plans in GEANT internally to bundle FOD with an RepShield/IDS and integrate with SD => coordination with T6 of this is desirable
test-fod: currently not connected to a router, but will be soon connected to the Cambridge Lab
Next features to develop:
usage functionality: support specification of src/dst port-ranges instead of list of single ports
usage functionality: table/graph of number of pakets (vs. time) blocked per rule
internally (management functionality): logging of user activity: e.g. for debugging
Other missing features, having been discussed:
IPv6: depending on JUNOS in GEANT which does not supports BGP flow spec with IPv6 for now; anyway, currently not much DDoS via IPv6 experienced
API for automated rule proposal from Repshield in future; generally: how to derive FOD rules (ideally with src/dst addresses) from reputation scores
Some NRENs, especially also among FOD subscribers are searching for alternative DDoS detection/mitigation solutions, e.g. from Arbor => idea: try to liase with them (invite to our DDoS DM(detection and mitigation) WG) and find out what are their requirements
GEANT: ideas/plans to investigate about solution for washing machine from ATEN (combination with flowmon as IDS)
=> track this activity (Evangelos) and coordinate with T6 as far as possible
CESNET: own hardware card solution (also in cooperation with flowmon) being under development: 1st milestone planned this summer, planned to be used in CESNET for protecting universities against attacks from GN/NRENs/other upstream; idea: later-on also test this inside GEANT
Status of Warden
some discussions with people on TNC (Vaclav), maybe some interested to have own installations (for testing etc.)
Status of RepShield
planned to have working prototype eof august
Status of Nemea (Security Testbed tools)
discussion during TNC with T5 (Jakub): maybe Nemea is one of the first candidates for MaaS SW provisioning (JRA2T5), waiting on T5 to decide this
Status of CT
David will separately contact Magnus/Linus about this
