Date

Attendees

Goals

  • Status Updates of work items (FOD/RepShield/CT)
    • FoD v1.5 pilot preparations
    • Deliverable FoD v1.6 (with automated rule proposal from RepShield)
    • FoD v1.6 pilot
  • Status of DDoS Detection/Mitigation WG
  • F2F-Meeting-Planning:
      • location: Prague
      • => Discussing potential date
  • GEANT Symposium, 02-05.10.2017, Budapest
  • Review Open Action Points from last VC(s)
  • AOB

Discussion items

TimeItemWhoNotes

Firewall On Demand (FOD)
  • (info page for FoD development https://wiki.geant.org/pages/viewpage.action?pageId=63965046)
  • FoD v1.5 = FoD with new functionalities: rule range specification, current rule behavior statistic graphs, multi-tenant rule control REST-API
  • FoD v1.6 = FoD with automated rule proposal from RepShield
  • FoD v1.5 pilot installation
      • Pilot machine is installed, everything seems to work so far, but has to be tested in depth, especially with real traffic to be filtered
      • Issues with Puppet on the pilot machine, replacing FoD files as well as reconfiguring Firewall resulting in blocked SSH sessions and FoD SNMP traffic
      • Evangelos will see how to fix the blocking of SNMP traffic by the firewall
      • Issues with SNMP query time for greater number of router is test network: Tomáš replaced synchronous query loop with asynchronous SNMP handling to fix this
      • Tomáš improved graph layout by switching to other JavaScript library, also now 2 graphs (absolute values since rule creation and delta values) are available per rule
      • Still potential issue in REST API with deleting a rule, David will check
      • Finally all changes for v1.5 have to be adapted in puppet, Evangelos will check with the responsible admin when he has time for VC
  • Other FoD v1.5 pilot preparations
      • Excel sheet for pilot acceptance criteria has to be reviewed and finalized
      • Then pilot can be opened to the committed pilot users, Evangelos will prepare an introduction mail for the this
      • Evangelos will send old pilot evaluation survey which was of used for FoD v1.1 so it can be updated for v1.5
  • FoD v1.5 production service documents
      • Evangelos will send existing production service documents (like, e.g., service description, CBA) so that these can be used as a basis for respective documents of v1.5
  • Deliverable D8.3 "DDoS Detection/Mitigation Pilot"
      • Tomáš and David will finalize deliverable D8.3 about FoD pilot v1.6 (integration with RepShield) this week
  • FoD v1.6 (with RepShield) development/testing/pilot:
      • Plan for pilot
          • VM to install Warden/RepShield is ready
          • Use of FlowMon Warden/IDEA connector for accessing NSHaRP events by this Warden/RepShield instance
          • Firewall-rule-updater component: script which uses API of RepShield to get NSHaRP events (correlated with each other and other DDoS/security events/information) as well as REST API of FoD to propose rules in inactive state, inform respective (pilot) users via mail
      • Vaclav started to install Warden/RepShield on VM, Tomáš will find out status of it
      • Evangelos will provide FlowMon Warden/IDEA connector documentation and if possible test events of it, even if he will go on holiday this Friday

RepShield/NERD
  • Tomáš will ask Václav about status of installation or find out himself directly about it
  • In the context of the project Protective (https://protective-h2020.eu/media/) also GEANT wants to be involved more regarding RepShield
  • => T6 should liaise and coordinate with it regarding a potential RepShield service in general
  • RepShield VM installed currently for FoD v1.6 may be used in future for testing of such service

Certificate Transparency (CT)
  • Reference documentation for CT server v1.0 is progressing
  • New log server in NORDUnet installed which is supposed to be official productive GEANT server in future
  • Investigating the possibility of adding another front-end with some help of Remco Poortinga (Surfnet)

F2F Meeting Planning
  • Location: Prague is to be used (thanks to Tomáš and Václav), if no one complains
  • So everybody can check required travel time
  • Foodl (https://foodl.org/foodle/T6-F2F-Meeting-596f1) was filled by mostly anybody, everyone still missing please fill

GEANT Symposium, 02-05.10.2017, Budapest
  • Everybody in T6 is invited to come there
  • Time is 03-04.10.2017
  • Registration at https://eventr.geant.org/events/2564
  • There will be a "Network Monitoring and Management" session where
          • Evangelos/David will present about NSHaRP and FoD (10min)
          • David will present about other parts of T6, i.e., mainly RepShield and CT
          • Afterwards a 15-min discussion will follow

Next VC

In 2 weeks: 09.08.2017, 14:15-15:15 CE(S)T

Action items

  • Evangelos will see how to fix the blocking of SNMP traffic by the firewall
  • Evangelos will provide FlowMon Warden/IDEA connector documentation and if possible some test events from it, even if he will go on holiday this Friday
  • Evangelos will send old pilot evaluation survey which was of used for FoD v1.1 so it can be updated for v1.5
  • Evangelos will send existing production service documents (like, e.g., service description, CBA) so that these can be used as a basis for respective documents of v1.5
  • Evangelos will check with admin responsible for Puppet when he has time for VC to discuss FoD v1.5 puppet issues
  • Evangelos will prepare an pilot phase introduction mail for the FoD v1.5 pilot users
  • David: check issue in FoD REST API for deleting a rule
  • Tomáš/David: finalize deliverable D8.3
  • Tomáš/Václav: install Repshield for FoD v1.6 pilot on VM provided by Evangelos
  • Linus/Magnus/Nino: fill Foodl for F2F meeting in Prague
  • all: Register for GEANT Symposium (03-04.10.2017) at https://eventr.geant.org/events/2564
  • all: Next regular T6 VC: 09.08.2017, 14:15-15:15 CE(S)T


  • No labels