FoD v1.5 = FoD with new functionalities: rule range specification, current rule behavior statistic graphs, multi-tenant rule control REST-API
FoD v1.6 = FoD with automated rule proposal from RepShield
FoD v1.5 pilot installation
Missing pysnmp requirement was installed by Puppet engineer
Unprecedented issues happened at new UAT machine and on test machine, investigation by Tomáš revealed that this was caused by wrong config and now solved issues with beanstalk daemon on which FoD is depending on.
Other FoD v1.5 pilot preparations
Existing user documentation (as presentation document) update currently in progress
Excel sheet for pilot acceptance criteria reviewed
Pilot evaluation survey which was of used for FoD v1.1 has to be reviewed and updated for v1.5
Finally, Evangelos will prepare an introduction mail for designated pilot users
FoD v1.5 production service documents
Now for the future production phase of FoD v1.5 (and all further versions) all necessary PLM documents have to be prepared, e.g. CBA, service description, service design plan
Especially for the operative documents this will be done in close cooperation of Evangelos
Evangelos will check the service template to get acquainted with it
FoD v1.6 (with RepShield) development/testing/pilot:
Issues with FlowMon delivering NSHaRP events to Warden connector have to be investigated
DDoS Detection/Mitigation (D/M) WG
GARR DDoS D/M PoC
Silvia/Nino will report progress via mail
A10 with FlowMon PoC in GÉANT
initial config (e.g. so-called UDP/TCP zones) done in cooperation with help of A10
expected to be ready in 2-3 weeks, lasting 1 month
interested NRENs/institutions can take part (their subnets being monitored/informed about/protected)
Tomáš: CESNET NoC could be interested
maybe, to also have T6 inside view, Silvia/Nino could take part, to investigate usefulness and applicability (e.g. concept, workflow, tools, support) of PoC from users side
RepShield/NERD
Warden/RepShield VM for FoD v1.6 pilot (compare above)
now receives events from CESNET warden, but not all, only sampled before of performance issues
RepShield/NERD development: AS number support improved
(before: only IP addresses/prefixes in stored events have been statically mapped to their AS)
now: regular polling of association between AS and IP prefixes in general
=> basis for effective grouping of events by AS and reputation score for AS as a whole
idea: similarly improve existing GEO location support, e.g. for map visualizations
Certificate Transparency (CT)
Reference documentation for CT server v1.0 is progressing