Page History

• (info page for FoD development https://wiki.geant.org/pages/viewpage.action?pageId=63965046)
• FoD v1.5 = FoD with new functionalities: rule range specification, current rule behaviour statistic graphs, multi-tenant rule control REST-API
• FoD v1.6 = FoD with automated rule proposal from RepShield
• FoD v1.5 Pilot UAT testing
  • Pilot evaluation survey which was of used for FoD v1.1 has to be reviewed and updated for v1.5
  • Enhancements made based on UAT user feedback are packaged via a new rpm to be installed on UAT test machine so that pilot users can test them: updated on UAT machine so pilot users can test enhancements
  • UAT phase ended 15.03.2018, evaluation survey sent to pilot users, time to answer until end 23.03.2018
  • pilot report writing is in progress
• FoD v1.5 development/enhancement
  • Tomáš' investigation about DatePicker for increased expiration limit and zooming in statistic graphs is in progress
• FoD v1.5 production service documents
  • Existing user documentation (as presentation document, especially regarding rule control REST API) should be extended to a proper document, e.g. to be used in future user trainings
  • Now for the future production phase of FoD v1.5 (and all further versions) all necessary PLM documents have to be prepared, e.g. CBA, service description, service design plan
  • Especially for the operative documents this will be done in close cooperation of Evangelos
  • For most PLM documents, this will be done by filling the FoD service template wiki pages (https://wiki.geant.org/display/gn42jra2/Firewall-On-Demand+%28FoD%29+Service) which David started to fill
  • Evangelos will check the service template to get acquainted with it
• FoD v1.6 (with RepShield) development/testing/pilot:
  • Started to work on FirewallRuleUpdater and
  • need to update FoD's rule API:
    • allow admin user to create rule on behalf of another user (changing rules did already work)
    • querying of rules should allow a user to see all rules for which he has IP destination prefixed registered associated to him (not only which were created by his very account)
    • check possibility to extend rule concept to allow multiple IP source prefixes handled together by a single FoD rule (which will be mapped to multiple BGP FlowSpec rules internally)

• Arbor and Radware PoC in progress
• particularly, TMS (Arbor washing machine) and Radware SpartAP (mirroring feature for detection on any layer)
• Detailed report will follow

• Nicole Harris granted write permission to Tomáš, Václav and David to publish code on GEANT Github
• => Václav still has issues, will contact Nicole

• Result from 1st VC with GDPR SA2 team
  • Fill GDPR data tables per Service: FoD https://wiki.geant.org/pages/viewpage.action?pageId=97946281 and RepShield https://wiki.geant.org/pages/viewpage.action?pageId=97946305
    • Fill for RepShield is in progress (Václav)
    • Fill for FoD is in progress (David/Evangelos)
  • FoD code/deployment changes necessary to be compliant

• Close to v1.0
• Maybe DFN Cert can test it, especially documentation
• TNC session: Magnus tries to clarify whether he could present and demo CT there

In 2 weeks: 04.04.2018, 14:15-15:15 CE(S)T