Difference between revisions of "EGI CSIRT:SMG"
Line 8: | Line 8: | ||
Main tasks of the activity: | Main tasks of the activity: | ||
* Patch management using Pakiti | * Patch management using [http://pakiti.sf.net/ Pakiti] | ||
* | * Tracing activities of the users | ||
* Integration with Nagios | * Integration with Nagios | ||
* Security monitoring dashboard | * Security monitoring dashboard | ||
== Persons == | == Persons == | ||
Line 33: | Line 17: | ||
* Daniel Kouril (kouril@ics.muni.cz), Czech Republic NGI | * Daniel Kouril (kouril@ics.muni.cz), Czech Republic NGI | ||
=== | === Participants === | ||
{| {{egi-table}} class="sortable" | {| {{egi-table}} class="sortable" | ||
!Name !! NGI !! Home Organization !! Effort Available (PM) | !Name !! NGI !! Home Organization !! Effort Available (PM) |
Revision as of 15:31, 12 July 2010
public team pages| Incident Response Task Force (IRTF) | Security Drills Group (SDG) | Security Monitoring Group (SMG) |
public pages | Mission | Incident reporting | Dissemination | Alerts | Operational notices | Monitoring | Security challenges | Policies | Contacts |
Security Monitoring Group
Objective
Security monitoring is a key component to security. It may enable the service managers to prevent, detect and contain security incidents as well as to detect weak spots in the infrastructure before they get misused. The EGI CSIRT contributes to security monitoring by developing a monitoring tools, promoting existing tools, performing security tests against the sites and providing advisories about deployment and usage of the tools.
Goals of security monitoring
The EGI CSIRT strives to provide both high-level overviews summarizing current status and detailed information about particular issues identified in the infrastructure. While closely collaborating with the NGIs and sites, the EGI CSIRT does not provide a replacement for site and NGI level monitoring, however, the EGI CSIRT will recommend a basic set of monitoring tools that the NGIs and sites can use for security monitoring. In addition, the EGI CSIRT operates its own monitoring tools collecting information from the sites. The probes used are not intrusive and do not attempt to circumvent any security mehanisms and are not resource intensive. Results collected by these probes are only available to the EGI CSIRT members and communicated to the appropriate site security contacts.
Main tasks of the activity:
- Patch management using Pakiti
- Tracing activities of the users
- Integration with Nagios
- Security monitoring dashboard
Persons
Coordinator
- Daniel Kouril (kouril@ics.muni.cz), Czech Republic NGI
Participants
class="sortable"Name | NGI | Home Organization | Effort Available (PM) |
---|---|---|---|
David O'Callaghan | Irland NGI | TCD | |
Christos Triantafyllidis | Greek NGI | ||
Jinny Chien | - | ASGC | |
Daniel Kouril | Czech Republic NGI | CESNET | |
Michal Prochazka | Czech Republic NGI | CESNET | |
Dusan Vudragovic | Serbia NGI | AEGIS | |
Angela Poschlad | German NGI | KIT | |
Bartlomiej Balcerek | Poland NGI | WCSS (CYFRONET) | 4 |
Emir Imamagic | Croatia NGI | ||
Riccardo Brunetti | Italy NGI | INFN | |
Guiseppe Misurelli | Italy NGI | INFN | |
Dorine Fouossong | France NGI | ||
Feyza Eryol | TR NGI | TUBITAK-ULAKBIM |