513/1-027 (CERN)



Show room on map
Ian Neilson (CERN), Romain Wartel
Operational Security Coordination Team meeting. To dial in to the conference: a. Dial +41227676000 (Main) b. Enter access code 0142490 Or, to be called by the system, you can click here: https://audioconf/call/0142490
  • Alessandra Forti
  • Alexander Verkooijen
  • Carlos Fuentes Bermejo
  • David Jackson
  • David Kelsey
  • Denise Heagerty
  • Eddie Aronovich
  • Eddie Aronovich
  • Emanouil Atanassov
  • Ian Neilson
  • Pawel Wolniewicz
  • Riccardo Brunetti
  • Rolf Rumler
  • Romain Wartel
  • Ryabinkin Eygene
  • Serge Droz
  • Stanislav Spasov
  • Ursula Epting
  • Åke Sandgren
    • 9:00 AM 9:30 AM

      Introduction, agenda of the day, and progress made since OSCT-1

    • 9:30 AM 10:30 AM
      Round-table: EGEE-wide OSCT activities

      Different tasks for OSCT have been identified.
      How do the ROCs propose we achieve them?
      How can we collaborate and share the load?

      While this list is by no mean exhaustive or authoritative,
      the proposed tasks so far cover:
      - OSCT communications with other groups and the sites
      - Incident Response improvement
      - Security tools (monitoring, detection, prevention)

      During this session, all ROCs are welcome to comment on
      proposed tasks and their priority, and according to their
      preferences and availability, offer some contribution on one
      or more area.

    • 10:30 AM 11:00 AM
      Coffee break 30m
    • 11:00 AM 12:00 PM
      Round-table: Sensitive information reporting and disclosure

      OSCT needs to deal with sensitive information, but must also
      be able to communicate with all the sites and other external

      Specific issues have recently been reported, for which
      feedback and recommendations from the ROCs would be necessary:

      • What is the best way to handle the information flow for
        unpatched software or operational vulnerabilities? (GSVG ->
        OSCT -> all sites)

      • How can we resolve or mitigate SPAM problems on the
        incident reporting channels, while enabling external
        communities to contact our CSIRTs?

      • Do we need a both a CSIRT and a CONTACTS list?

    • 12:00 PM 1:30 PM
      Lunch break 1h 30m
    • 1:30 PM 2:00 PM
      Security Service Challenges

      SSC2 debriefing and future plans.

    • 2:00 PM 2:20 PM
      Regional security: IT ROC

      Presentations from the ROC representative as to how security
      operations are organised in his region.

    • 2:20 PM 2:50 PM
      Regional security: SEE ROC

      Presentations from the ROC representative as to how security
      operations are organised in his region.

    • 2:50 PM 3:05 PM
      ISSeG update

      Update on the EGEE related projected, ISSeG
      (http://www.isseg.eu) and collaboration with OSCT.

    • 3:05 PM 3:35 PM
      Coffee break 30m
    • 3:35 PM 3:50 PM
      Collaboration with other monitoring groups

      Introduction about the monitoring groups currently being
      setup, in particular the System Management:


      and discuss about the security part of the mandate.

    • 3:50 PM 4:30 PM
      Round-table: Security Monitoring

      There are several monitoring tools/frameworks that could be
      used for security purpose, such as (but not limited to) SAM,
      Pakiti, or lcg-fw.

      • How could be use these tools?
      • Do we want to provide/maintain them?
      • How could we promote their use among the sites?
    • 4:30 PM 5:00 PM
      OSCT Duty Contact

      The OSCT-DC role has been implemented since OSCT-1.

      • Is there any good/bad feedback from the ROCs about this?
      • How can we improve the role?
    • 5:00 PM 5:15 PM
      AOB and next meeting