote_refs]symbol_footnotes]symbol_footnote_refs] footnotes] citations]autofootnote_startKsymbol_footnote_startK
id_countercollectionsCounter}j KsRparse_messages](h system_message)}(hhh]h?)}(h:Enumerated list start value not ordinal-1: "b" (ordinal 2)h]h>Enumerated list start value not ordinal-1: “b” (ordinal 2)}(hhhj: hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hj7 ubah}(h!]h#]h%]h']h)]levelKtypeINFOsourceh,lineKuh+j5 hj ubj6 )}(hhh]h?)}(h:Enumerated list start value not ordinal-1: "c" (ordinal 3)h]h>Enumerated list start value not ordinal-1: “c” (ordinal 3)}(hhhjV hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hjS ubah}(h!]h#]h%]h']h)]levelKtypejP sourceh,lineKuh+j5 hj> ubj6 )}(hhh]h?)}(h:Enumerated list start value not ordinal-1: "d" (ordinal 4)h]h>Enumerated list start value not ordinal-1: “d” (ordinal 4)}(hhhjq hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hjn ubah}(h!]h#]h%]h']h)]levelKtypejP sourceh,lineKuh+j5 hjh ubj6 )}(hhh]h?)}(h:Enumerated list start value not ordinal-1: "b" (ordinal 2)h]h>Enumerated list start value not ordinal-1: “b” (ordinal 2)}(hhhj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hj ubah}(h!]h#]h%]h']h)]levelKtypejP sourceh,lineKuh+j5 hj ubj6 )}(hhh]h?)}(h:Enumerated list start value not ordinal-1: "c" (ordinal 3)h]h>Enumerated list start value not ordinal-1: “c” (ordinal 3)}(hhhj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hj ubah}(h!]h#]h%]h']h)]levelKtypejP sourceh,lineKuh+j5 hj ubj6 )}(hhh]h?)}(h:Enumerated list start value not ordinal-1: "b" (ordinal 2)h]h>Enumerated list start value not ordinal-1: “b” (ordinal 2)}(hhhj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hj ubah}(h!]h#]h%]h']h)]levelKtypejP sourceh,lineKuh+j5 hj~ ubj6 )}(hhh]h?)}(h:Enumerated list start value not ordinal-1: "c" (ordinal 3)h]h>Enumerated list start value not ordinal-1: “c” (ordinal 3)}(hhhj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hj ubah}(h!]h#]h%]h']h)]levelKtypejP sourceh,lineKuh+j5 hj ubj6 )}(hhh]h?)}(h:Enumerated list start value not ordinal-1: "b" (ordinal 2)h]h>Enumerated list start value not ordinal-1: “b” (ordinal 2)}(hhhj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hj ubah}(h!]h#]h%]h']h)]levelKtypejP sourceh,lineKuh+j5 hj1 ubj6 )}(hhh]h?)}(h:Enumerated list start value not ordinal-1: "c" (ordinal 3)h]h>Enumerated list start value not ordinal-1: “c” (ordinal 3)}(hhhj hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hj ubah}(h!]h#]h%]h']h)]levelKtypejP sourceh,lineKuh+j5 hj[ ubj6 )}(hhh]h?)}(h:Enumerated list start value not ordinal-1: "d" (ordinal 4)h]h>Enumerated list start value not ordinal-1: “d” (ordinal 4)}(hhhj. hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hj+ ubah}(h!]h#]h%]h']h)]levelKtypejP sourceh,lineKuh+j5 hj ubj6 )}(hhh]h?)}(h:Enumerated list start value not ordinal-1: "e" (ordinal 5)h]h>Enumerated list start value not ordinal-1: “e” (ordinal 5)}(hhhjI hhhNhNubah}(h!]h#]h%]h']h)]uh+h>hjF ubah}(h!]h#]h%]h']h)]levelKtypejP sourceh,lineKuh+j5 hj ubetransform_messages]j6 )}(hhh]h?)}(hhh]hQHyperlink target "vnf-network-monitoring-capabilities-usecase" is not referenced.}(hhhjf ubah}(h!]h#]h%]h']h)]uh+h>hjc ubah}(h!]h#]h%]h']h)]levelKtypejP sourceh,lineKOuh+j5 ubatransformerNinclude_log]
decorationNhhub.