Versions Compared

Old Version 1

changes.mady.by.user David Schmitz

Saved on

compared with

New Version Current

changes.mady.by.user David Schmitz

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Date

Attendees

...

  • Status Updates of work items (FOD/RepShield), especially:
        • FoD v1.6 pilot
            • extended FoD rule concept / FRU and RepShield:
                  • analysis of particular use-cases to be solved by FoD rule proposal
                  • FoD rules: add taglist attribute for grouping, e.g. NSHaRP proposal for a single NSHaRP event
                  • Proposed FoD rules: possible for users to delete them
                  • user settings regarding rule proposal
                  • installation documentation improvements from DeIC
            • Deliverable
            • Pilot: Testing
            • git/github: new history
  • Review Open Action Points from last VC(s)
  • AOB
      • PSNC FoD Installation Issue
      • ACONET FoD EDUgain issue

Discussion items

TimeItemWhoNotes

Firewall On Demand (FoD)
  • (info page for FoD development https://wiki.geant.org/pages/viewpage.action?pageId=63965046)
  • FoD v1.5 = FoD with new functionalities: rule range specification, current rule behaviour statistic graphs, multi-tenant rule control REST-API
  • FoD v1.6 = FoD with automated rule proposal from RepShield
  • FoD v1.5 production
  • FoD v1.6 development
      • Pilot testing of FoD v1.6 (with Warden, Repshield, FRU) finished and pilot report deliverable about this sent to TAs for review
      • Now it has to be planned what to do next regarding FoD v1.6; from the testing it became evident that 3 areas have to be addressed:
        • some of the improvements regarding usability identified during the testing have to be selected and realized
        • operation (e.g. stability, availability) and documentation needs to be covered in more extent
        • user's preferences for mitigation have to be taken more into account, e.g. by appropriate user settings; for this a more use-case oriented analysis of mitigation possibilities has to be performed by the task

DDoS Detection/Mitigation (D/M) WG

GARR DDoS D/M PoCs/Testing Framework

      • White paper draft was sent to task;
      • David will sent some comments: especially maybe more can be told about the conduction and course of the PoCs in order to be even more beneficial to other institutions how want to perfom similar PoCs: e.g. what steps need to be done, what errors to avoid, what to take into account, how to verify components (including besssimulating attacks)
      • The results of the white paper will be presented in next SIG NOC meeting

Next VC

In 2 weeks: 14.11.2018, 14:15-15:15 CE(S)T

Action items

  •  Evangelos: check status of ACONET's issue of accessing FoD in combination with IPv6/EDUgain
  •  David: test DDos testing tool provided by Tomáš
  •  all: next regular T6 VC: 14.11.2018, 14:15-15:15 CE(S)T

...