Status Updates of work items (FOD/SecEventProcessing/CT
Status of DDoS Detection/Mitigation WG
Concerning GEANT-operations-specfic part:
add question(s) about interest on potential service for outsourcing Firewall/DDoS D/M functionalities (even) to campuses/institutions (maybe based on own SDN developments in future: FwaaS) ?
F2F-Meeting-Planning
AOB
Discussion items
Time
Item
Who
Notes
FOD
aa
DDoS Detection/Mitigation Approaches
DDoS Detection Mitigation Survey
RepShield
internal name of the Software: NERD; external (project) name: RepShield
working on automatic downloads of blacklists for NERD
started to implement login via shibboleth (edugain) -> maybe compare with edugain integration of FOD (if needed)
CT
closed a couple of bugs and moved closer towards a 0.9 release
discussed the upcoming key and config management system a bit, so closer to a design
Roadmap Draft
current FOD: v.1.1.1 installed, v1.2 in github
FOD v2 eof 2017-04 as deliverable D8.2; including demo(s)
new (user) functionalities: e.g. rate limiting, statistics view
new management functionalities: internal logging
maybe first preliminary rule proposal from RepShield
DDoS detection/mitigation pilot (v0.5) eof 2017-07 as deliverable D8.3; including demos(s)
FOD with automated rule proposal from RepShield
DDoS detection/mitigation v1 eof 2018; including demos(s)
more enhanced mitigation beyond BGP FlowSpec (FOD)
based on SDN OF/NFV (FwaaS)
also with integrated rule proposal from RepShield
CT production service v1 eof 2016; in parallel to first NREN deplyments of CT server; maybe some demo how to make use of it (maybe using curl with integrated CT support)
CT production service v2 eof 2017-10 as deliverable D8.4; including demos(s)
