Skip to end of banner
Go to start of banner

2022-12-09 - Network Traffic Control Working Group Meeting Notes

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »

Date

Attendees

Discussion items

TimeItemWhoNotes
45 MinProposal site structureGroup diskussion
  • Site structrue
    • Definitions within environment(s) to investigate
      • classes of threats
        • External generic - i.e script kiddies, without folio-specific knowledge
        • "Bad user" - has a folio account and password. Either leaked account/password or evil user
        • Internal non-folio - Has access to (parts of) folio network but no account
        • non-malicious - I.e Ooops- script or command. User with foilo-account that had bad luck when thinking
      • classes of networks
        • public net
        • internals net(s)
      • classes of FOLIO services
        • FOLIO Backend modules
        • FOLIO permission/managing service - OKAPI
        • Secondary services
          • Kafka
          • Elastic Search
          • Database
          • FOLIO-Reporting?
          • Monitoring?
      • classes of tools to explore
        • webservers / proxies
        • firewalls
        • others?
          • treat/suspicous traffic detection services (log scanning eg. elastic search)
      • scope / out of scope
      • Diagrams needed?
    • Matrix of cases to explore (?)
5 MinMeeting times and frequenciesAll
  • Fridays 11 CET every week to start
  • could lower frequency later for asychronous work

Action items


  • No labels