Vienna 10th-11th of November 2015



The workshop on DDoS Mitigation in the NREN environment comes as result of the joint forces of two TFs and two SIGs.
TF-CSIRT, TF-MSP, SIG-ISM and SIG-NOC invite everybody interested in DDoS mitigation to attend this workshop and bring his/her own experience.

The workshop aims at:

  • providing a general overview of current DDoS mitigation solutions;
  • collecting available solution know-how and experience from and for NRENs and GÉANT;
  • identifying "federated mechanisms" and solutions particularly well suited for and within the NREN / GÉANT community;

This event will be preceded by the 2nd SIG-NOC meeting on the 9th of November:

2nd SIG-NOC meeting and DDoS Mitigation Workshop


(on invitation of ACOnet)

University of Vienna (Universität Wien)

Main Building / Visitors' Center (Besucherzentrum)

Universitätsring 1

1010 Vienna / Austria




More info on how to get there here


Hotels University of Vienna.pdf




Agenda and Presentations

The list of presentation and the full agenda can be found here.  A list of attendees is available.


The final report from the meeting is available (pdf). 

Recommendations Summary

The following recommendations are made in the final report:


1.GÉANT should set up a mailing list (, initially with just the attendees from the workshop.  This should be a closed list and intended as just a general discussion list for cross-group discussions.  It is not necessary to establish another SIG or TF for this activity, but it would be good to identify a general home for the work and a small amount of GÉANT coordination support. Complete.
2.NRENs should explore the interest in joint procurement of commercial DDoS mitigation solutions.A proposal has been put forward by the GÉANT procurement team for linking this with the GÉANT World service procurement.
3.The SGA2 white paper on security should be reviewed to see if it is possible to fund some of the activity discussed in the workshop within GN4-2.Not started.
4.NRENs should explore the options for further developing home-grown solutions such as the work done by DFN.  Funding would be required to support this work.Not started.
5.NRENs should explore opportunities to jointly work with organisations undertaking alternative approaches to mitigation.  Team Cymru, Radically Open Security and Flowspec production trials were proposed as initial organisations to approach.Initial early discussion meetings held.
  1. SIG-NOC should consider putting some questions on DDoS into their survey and feeding this information back into the compendium.
In Progress.
  • No labels