| Time | Item | Who | Notes |
|---|
| | Summary from GTS Workshop Utrecht 28.02-1.03 | | - David at GTS Workshop in Utrecht 28.02-1.03
- Talks with Steve Yee and David Whittaker from CORSA about NSE7000 DDoS filter box
- New potential member for DDoS D/M WG: Steven Simpson from University Lancaster
- Talk with Pavel Benáček from CESNET, technical expert of CESNET-developed hardware filter cards
|
| | Firewall On Demand (FOD) | | - (info page for FOD development https://wiki.geant.org/pages/viewpage.action?pageId=63965046)
- Evangelos has contact with the GRNET developers who originally developed FOD and continue to develop it further
- FOD REST API discussed: edit bug found by David verified; GRNET developers will provide a fix
- Working plugin for rule statistics/graphs in available (productive in GRNET)
- Update to Django 1.8 (was main issue found in Secure Code Review conducted by SA2-T1)
- Ideas to switch from NETCONF to ExaBGP
- => desire to cooperate with T6 regarding further development of FOD
|
| | DDoS Detection/Mitigation WG | | - Tangui Coulouarn summarized own DDoS D/M solution developed at DEIC:
- Not based on FOD as complexity and dependence on various third party libs/components was seen as a issue, especially regarding maintenance
- fastnetmon at the edges
- local DBs for storing monitored data
- Automated (active) rule creation from events via FlowSpec (with exaBGP) to Juniper router
- Frontend for managing rules + querying graphs of fastnetmon stored data
- => desire to exchange experience, also share code (if suitable)
- Tomáš, Václav and other CESNET members will be at TNC and present CESNET-developed scrubbing center (based on own hardware cards) in demo session
- RadWare POC at CIENA in cooperation with GARR:
- Fastnetmon testing at GARR:
- Silvia/Nino will work out draft scenario for multi-domain use of fastnetmon in GEANT community where fastnetmon is used at institution side and can signal to upstream for mitigation based on local decision of (in the T6 wiki)
- A10+Flowmon DDoS Defender POC at GEANT:
- Mitigation issue (dropping of not well-known ports) fixed
- POC test nearly complete
- Currently statistics export feature (important for FOD) totally missing
- Internal statistics nice, but only during attack mitigation, after it not available any more
- Deepfield POC at GEANT
- DDoS detection solution
- In preparation phase
- Also planned POC of CORSA filter box
- Box has been shipped, but not yet in lab
- DDoS D/M Survey:
- Tomáš forwarded the survey invitation to responsible person in CESNET. Waiting for answer;
- Evangelos sent invitations to APM list and ddos@lists.geant.org
- New Foodle for DDoS D/M VC
- David will make new Foodle with only 4 weeks time-range
|
| | RepShield/NERD | | - Further work on support for periodic update of blacklists (also regarding config)
|
| | Certificate Transparency (CT) | | - CT Server
- v0.10 released as planned
- Node installed at DFN Cert
- also all 6.2 Mill certificates in DB transferred
- running since a week
- v0.10.1 and v0.10.2 released as bugfix to issues found with help of DFN Cert
- v1.0 planned
- user/operator documentation
- Fixing some missing aspects, e.g. related to software maintenance
- Task-internal Demo/Presentation (user view of CT):
- now actual presentation has to be prepared
|
| | F2F Meeting Planning | | - New Foodle poll for F2F meeting exists, but answer may be hard if place of meeting not know (because of unclear voyage duration)
- So, first the potential locations have to be found. Candidates currently are:
- Garching near Munich (LRZ)
- Prague
- Rome ? (Silvia/Nino have to check)
- Stockholm
- Cambridge (Evangelos has to check)
- For each of these potential location everyone should check how long travel might potentially be for she/him
|
| | Next VC | | In 2 weeks: 22.03.2017, 14:15-15:15 CE(S)T
|
