You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
Version 1
Current »
Date
Attendees
Goals
- Status Updates of work items (FOD/RepShield), especially:
- FoD v1.6 pilot
- extended FoD rule concept / FRU and RepShield:
- FoD rules: add taglist attribute for grouping, e.g. NSHaRP proposal for a single NSHaRP event
- Proposed FoD rules: possible for users to delete them
- user settings regarding rule proposal
- Deliverable
- Pilot: Testing
- git/github: new history
- Review Open Action Points from last VC(s)
- AOB
- PSNC FoD Installation Issue
- DeIC FoD Installation Issue
- ACONET FoD EDUgain issue
Discussion items
| Time | Item | Who | Notes |
|---|
| Firewall On Demand (FoD) |
| - (info page for FoD development https://wiki.geant.org/pages/viewpage.action?pageId=63965046)
- FoD v1.5 = FoD with new functionalities: rule range specification, current rule behaviour statistic graphs, multi-tenant rule control REST-API
- FoD v1.6 = FoD with automated rule proposal from RepShield
- FoD v1.5 production
- Regarding the FoD Service Template it has still to be decided what processed to describe there; Examples of processes of other services:
- FoD v1.6 development
- Václav updated FRU to propose different types of mitigation rules per NShaRP DDoS event, 2 based on Repshield
- Pilot testing of FoD v1.6 (with Warden, Repshield, FRU):
- Already done by David: all works fine
- Improvement ideas resulting from this:
- Allow to display rules in groups in the UI, e.g. group of all rules created by FRU for a particular event
- Introduce general tag mechanism for rules to allow flexible grouping, editable by the user
- More clearly indicate a rule proposed by FRU as such in UI, allow user to delete (or ignore in UI) the rule explicitly if is is never activated by him
- Improvement ideas from Evangelos: Introduce user's settings in UI to configure proposal of rules, e.g., allow disabling it completely
- Hands-On during VC: Václav tested FoD v1.6: all works fine;
- Václav has some further enhancement proposals regarding usability regarding FoD v1.6 rule-proposal in particular:
- Auto-Delete proposed rules untouched by the user after some interval, e.g., default 1 week
- Add user setting for configuring interval to auto deleted untouched proposed rules
- Improve the name of auto-generated rules: Václav will make a proposal
- In rule Add/Edit form: add notes that rate-limit applied to multiple destination IP prefixes will apply separately for each prefix
- Improve rule comment and info mail to more clearly indicate that it was proposed automatically by FRU
- Václav has some further enhancement proposals regarding usability regarding FoD in general:
- Allow characters beyond letters, numbers and underscore in rule names
- For rules which have no graphs as they were never activated add notes so to increase user understanding about this
- In rule Add/Edit form: explain what is the unit of drop-limit, e.g. 10k, 100k, 1000k: packets or bytes?
|
| DDoS Detection/Mitigation (D/M) WG |
| GARR DDoS D/M PoCs/Testing Framework - White paper writing mostly finished
- First draft to be distributed next Monday
- The results of the white paper will be presented in next SIG NOC meeting
|
| Next VC |
| In 2 weeks: 31.10.2018, 14:15-15:15 CE(S)T
|
Action items
- Evangelos: check status of ACONET's issue of accessing FoD in combination with IPv6/EDUgain
- David: test DDos testing tool provided by Tomáš
- Silvia, Nino: publish draft of white paper
- all: next regular T6 VC: 31.10.2018, 14:15-15:15 CE(S)T
