Date
Attendees
Goals
- Status Updates of work items (FOD/RepShield), especially:
- FoD v1.5 transition to production
- FoD v1.6 pilot
- extended FoD rule concept
- new Warden connector installation
- Review Open Action Points from last VC(s)
- AOB
- PSNC FoD Installation Issue
- ACONET FoD EDUgain issue
Discussion items
Time | Item | Who | Notes |
---|
| Firewall On Demand (FoD) |
| - (info page for FoD development https://wiki.geant.org/pages/viewpage.action?pageId=63965046)
- FoD v1.5 = FoD with new functionalities: rule range specification, current rule behaviour statistic graphs, multi-tenant rule control REST-API
- FoD v1.6 = FoD with automated rule proposal from RepShield
- New support mailing list fod@lists.geant.org: David will ask Tryfon/Tobi to announce it
- FoD v1.5 transition to production
- FoD v1.5 is productive since last week
- Regarding the FoD Service Template it has still to be decided what processed to describe there; Examples of processes of other services:
- FoD v1.6 development
- New FoD extended rule concept: a rule can have multiple BGP FlowSpec routes (corresponding to multiple attacker IP prefixes)
- Editing of routes with a single route in UI works again, so reenabling full original behavior;
- Routes with multiple routes (e.g. proposed by FRU) can only be activated or deactivated
- David will check into this
- FRU can create rules with multiple attacker IP prefixes, using new rule concept
- Level of integration between FRU and RepShield has now to be investigated
- Warden collector script on test FlowMon machine updated to new version by Václav
- Investigated how to use FlowMon DDoS Defender events from production Flowmon for testing Warden (still in progress)
|
| DDoS Detection/Mitigation (D/M) WG |
| GARR DDoS D/M PoCs/Testing Framework - White paper writing has started
- First draft to be distributed to the task in about 2 weeks
- The results of the white paper will be presented in next SIG NOC meeting
|
| Next VC |
| In 2 weeks: 03.10.2018, 14:15-15:15 CE(S)T
|
Action items
- Evangelos: check status of ACONET's issue of accessing FoD in combination with IPv6/EDUgain
- Tomáš/David: continue to work on FoD v1.6 improved rule design
- David/Václav: try to integrate FRU more with RepShield
- David: test DDos testing tool provided by Tomáš
- Silvia, Nino: write first draft of white paper (about 2 weeks)
- all: next regular T6 VC: 03.10.2018, 14:15-15:15 CE(S)T