Date

Attendees

Goals

  • Status Updates of work items (FOD/RepShield/CT)
      • FoD v1.5 pilot preparations
      • Deliverable FoD v1.6 (with automated rule proposal from RepShield)
      • FoD v1.6 pilot
      • Deliverable D8.4 "Certificate Transparency Log Production Service_v1"
  • Status of DDoS Detection/Mitigation WG
  • F2F-Meeting-Planning:
      • location: Prague
      • date: 21-22.11.2017 (2 half days meeting)
  • GEANT Symposium, 03-04.10.2017, Budapest
  • Review Open Action Points from last VC(s)
  • AOB

Discussion items

TimeItemWhoNotes

Firewall On Demand (FoD)
  • (info page for FoD development https://wiki.geant.org/pages/viewpage.action?pageId=63965046)
  • FoD v1.5 = FoD with new functionalities: rule range specification, current rule behavior statistic graphs, multi-tenant rule control REST-API
  • FoD v1.6 = FoD with automated rule proposal from RepShield
  • FoD v1.5 pilot installation
      • Puppet Engineer Michael Haller has completed setting up Puppet for installing FoD v1.5; during review Evangelos found issues with missing pysnmp dependency, fix is in progress
  • Other FoD v1.5 pilot preparations
      • Existing user documentation (as presentation document) update currently in progress
      • Excel sheet for pilot acceptance criteria updated; Evangelos will review it
      • Pilot evaluation survey which was of used for FoD v1.1 has to be reviewed and updated for v1.5
      • Finally, Evangelos will prepare an introduction mail for designated pilot users
  • FoD v1.5 production service documents
      • Now for the future production phase of FoD v1.5 (and all further versions) all necessary PLM documents have to be prepared, e.g. CBA, service description, service design plan
      • Especially for the operative documents this will be done in close cooperation of Evangelos
      • For most PLM documents, this will be done by filling the FoD service template Wiki pages (https://wiki.geant.org/display/gn42jra2/Firewall-On-Demand+%28FoD%29+Service) which David started to fill
      • Evangelos will check the service template to get acquainted with it
  • FoD v1.6 (with RepShield) development/testing/pilot:
      • Deliverable D8.3 about FoD v1.6 pilot published
      • RepShield test VM with Warden and RepShield installed; RAM+CPU settings increased sue to RepShield performance requirements
      • Evangelos also installed test version of FlowMon for FoD v1.6 pilot which runs Warden connector
      • In an extra VC Tomáš, Václav and Evangelos configured the Warden connector and tested it to send IDEA messages to Warden on RepShield test VM

RepShield/NERD

work on FoD v1.6 pilot (see there)


Certificate Transparency (CT)

Reference documentation for CT server v1.0 is progressing

  • Linus/Magnus will provide a draft of it

CT development log server release management

  • physical servers reinstalled and added to orchestration framework which is already used by SUNET installation
  • monitoring of VMs and of running services on it put in place

Deliverable M8.4 "CT Production Service"

  • A draft for the deliverable which is due for review at end of September has been created by Ivana
  • Its content will basically correspond to (where applicable) the various sub pages of the newly created CT service template in the wiki at https://wiki.geant.org/display/gn42jra2/Certificate+Transparency+%28CT%29+Service
  • Linus/Magnus will look at both the draft of the deliverable and the service template
  • Issues with accessing the Service Template Pages (browser issues) as well as the deliverable draft document (old OpenOffice-incompatibility) have been identified and resolved

F2F Meeting Planning

GEANT Symposium, 02-05.10.2017, Budapest
  • Everybody in T6 is invited to come there
  • Time is 03-04.10.2017
  • Registration at https://eventr.geant.org/events/2564
  • There will be a "Network Monitoring and Management" session where
          • Evangelos will present about NSHaRP and FoD (15min)
          • David will present about other parts of T6, i.e., mainly RepShield and CT (15min)
          • Afterwards a 15-min discussion will follow

Next VC

In 2 weeks: 20.09.2017, 14:15-15:15 CE(S)T

Action items

  • David: Wait for Puppet config to be updated by Michael Haller and reviewed by Evangelos
  • David/Evangelos: update of user documentation presentation for FoD v1.5
  • Evangelos: review of updated sheet for pilot acceptance criteria
  • David/Evangelos: review/update existing pilot evaluation survey
  • Evangelos: check the FoD service template (https://wiki.geant.org/display/gn42jra2/Firewall-On-Demand+%28FoD%29+Service) to get acquainted with it
  • Evangelos will prepare an pilot phase introduction mail for the FoD v1.5 pilot users when everything else for FoD v1.5 pilot is ready
  • Tomáš: send some recommendations for hotels for F2F meeting
  • Linus/Magnus: provide draft of CT reference documentation
  • Linus/Magnus: check draft of deliverable sent via mail
  • Linus/Magnus: check the CT service template (https://wiki.geant.org/display/gn42jra2/Certificate+Transparency+%28CT%29+Service) to get acquainted with it
  • Silvia/Nino: think about NREN-generic/Multi-Domain use-cases for DDoS PoC; add a section to their PoC proposal document about this
  • all: Register for GEANT Symposium (03-04.10.2017) at https://eventr.geant.org/events/2564
  • all: Next regular T6 VC: 20.09.2017, 14:15-15:15 CE(S)T


  • No labels