Time | Item | Who | Notes |
---|
| Firewall On Demand (FoD) |
| - (info page for FoD development https://wiki.geant.org/pages/viewpage.action?pageId=63965046)
- FoD v1.5 = FoD with new functionalities: rule range specification, current rule behavior statistic graphs, multi-tenant rule control REST-API
- FoD v1.6 = FoD with automated rule proposal from RepShield
- FoD v1.5 pilot installation
- REST API basically works (querying, creating, changing, deleting rules), for FoD v1.6 automated rule proposal functionality will has to be enhanced and extended
- Issues with Puppet on the pilot machine, replacing FoD files as well as reconfiguring Firewall resulting in blocked SSH sessions and FoD SNMP traffic
- Finally all changes for v1.5 have to be adapted in puppet, David is contact with Michael Haller from GÉANT for this
- Other FoD v1.5 pilot preparations
- Excel sheet for pilot acceptance criteria has to be reviewed and finalized
- Then pilot can be opened to the committed pilot users, Evangelos will prepare an introduction mail for the this
- Evangelos will sent old pilot evaluation survey which was of used for FoD v1.1 so it can be updated for v1.5
- FoD v1.5 production service documents
- Evangelos sent old PID document for FoD
- Now for the future production phase of FoD v1.5 (and all further versions) all necessary PLM documents have to be prepared, e.g. CBA, service description, service design plan
- Especially for the operative documents this will be done in close cooperation of Evangelos
- Deliverable D8.3 "DDoS Detection/Mitigation Pilot"
- Deliverable D8.3 about FoD pilot v1.6 (integration with RepShield) was finalized and sent to technical authors; now waiting for feedback
- FoD v1.6 (with RepShield) development/testing/pilot:
- Plan for pilot
- Use of FlowMon Warden/IDEA connector for accessing NSHaRP events by this Warden/RepShield instance
- Firewall-rule-updater (FRU) component: script which uses API of RepShield to get NSHaRP events (correlated with each other and other DDoS/security events/information) as well as REST API of FoD to propose rules in inactive state, inform respective (pilot) users via mail
- VM to install Warden/RepShield is lacking enough disk space and it would be preferable to recreate it again with CentOS 7 as OS, as Václav already has working scripts for RepShield (installation)
- Vaclav started to install Warden/RepShield on VM, Tomáš will find out status of it
- Explicit information about FlowMon Warden/IDEA connector documentation and test events of it are still missing; initial tests will be done by some assumptions
- For automated rule proposal by FRU existing FoD REST API will has to be enhanced and extended regarding following issues:
- Mapping of NShaRP users to FoD users along with assigned allowed IP prefixed (in FoD) and REST API tokens
- => potentially REST-API of FoD has to be extended to query that meta-information
- Ability to flexibly change rules (with API or GUI to later-on edit proposal) independently of other existing rules (e.g., from other NSHaRP events), even if their ip address source/destination pair is the same
- Maybe ability to group rules in FoD, as a single NSHaRP event has to be translated to multiple rules
|
| RepShield/NERD |
| - VM for RepShield for FoD v1.6 is lacking disk space and ideally should be reinstalled with CentOS 7 as OS
- So instead of installation of RepShield on this VM work on RepShield in general was continued.
|
| Certificate Transparency (CT) |
| No news because of holiday period
|
| F2F Meeting Planning |
| - Location: Prague is to be used (thanks to Tomáš and Václav)
- So everybody can check required travel time
- Foodl (https://foodl.org/foodle/T6-F2F-Meeting-596f1) was filled by mostly anybody
- => date will be 21-22.11.2017 (2 half days meeting)
|
| GEANT Symposium, 02-05.10.2017, Budapest |
| - Everybody in T6 is invited to come there
- Time is 03-04.10.2017
- Registration at https://eventr.geant.org/events/2564
- There will be a "Network Monitoring and Management" session where
- Evangelos will present about NSHaRP and FoD (15min)
- David will present about other parts of T6, i.e., mainly RepShield and CT (15min10min)
- Afterwards a 15-min discussion will follow
|
| Next VC |
| In 2 weeks: 23.08.2017, 14:15-15:15 CE(S)T
|