MISP deployment at RedClara

by Christos Arvanitis (CERN), Pau Cutrina Vilalta (CERN)

Tuesday 19 Dec 2023, 16:00 → 18:00 Europe/Zurich

Zoom

This session will be done in English and recorded for future reference.

Zoom Link: https://cern.zoom.us/j/61321942988?pwd=YStPMmFubjVrMkVIVWgvSm5zZS80UT09

During this meeting, we will deploy MISP in RedClara. Our primary goal is to not only configure the instance but also document each step, ensuring that it can be easily replicated in the future. We will be following these steps:

1. Instance deployment
2. Configuration
3. Synchronization with other instances
4. Feed consumption
5. Basic filtering

[RedClara]

The service manager that will be doing the deployment should be ready to share his/her screen as we will work together during the process. To ensure the successful completetion, it is necessary to:

• Have root access to a Virtual Machine (VM) with => 4 CPUs, 8 GB of RAM, and 20 GB of storage.
• Install docker and docker-compose.
• Open the port 443 on the firewall. 
• Create a CNAME DNS record for misp.redclara.net pointing to the IP of the host.
• Issue a valid:    
  •  Certificate File: cert.pem
  • Certificate Key File: key.pem
  • CA File for Cert Authentication (optional) ca.pem
• Test that the host can use a simple SMTP server without Oauth. We will need the following information:
  • SMARTHOST_ADDRESS=
    SMARTHOST_PORT=
    SMARTHOST_USER=
    SMARTHOST_PASSWORD=
    SMARTHOST_ALIASES=

MISP RedClara.ics