Internet2 Network Security SIG

[Steven Wallace <>]

I propose that the working group consider the following next steps WRT moving forward with DDoS mitigation capabilities:

1. Organize and deliver one or two workshops that cover the use of RTBH, UTRS, exabgp, and FastNetMon. IU could probably host one in the midwest. I’m willing to seek NSF funding, but I suspect we could proceed without the funding. If there’s sufficient interest, we should form a small group to make it happen. Happy to coordinate such a group.
2. Engage GEANT in a series of deep-dives on their approach to DDoS. From what I can tell, they have something that’s nearly plug-n-play. We could also explore having the RONs peer with GEANT’s DDoS blackhole infrastructure. The deep-dives could be via video/webinar.
3. Create a list of RON’s/Campuses and their current capabilities.
4. Learning from #3, develop a BCP for US RONs and campuses.

A bit more about my thinking. IMO, exploring vended solutions is compliment to approaches such as UTRS & RTBH FlowSpec. Most RONs will likely so a bit of both. As we move forward, Internet2 will benefit form the community’s experience.

Who’s interested?

thanks,

ssw

P.S.

For the GEANT folks, I’ve attached the set of recommendations that the Internet2 Security working group developed in response to the I2’s network group. Hopefully this will provide a bit of context.

Attachment: FastTrackRecommendations (2).pdf
Description: Adobe PDF document