Versions Compared

Old Version 1

changes.mady.by.user David Schmitz

Saved on

compared with

New Version 2

changes.mady.by.user David Schmitz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Date

Attendees

Goals

  • Status Updates of work items (FOD/RepShield), especially:
        • FoD v1.5 transition to production
        • FoD v1.6 pilot
            • extended FoD rule concept
            • new Warden connector installation
  • Review Open Action Points from last VC(s)
  • AOB
      • PSNC FoD Installation Issue
      • ACONET FoD EDUgain issue

Discussion items

TimeItemWhoNotes

Firewall On Demand (FoD)
  • (info page for FoD development https://wiki.geant.org/pages/viewpage.action?pageId=63965046)
  • FoD v1.5 = FoD with new functionalities: rule range specification, current rule behaviour statistic graphs, multi-tenant rule control REST-API
  • FoD v1.6 = FoD with automated rule proposal from RepShield
  • New support mailing list fod@lists.geant.org: David will ask Tryfon/Tobi to announce it
  • FoD v1.5 transition to production
  • FoD v1.6 development
      • New FoD extended rule concept: a rule can have multiple BGP FlowSpec routes (corresponding to multiple attacker IP prefixes)
          • Editing of routes with a single route in UI works again, so reenabling full original behavior;
          • Routes with multiple routes (e.g. proposed by FRU) can only be activated or deactivated
          • David will check into this
      • FRU can create rules with multiple attacker IP prefixes, using new rule concept
      • Level of integration between FRU and RepShield has now to be investigated
  • Warden collector script on test FlowMon machine updated to new version by Václav
  • Investigated how to use FlowMon DDoS Defender events from production Flowmon for testing Warden (still in progress)

DDoS Detection/Mitigation (D/M) WG

GARR DDoS D/M PoCs/Testing Framework

      • White paper writing has started
      • First draft to be distributed to the task in about 2 weeks
      • The results of the white paper will be presented in next SIG NOC meeting

Next VC

In 2 weeks: 03.10.2018, 14:15-15:15 CE(S)T

Action items

  •  Evangelos: check status of ACONET's issue of accessing FoD in combination with IPv6/EDUgain
  •  Tomáš/David: continue to work on FoD v1.6 improved rule design
  •  David/Václav: try to integrate FRU more with RepShield
  •  David: test DDos testing tool provided by Tomáš
  •  Silvia, Nino: write first draft of white paper (about 2 weeks)
  •  all: next regular T6 VC: 03.10.2018, 14:15-15:15 CE(S)T