Page History

These features/functionalities are (ordered by priority, with most priority being on top):

1. REST API for rule creation/change/deletion (in the new version on github): get it running and tested, and if needed enhancing it

2. Replace the current NETCONF communication to the routers by direct BGP (e.g. using exabgp)

3. Rule statistics monitoring: to visualize how many packets an active rule is actually dropping/rate-limiting to enable a FOD user (= NREN NOC member) to see the effect of a rule over time (e.g. to answer when did

an mitigated attack actually stopped ?)

4. Implement logging of FOD user activities, i.e. rules created/changed/deleted, especially regarding the automated rule change (1.)

David created a initial wiki page for development information of FOD which currently only contains the link to (new) github version: JRA2T6 Work Items / Firewall On Demand

Tomas agreed that he and Vaclav will provide development man power in next months and help so to get the new FOD version running, tested and will help to implement needed features

For this, David will liaise with Evangelos to get ssh accounts for Tomas and Vaclav on FOD testing machines (both will provide ssh keys for this purpose)

First goals are to get known to FOD code and installation (of new version) and then to test its REST API