Date
Attendees
Goals
- Status Updates of work items (FOD/RepShield), especially:
- FoD v1.5 transition to production
- rpm update
- mailing list fod@lists.geant.org
- future support mail contact
- update of service template
- FoD v1.6 pilot
- extended FoD rule concept
- new Warden connector installation
- CentOS
- Review Open Action Points from last VC(s)
- Code on Github Issue solved (Tomas/Vaclav)
- GDPR compliance
- AOB
- PSNC FoD Installation Issue
- ACONET FoD EDUgain issue
Discussion items
| Time | Item | Who | Notes |
|---|
| Firewall On Demand (FoD) |
| - (info page for FoD development https://wiki.geant.org/pages/viewpage.action?pageId=63965046)
- FoD v1.5 = FoD with new functionalities: rule range specification, current rule behaviour statistic graphs, multi-tenant rule control REST-API
- FoD v1.6 = FoD with automated rule proposal from RepShield
- New support mailing list fod@lists.geant.org: David will ask Tryfon/Tobi to announce it
- FoD v1.5 transition to production
- Plan who to perform the update of production FoD from v1.1 to v1.5 defined on 11th and 12th this month
- Regarding the FoD Service Template it has still to be decided what processed to describe there; Examples of processes of other services:
- FoD v1.6 development
- New FoD extended rule concept: a rule can have multiple BGP FlowSpec routes (corresponding to multiple attacker IP prefixes)
- Tomáš: working on UI part for editing/adding rules; needs to be merged with David's changes; updates of dashboard and overview UI pages
- David: NETCONF deletion of routes with new rule concept works reliably (race condition fixed)
- David: route SNMP statistics are now correctly mapped to FoD routes and rule in FoD DB according to new rule concept
- FRU (Firewall Rule Updater): working with new rule concept: can create rules with multiple routes out of NShaRP DDoS events
- OS of fod-test-lab server will be updated to newer CentOS version
- Warden collector script on test FlowMon machine should be updated to new version by Václav
- Evangelos will check status of ACONET's issue of accessing FoD in combination with IPv6/EDUgain
|
| DDoS Detection/Mitigation (D/M) WG |
| GARR DDoS D/M PoCs/Testing Framework - Silvia and Nino defined draft of index for white paper reporting the findings to share knowledge with community
- White paper writing will be started soon
- An extract of the white paper might be used for an article in one of the upcoming issues of Connect Magazine
|
| Next VC |
| In 2 weeks: 19.09.2018, 14:15-15:15 CE(S)T
|
Action items
- Evangelos: check status of ACONET's issue of accessing FoD in combination with IPv6/EDUgain
- Tomáš/David: continue to work on FoD v1.6 improved rule design
- David: test DDos testing tool provided by Tomáš
- Silvia, Ivana, Nino, David: agree on index for white paper about GARR DDoS Testing results/experience
- all: next regular T6 VC: 19.09.2018, 14:15-15:15 CE(S)T
