Versions Compared

Old Version 3

changes.mady.by.user Stefan Winter

Saved on

compared with

New Version 4

changes.mady.by.user Stefan Winter

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Applicable if DNS records maintenance is required (naming scheme and type of records)

Infrastructure Hosting Requirements

Indicate requirements for infrastructure hosting, scoping by the above indicated infrastructure elements as necessary, or introducing the new ones (when hosting black-box components) . 


Hosting requirements

Applying to Web Frontend VM

Applying to RADIUS SP Proxy VM

Availability

99.9%99.99%

Backup (what, frequency, retention period)

What: database contents, product configuration, product logs

Frequency: once per day

Period: 1 month

What: database contents, product configuration, product logs

Frequency: once per day

Period: 1 month

Monitoring and alerting1

IPv4 and IPv6 reachability

HTTPS on IPv4 and IPv6

MariaDB server running?

memory and disk usage

IPv4 and IPv6 reachability

RADIUS responsivity on RADIUS/UDP master port (monitoring script to be made available)

MariaDB server running?

memory and disk usage

Measuring and Reporting2

number of eduroam SPs enrolled, monthly (figure can be read from UI, cumulative)

number of eduroam authentications proxied, monthly (automated SQL query can be crafted upon request)

Log retention3

for each month, 1 of the database backups should be retained "forever"

product logs should be retained for 6 months

for each month, 1 of the database backups should be retained "forever"

product logs should be retained for 6 months

Security policy for access and usage4

The log and database should be accessible only to OT personnel. There is next to no PII in the log files or database - limited to ePTID of administrators

The log and database should be accessible only to OT personnel. There is next to no PII in the log files or database - limited to normal RADIUS proxy logs, with identical GDPR treatment requirements as ETLR logs).


1As the minimum, network accessibility (outside of LAN) and hardware resource usage must be monitored. Indicate if some of these resources can be deemed critical so that adequate thresholds for alerting are implemented. Additional, indicate which specific applications uptime and operational health must be monitored and alerting implemented.

2Define what should be measured, how and with what period in order to deliver appropriate reporting relating to KPIs, usage, etc.

3Define which logs should be kept in order to have debugging data and data in case of misuse of the service, and how long logs should be retained.

4Define the policy for limiting access to the piece of the infrastructure and where it should be implemented (system level, network level etc.)

System and Application Maintenance Requirements

Indicate requirements for system and application maintenance, scoping by the indicated infrastructure elements, as necessary. 


System and application requirements

Applying to Group_1_distinguisher

Applying to Group_2_distinguisher

Operating system



Applications1



Maintenance hours2

Configuration management3




1 List the applications installed on a system, and add corresponding licenses where applicable.

Define the appropriate time window for regular maintenance or give some recommendations.

Applies to automatised configuration management. Describe the system used.

Human Resources Requirements

Indicate requirements both in skills and manpower needed, for personnel needed for the DevOps team (that maintains service specific applications) and for L2 support.

Human resources requirements

Applying to Group_1_distinguisher

Applying to Group_2_distinguisher

Description



Manpower (in % of FTE)



Recommended number of persons (considering backup)

Skills