Interface to Network Security Functions (I2NSF)

Interface to Network Security Functions (I2NSF) is a working group within the IETF formed to define a set of interfaces and data models for monitoring and managing network security functions hosted across multiple sites. I2NSF states,

Network security functions (NSFs) are provided and consumed in increasingly diverse environments. Users of NSFs could consume network security services hosted by one or more providers, which may be their own enterprise, service providers, or a combination of both. Likewise, service providers of NSFs may offer their customers network security services that consist of multiple security products and/or functions from different vendors. NSFs may be provided by physical and/or virtualized infrastructure. Without standard interfaces to express, monitor, and control security policies that govern the behaviour of NSFs, it becomes virtually impossible for security service providers to automate their service offerings that utilize different security functions from multiple vendors.[1]

One point to mention here is around adoption. I2NSF was formed in 2014, and has yet to gather full momentum within the industry. A working group meeting is scheduled for December 2017 to either recharter or close the initiative. Even so, this initiative is still certainly once to watch. Further info around I2NSF can be found at



Tags: SDN, NFV, NSF, Standards, IETF

About the Author


R Donato

Rick Donato is the Founder and Chief Editor of He currently works as a Principal Network Security Engineer and has a keen interest in automation and the cloud.

You can find Rick on Twitter @f3lix001