Versions Compared

Old Version 4

changes.mady.by.user David Schmitz

Saved on

compared with

New Version Current

changes.mady.by.user David Schmitz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

TimeItemWhoNotes

Firewall On Demand (FoD)
  • (info page for FoD development https://wiki.geant.org/pages/viewpage.action?pageId=63965046)
  • FoD v1.5 = FoD with new functionalities: rule range specification, current rule behaviour statistic graphs, multi-tenant rule control REST-API
  • FoD v1.6 = FoD with automated rule proposal from RepShield
  • FoD v1.5 Pilot UAT testing
        • Existing user documentation (as presentation document, especially regarding rule control REST API) should be extended to a proper document, e.g. to be used in future user trainings
        • Pilot evaluation survey which was of used for FoD v1.1 has to be reviewed and updated for v1.5
        • Enhancements made based on UAT user feedback are packaged via a new rpm to be installed on UAT test machine so that pilot users can test them: waiting for Michael Haller to perform respective changes
        • Tomáš' investigation about DatePicker for increased expiration limit and zooming in statistic graphs is in progress
  • FoD v1.5 production service documents
      • Now for the future production phase of FoD v1.5 (and all further versions) all necessary PLM documents have to be prepared, e.g. CBA, service description, service design plan
      • Especially for the operative documents this will be done in close cooperation of Evangelos
      • For most PLM documents, this will be done by filling the FoD service template wiki pages (https://wiki.geant.org/display/gn42jra2/Firewall-On-Demand+%28FoD%29+Service) which David started to fill
      • Evangelos will check the service template to get acquainted with it
  • FoD v1.6 (with RepShield) development/testing/pilot:
        • Exporting events from Flowmon to local Warden was repaired (version issues solved)
        • Tomáš has supervised some student work which investigated how to simulate/test a DDoS (amplification) attack; he will provide results to task
        • Analysis of historic DoS events in local Warden (Nov 2017+last 5 days since 2018-02-02): 38 events, can be replayed into local Warden to test/development of FirewallRuleUpdater
        • D(D)oS testing/simulation with single attack machine not yet successful, i.e. no respective events in Flowmon were created, i.e. Flowmon did not recognize as attack

DDoS Detection/Mitigation (D/M) WG
  • GARR DDoS D/M PoCs/Testing Framework
      • In next days: start Radware PoC, machines to be installed a expected to arrive this week
      • Silvia/Nino are also investigating tools/techniques to simulate/test attacks, especially in order regarding their detection in the ARBOR PoC, e.g., hping3

T6 Code on Github
  • Nicole Harris still needs to grant write permission to Tomáš and Václav to publish code on GEANT Github

Next VC

In 2 weeks: 21.02.2018, 14:15-15:15 CE(S)T

Action items

  •  Evangelos: check the FoD service template (https://wiki.geant.org/display/gn42jra2/Firewall-On-Demand+%28FoD%29+Service) to get acquainted with it
  •  Evangelos/David: wait for Michael Haller to update UAT FoD
  •  David/Tomáš/Václav: start FirewallRuleUpdater development/testing
  •  Tomáš: investigate JavaScript DatePicker issue
  •  Tomáš: investigate possibilities for zooming in mitigation stats graphs
  •  Tomáš: provide results of student work to simulate/test DDoS (amplification) attacks
  •  all: next regular T6 VC: 21.02.2018, 14:15-15:15 CE(S)T

...