Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

TimeItemWhoNotes
FOD 
  • Currently investigating FOD source code and third party components/libraries used
    • investigating code especially regarding port range feature
    • in github is a newer version than on fod test system test-fod.geant.net (v1.2 vs v1.1.1)
      • obviously this also includes a REST interface, even for adding rules (at least from first sightings in docs), while the installed one has no REST interface
      • still to find out which commit the installed one actually represents
    • how to proceed for the new developments:
    • Evangelos will setup another test machine where the new version can be tested independently from existsing test system

  • add new FOD feature: redirection of strange traffic to (e.g.) a scrubbing center (i.e. to other VRF) ?

->  add as additional FOD related question to survey

 DDoS Detection/Mitigation Approaches  
 DDoS Detection Mitigation Survey  
  • Evangelos will send proposal for GEANT-specific questions
  • Based on this David will propose potential futher question concerning interest on FwaaS
 RepShield 
  • internal name of the Software: NERD; external (project) name: RepShield
  • working on automatic downloads of blacklists for NERD
  • started to implement login via shibboleth (edugain) -> maybe compare with edugain integration of FOD (if needed)
 CT 
  • closed a couple of bugs and moved closer towards a 0.9 release
  • discussed the upcoming key and config management system a bit, so closer to a design
 Roadmap Draft 
  • current FOD: v.1.1.1 installed, v1.2 in github
  • FOD v2 eof 2017-04 as deliverable D8.2; including demo(s)
    • new (user) functionalities: e.g. rate limiting, statistics view
    • new management functionalities: internal logging
    • maybe first preliminary rule proposal from RepShield
  • DDoS detection/mitigation pilot (v0.5) eof 2017-07 as deliverable D8.3; including demos(s)
    •  FOD with automated rule proposal from RepShield
  • DDoS detection/mitigation v1 eof 2018; including demos(s)
    • more enhanced mitigation beyond BGP FlowSpec (FOD)
    • based on SDN OF/NFV (FwaaS)
    • also with integrated rule proposal from RepShield

  • CT production service v1 eof 2016; in parallel to first NREN deplyments of CT server; maybe some demo how to make use of it (maybe using curl with integrated CT support)
  • CT production service v2 eof 2017-10 as deliverable D8.4; including demos(s)
 F2F-Meeting-Planning 

Foodle to find appropriate date(s): http://foodl.org/foodle/Dste-for-potential-JRA2-T6-Kickoff-57b56

Some members already filled it. Anybody else: Please fill it!

David will clarify covering of expenses for non-task members (Silvia, Albert) with Jerry

 Next regular T6 VC next regular T6 VC will be 07.09.2016, 14:00-14:30 CEST

...

  •  David: will continue to investigate FOD source code and also try to get new version running on local machine (along with all needed libraries/dependencies)
  •  Evangelos: install additional FOD test machine for testing new version separately
  •  Evangelos: will send proposal for GEANT-specific questions in DDoS D/M survey
  •  David: Based on this David will propose potential futher question concerning interest on FwaaS in DDoS D/M survey
  •  All: Fill foodle to find date(s) for potential F2F Kickoff Meeting
  •  David Schmitz clarify covering of expenses of potential F2F Kickoff-Meeting for non-task members (Silvia, Albert) with Jerry
  •  All: next regular task VC: Wed, 07.09.2016, 14:00-14:30 CEST