Internet2 Network Security SIG

[Paul Howell <>]

Hi Everyone,

Thank you to those who participated on the call last Friday, we made some good progress.     Below are my notes, please let me know if there are any corrections.

The working group should consider adding the development of best practices for recovering from a DDoS attack, and general guidance on configuration of DDoS prone operate services (e.g. NTP) to not be victimized in the first place.

The draft charge (see below) for this group, with addition of the best practices noted above,  was otherwise accepted.   Here is the modified draft for your comment:

The Security WG is an Internet2 WG, organized under the umbrella of the Network Technical Advisory Committee.

The goal of the Security WG is to develop and recommend a DDoS mitigation solution that is activated by a member institution under DDoS attack.  The WG’s

recommendation should include tools and processes to be implemented.  Also, consideration for sustaining and evolving (as necessary) this solution for the

future.  Best practices will be developed for recovery from a DDoS attack along with general guidance on how to avoid becoming the source of DDoS attack.

We did not have a volunteer to chair this working group.  I would ask if anyone is interested in serving as the chair to email me directly.

Some of you may not be aware of the the current Internet2 DDoS response.  This is documented at:

http://www.internet2.edu/policies/response-ddos-attacks/

Please read our current approach to DDoS and let me know if you have any comments/questions/suggestions.

There will be a meeting of our working group at Global Summit, which I believe is scheduled for Wednesday April 29 noon – 1:15pm.  The details and location should be listed in the Global Summit program material.

I’m looking forward to meeting with you at the Global Summit.

Regards.

Paul Howell

Chief Cyberinfrastructure Security Officer

Internet2

100 Phoenix Drive

Suite 111

Ann Arbor, MI 48108

(o) 734-352-4212

From: Paul Howell <>
Date: Wednesday, March 11, 2015 at 9:35 AM
To: "" <>
Subject: [Security-WG] Next NTACT Security Working Group Meeting 3/13

Hi Everyone,

Just a reminder that the next NTACT security working group meeting is this Friday 3/13.  Please see the details below.

Regards.

Paul

From: Paul Howell <>
Date: Friday, March 6, 2015 at 12:13 PM
To: "" <>
Subject: Next Security Working Group Meeting 3/13

Hello Everyone,

There appears to be enough interest in a community solution for DDoS mitigation that I’d like to have a conference call with all of you prior to our meeting at the Global Summit.

The conference call will take place on Friday March 13 from 3:00pm – 4:00pm ET.   

The bridge number is 734-615-7474 or  866-411-0013 (toll free US/Canada Only);     Access code: 0175904

If you’re unavailable, please send your regrets to me ().

Following is the agenda for our conversation:

0) Agenda Bash
1) Call for nominations for WG Co-Chairs. Self-nominations welcome. (Vote, if necessary, to be held at GS F2F.)
2) Initial Topic Areas
    a) Internet2 Community DDoS Mitigation Solution
    b) ?
3) Discussion of WG Draft Charge (see below)
4) Discussion of deliverables.
5) Discussion of timeline.

Draft Charge
==========
The Security WG is an Internet2 WG, organized under the umbrella of the Network Technical Advisory Committee.

The goal of the Security WG is to develop and recommend a DDoS mitigation solution that is activated by a member institution under DDoS attack.  The WG's recommendation should include tools and processes to be implemented.  Also, consideration for sustaining and evolving (as necessary) this solution for the future.

Regards.

Paul Howell

Chief Cyberinfrastructure Security Officer

Internet2

100 Phoenix Drive

Suite 111

Ann Arbor, MI 48108

(o) 734-352-4212