You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 14 Next »

Date

Attendees

Goals

  • Status Updates of work items (FOD/CT)
    • FoD pilot preparations
    • FoD with automated rule proposal from RepShield
  • Status of DDoS Detection/Mitigation WG
  • F2F-Meeting-Planning: Discussing potential locations
  • Review Open Action Points from last VC(s)
  • AOB

Discussion items

TimeItemWhoNotes

Firewall On Demand (FoD?)
  • (info page for FoD development https://wiki.geant.org/pages/viewpage.action?pageId=63965046)
  • Evangelos is in contact with the GRNET developers who originally developed FoD and continue to develop it further:
        • GRNET developers took very long time to respond regarding the new FoD version compatible with new Django library
        • So not to be delayed by this, T6 will perform testing/installation with old version (which has already all needed pilot FoD v1.5 user functionalities)
  • Testing of new FOD features on FOD test machines
            • Fully tested the port range feature developed by Tomáš (with real traffic)
            • Multi-tenant REST API: issue at changing rules solved by pull to newer git revision, only when creating rules a check is still performed whether there is already a rule with same attributes
            • Statistics graphs: current graphs are working basically, still some improvements necessary
            • GÉANT installation requirements/procedure:
                  • Tomáš will try to build a rpm with new FoD code, based on old rpm spec file, in combination with a script to allow for different python version with virtualenv
                  • Waiting for new installation test machine, will try so far with current development machine
  • Tomáš: idea to use merged Github repository
      • Currently official FoD repository administered by GRNET, and Tomáš's own FoD repository
      • => create merged one for better distributing our new code, maybe with official GÉANT account?
      • => Evangelos will check whether there already is such an account
  • Evangelos: In future FoD may not only support plain BGP FlowSpec and Scrubbing solutions like A10/CORSA, but also RTBH as filtering technology

DDoS Detection/Mitigation (D/M) WG
  • Radware Demo at GÉANT (Evangelos)
      • Presentation of Radware Demo was very impressing
      • DDoS mitigation solution more advance than A10, but too high price
  • Evangelos is interested in CESNET DDoS mitigation hardware solution
      • CESNET solution allows not only mitigation, but also integrated adaptable detection
      • Tomáš will create contact with relevant persons and provide initial documentation
  • And check when testing hardware would be available

RepShield/NERD
  • Support for new blacklists
  • Tagging framework is complete
      • Each IP address is tagged
      • e.g. according to their general type (VPN...), and their attack behaviour, e.g. DDoS
  • Proposal (Ivana): correlate information about owner if IP addresses, e.g. from RIPE
      • Currently only AS number are correlated
  • Started work for using RepShield for automated FoD rule proposal
      • currently particular RepShield URL will output a text list of potential IP address candidates
      • Václav will send docu about it
      • Plan to test this on FoD development machine
      • Tomáš/Václav will ask a colleague in CESNET for a FlowMon script to directly access NSHaRP events
  • Deliverable D8.3 "DDoS detection/mitigation pilot" (FoD? v1.6) is due end of July, so we have to have it completed end of June
      • David will send document skeleton in next days
      • Tomáš/Václav will work on the RepShield-related parts
            • section about what status of RepShield at start of T6, what was done so far for RepShield in T6, how RepShield will propose rule for FoD
  • section about the pilot and its success criteria (together with David)

Certificate Transparency (CT)
  • CT Server
    • Working on v1.0
      • Writing user/operator documentation is in progress
      • Various missing aspects: e.g. time zone support
      • Bugfixes for operational/technical issues found by DFN Cert/SUNET
  • Ivana proposed to present about CT to increase its visibility

F2F Meeting Planning
  • New Foodle poll for F2F meeting exists, but answer may be hard if place of meeting not know (because of unclear voyage duration)
  • So, first the potential locations have to be found. Candidates currently are:
        • Garching near Munich (LRZ)
        • Prague: possible
        • Rome: possible, but only after Summer
        • Stockholm: possible (e.g. June)
        • Cambridge: possible
  • For each of these potential location everyone should check how long travel might potentially be for she/him

Next VC

In 2 weeks: 28.06.2017, 14:15-15:15 CE(S)T

Action items

  • Nino/Silvia: give short report of progress in last weeks
  • Nino/Silvia: send Tangui preliminary slides about fastnetmon proposal draft
  • Nino/Silvia: provide proposal about multi-domain usage scenario for fastnetmon in wiki (e.g., at or below DDoS Detection/Mitigation WG File Area)
  • Nino/Silvia: if possible, provide some summary in wiki about Radware POC (e.g., at or below DDoS Detection/Mitigation WG File Area)
  • David: provide initial document skeleton for Deliverable D8.3 to Tomáš:/Václav
  • Tomáš/Václav/David: write Deliverable D8.3
  • Vaclav: send docu about RepShield URL for exporting IP addresses related to DDoS
  • Evangelos: Check for official GÉANT account
  • Tomáš: create contact between Evangelos and colleagues in CESNET for DDoS solution; provide documentation
  • Linus/Magnus: check for possibility to attend next STF meeting (https://eventr.geant.org/events/2644)
  • all: think about location and possibility to host F2F meeting
  • all: Next regular T6 VC: 28.06.2017, 14:15-15:15 CE(S)T


  • No labels