Skip to Content.
Sympa Menu

netsec-sig - Re: [Security-WG] next DDoS mitigation steps...

Subject: Internet2 Network Security SIG

List archive

Re: [Security-WG] next DDoS mitigation steps...


Chronological Thread 
  • From: Frank Seesink <>
  • To: Paul Schopis <>
  • Cc: Steven Wallace <>, "" <>, Jen Leasure <>, Luke Fowler <>, Caroline Weilhamer <>, Steve Cotter <>, "" <>, "" <>, "" <>, "" <>, Jon-Paul Herron <>
  • Subject: Re: [Security-WG] next DDoS mitigation steps...
  • Date: Tue, 3 Nov 2015 12:27:58 -0500

Steve,

As said in the movie “Catch Me If You Can”, I concur. :-)  Definitely interested.  Count me in as well.  Not sure what I can contribute, but will help however I can.

Regarding the workshops if hosted, if there was any way to record/netcast them for those who may not be able to attend in person, that might help disseminate the info further/faster.  I say this as I find what I2 does in this regard with some of their conference sessions very helpful, and the Geant DDoS session is up on I2’s site for those who weren’t present for that but are interested.  It can be seen here:


Having similar for these workshops/deep dives would give more the opportunity to learn.  Just a thought.

Frank

On Nov 3, 2015, at 9:23 AM, Schopis, Paul <> wrote:

Steve,
I think your suggestions are spot on. Count me in.
 
Paul
 
 
From:  [] On Behalf Of Steven Wallace
Sent: Monday, November 02, 2015 5:16 PM
To: 
Cc: Jen Leasure; Luke Fowler; Caroline Weilhamer; Steve Cotter; ; ; ; ; Jon-Paul Herron
Subject: [Security-WG] next DDoS mitigation steps...
 

I propose that the working group consider the following next steps WRT moving forward with DDoS mitigation capabilities:

  1. Organize and deliver one or two workshops that cover the use of RTBH, UTRS, exabgp, and FastNetMon. IU could probably host one in the midwest. I’m willing to seek NSF funding, but I suspect we could proceed without the funding. If there’s sufficient interest, we should form a small group to make it happen. Happy to coordinate such a group.
  2. Engage GEANT in a series of deep-dives on their approach to DDoS. From what I can tell, they have something that’s nearly plug-n-play. We could also explore having the RONs peer with GEANT’s DDoS blackhole infrastructure. The deep-dives could be via video/webinar.
  3. Create a list of RON’s/Campuses and their current capabilities.
  4. Learning from #3, develop a BCP for US RONs and campuses.
 
 
A bit more about my thinking. IMO, exploring vended solutions is compliment to approaches such as UTRS & RTBH FlowSpec. Most RONs will likely so a bit of both. As we move forward, Internet2 will benefit form the community’s experience.
 
Who’s interested?
 
thanks,
 
ssw
 
P.S.
 
For the GEANT folks, I’ve attached the set of recommendations that the Internet2 Security working group developed in response to the I2’s network group. Hopefully this will provide a bit of context.


Frank Seesink

Telecommunications Network Specialist III
West Virginia Network (WVNET)
304.293.5192 x241





Archive powered by MHonArc 2.6.16.

Top of Page