You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 2
Next »
Date
22 Feb 2017
Attendees
- Silvia d'Ambrosio
- Nino Ciurleo
- Tomáš Čejka
- Václav Bartoš
- Evangelos Spatharas
- Jerry Sobieski
David Schmitz
Goals
- Summary of RepShield/NERD activity (by Václav / Tomáš)
- Status Updates of work items (FOD/CT)
- Status of DDoS Detection/Mitigation WG
- F2F-Meeting-Planning: Discussing potential locations
- Review Open Action Points from last VC(s)
- AOB
Discussion items
| Time | Item | Who | Notes |
|---|
| | | | - https://docs.google.com/presentation/d/1krZgQarDQ23BWZt_EnCbPZZE7BRI6TOPI23kM7ig2sk/edit?usp=sharing
- ->
- RepShield should allow to search events by category, especially DDoS (for FOD)
- RepShield should receive NSHaRP events, especially ons regarding DDoS (for FOD)
- RepShield could differentiate different score values based on different time intervals (e.g. 1hour, 1week, 1month)
- open questions, especially regarding FOD rule proposal:
- How could suspect IP address effectively and accurately aggregated to prefixes for FOD rules (depending on the scalability regarding number of FlowSpec Rules in a Router)
- How could in future further information gained about suspect IP addresses by monitoring their activity with statistics of FOD ALLOW rules feed back to RepShield and its calculated score
- Is RepShield also useful for proposing firewall rules for envisioned SDN/NFV-based FwaaS (as successor of FOD) - maybe based on/being compatible with vendor solutions from, e.g., Corsa, A10, Radware; how would it have to be extended for that (also regarding feedback from FwaaS)
- In Future: RepShield Distributed, e.g., per NREN, exchanging local reputation score values (to overcome issues of legal/organizational/privacy policies)
|
| | | | |
Action items
