Date

Attendees

Goals

Discussion items

TimeItemWhoNotes

Firewall On Demand (FoD)
  • (info page for FoD development https://wiki.geant.org/pages/viewpage.action?pageId=63965046)
  • FoD v1.5 = FoD with new functionalities: rule range specification, current rule behaviour statistic graphs, multi-tenant rule control REST-API
  • FoD v1.6 = FoD with automated rule proposal from RepShield
  • Other FoD v1.5 pilot preparations
      • Existing user documentation (as presentation document) update currently in progress
      • Pilot evaluation survey which was of used for FoD v1.1 has to be reviewed and updated for v1.5
  • Pilot UAT testing
      • Fix by Tomas for specifying port 0 has been provided, still has to be tested on testing machine before creating new rpm for UAT machine
      • First UAT VC: feedback from pilot users:
        • Allow port=0 (in list specifications it is maybe already possible e.g. "53,0" ?)
        • Remove length-limit (=100) for port ranges
        • Allow expiry date to be any date (not only in 10days range from rule creation)
        • Add basic info/explanation below stats: e.g., regarding x-axis, scheduling/delay
        • Allow to export of stats (e.g. excel, csv, text)
        • Provider stats for longer time periods, not only than 1hour, ideally with all time since rule creation
        • Better accuracy of relative graphs: e.g. packets/s ?
  • FoD v1.5 production service documents
      • Now for the future production phase of FoD v1.5 (and all further versions) all necessary PLM documents have to be prepared, e.g. CBA, service description, service design plan
      • Especially for the operative documents this will be done in close cooperation of Evangelos
      • For most PLM documents, this will be done by filling the FoD service template wiki pages (https://wiki.geant.org/display/gn42jra2/Firewall-On-Demand+%28FoD%29+Service) which David started to fill
      • Evangelos will check the service template to get acquainted with it
  • FoD v1.6 (with RepShield) development/testing/pilot:
        • DDoS simulation/testing would be valuable to test viability of the approach, especially during the development/testing
        • VM for DDoS simulation/testing to be installed in Lab still pending

DDoS Detection/Mitigation (D/M) WG

GARR DDoS D/M PoCs


T6 roadmaps update draft:

(old version at end of document at https://intranet.geant.org/gn4/2/Activities/JRA2/Milestones%20Documents/Network%20Security%20Services%20Roadmap/M8.6_Network-Security_Roadmap.pdf)

  • FoD v1.5
      • Strategy 03-04/2017 (end 2017-04 as deliverable D8.2)
      • Design 05-06/2017
      • Development/Testing 04,5-07/2017
      • Pilot 07/2017-02,5/2018 (exactly 12.02.2018)
      • To-Production 02,5-04,5/2018
      • Production 04,5-09/2018
  • FoD v1.6
      • Strategy 06-07/2017 (end 2017-07 as deliverable D8.3)
      • Design 08/2017-01/2018
      • Development/Testing 08,5/2017-02/2018
      • Transition-to-Pilot 03-04/2018
      • Pilot 03-07/2018
      • Transition-to-Production 08-09/2018
      • Production 10/2018-
  • CT service 1.0
      • Strategy 08-10/2017 (end 2017-10 as deliverable D8.4)
      • Design 09/2017-01/2018
      • Development/Testing 11/2017-03/2018
      • Transition-to-Pilot 04-05/2018
      • Pilot 06/2018-

Next VC

In 4 weeks: 10.01.2018, 14:15-15:15 CE(S)T

Action items


  • No labels