Date
12 Dec 2018
Attendees
Ivana Golub
2018-12-12 VC notes
Nino Ciurleo
David Schmitz
Goals
Status Updates of work items (FoD/RepShield), especially:
FoD v1.6 pilot
extended FoD rule concept / FRU and RepShield:
FoD rules: add taglist attribute for grouping, e.g. NSHaRP proposal for a single NSHaRP event
Proposed FoD rules: possible for users to delete them
user settings regarding rule proposal
Deliverable
Unparseable format of NSHARP mail reports
DeIC FoD Installation -> recommendations based on DeIC's experiences
Warden collector FlowMon2IDEA script on test FlowMon machine updated to new version provided by CESNET
Issue of changed NSHaRP event email reports
Investigation of how to use FlowMon DDoS Defender events from production Flowmon for testing Warden
Review Open Action Points from last VC(s)
AOB
PSNC FoD Installation Issue
ACONET FoD EDUgain issue
Discussion items
Time
Item
Who
Notes
Firewall On Demand (FoD)
(info page for FoD development
https://wiki.geant.org/pages/viewpage.action?pageId=63965046
)
FoD v1.5 = FoD with new functionalities: rule range specification, current rule behaviour statistic graphs, multi-tenant rule control REST-API
FoD v1.6 = FoD with automated rule proposal from RepShield
FoD v1.6 pilot results deliverable has been published
Issues of DeIC's FoD test installation have to be more investigated; This will be continued in Phase 3 of the project.
DDoS Detection/Mitigation (D/M) WG
GARR DDoS D/M PoCs/Testing Framework
White paper writing nearly finished
Currently 2 appendixes are written which cover
a template for the realization of an NREN strategy document
a template for the realization of a PoC planning document for every single vendor
Next VC
In 2 weeks: 12.12.2018, 14:15-15:15 CE(S)T
Action items
Evangelos/David: check status of ACONET's issue of accessing FoD in combination with EDUgain
Evangelos/Václav: install new Warden collector FlowMon2IDEA script on test FlowMon machine updated to new version provided by CESNET
Evangelos/David: investigate issue of changed NSHaRP event email reports
David: Investigation of how to use FlowMon DDoS Defender events from production Flowmon for testing Warden (still in progress)