Re: Opinion wanted: Cyber orchestration "distro"

[Mike Thomsen]

I'm also free to review the bundle if you need help. I also don't mind
helping with the grunt work of reshaping it into a bundle that can be used
with NiFi proper instead of as a special distro.

On Tue, Mar 6, 2018 at 12:17 PM, Joe Witt  wrote:

> Andre,
>
> You're definitely free to do such a thing - it basically sounds like a
> 'cyber security focused nifi powered distro' which means largely an
> assembly that pulls in cybersecurity specific/relevant extensions and
> the base framework.
>
> You just cannot call that thing 'Apache NiFi/NiFi', need to honor its
> marks, and the ASLv2.  But otherwise you're pretty much good to go.  I
> do think you should consider contributing components that are ASLv2
> friendly and for which their might be value in the apache nifi
> community directly and I think this is a great example of why we
> want/need an extension registry mechanism and path to provide
> extensions outside the big bang release.
>
> Thanks
>
> On Tue, Mar 6, 2018 at 12:08 PM, Andy LoPresto 
> wrote:
> > Andre,
> >
> > I’m happy to contribute and review code for this distro. I think it’s a
> > great idea, and hopefully will be bolstered by the Registry effort where
> we
> > can make pre-selected NAR groups for different focuses (cybersecurity,
> IIoT,
> > ML, etc.).
> >
> > Andy LoPresto
> > alopre...@apache.org
> > alopresto.apa...@gmail.com
> > PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69
> >
> > On Mar 6, 2018, at 12:07 AM, Andre  wrote:
> >
> > Folks,
> >
> > I have been privately working on a number of "processors" focused on
> > orchestration of cyber security related activities (eg update firewall
> > rules with data provided via an HTTP endpoint) etc.
> >
> > While some of these tasks can be easily solved with generic NiFi
> components
> > or with little (or no custom processors at all) truth is that most
> security
> > practitioners just don't get it.
> >
> > Result is that unless you show up with a processor called UpdateCiscoAcl
> > (random example), people's brains just melt.
> >
> > I have been considering spinning up a separate project, based on a cut
> down
> > version of NiFi, that will employ the base framework towards this
> specific
> > use case by publishing specific processors that generally do not appeal
> to
> > the rest of the crowd.
> >
> > My base rationale is the following:
> >
> > - Reduce the need to add processors to the master tree and require people
> > to review processors that are of very limited use outside specific
> contexts.
> > - Improve overall user experience for this particular use case
> > - Reduce impact to the NiFi brand by the release of code that errr, may
> not
> > be up to the standards of my fellow committers ;-)
> >
> > Given my position as a PMC member and profound respect to all of you, I
> > would like to reach out to the rest of the team for you overall thoughts
> > about this?
> >
> > Looking forward to hearing from you.
> >
> >
>

Re: Opinion wanted: Cyber orchestration "distro"

[Joe Witt]

Andre,

You're definitely free to do such a thing - it basically sounds like a
'cyber security focused nifi powered distro' which means largely an
assembly that pulls in cybersecurity specific/relevant extensions and
the base framework.

You just cannot call that thing 'Apache NiFi/NiFi', need to honor its
marks, and the ASLv2.  But otherwise you're pretty much good to go.  I
do think you should consider contributing components that are ASLv2
friendly and for which their might be value in the apache nifi
community directly and I think this is a great example of why we
want/need an extension registry mechanism and path to provide
extensions outside the big bang release.

Thanks

On Tue, Mar 6, 2018 at 12:08 PM, Andy LoPresto  wrote:
> Andre,
>
> I’m happy to contribute and review code for this distro. I think it’s a
> great idea, and hopefully will be bolstered by the Registry effort where we
> can make pre-selected NAR groups for different focuses (cybersecurity, IIoT,
> ML, etc.).
>
> Andy LoPresto
> alopre...@apache.org
> alopresto.apa...@gmail.com
> PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69
>
> On Mar 6, 2018, at 12:07 AM, Andre  wrote:
>
> Folks,
>
> I have been privately working on a number of "processors" focused on
> orchestration of cyber security related activities (eg update firewall
> rules with data provided via an HTTP endpoint) etc.
>
> While some of these tasks can be easily solved with generic NiFi components
> or with little (or no custom processors at all) truth is that most security
> practitioners just don't get it.
>
> Result is that unless you show up with a processor called UpdateCiscoAcl
> (random example), people's brains just melt.
>
> I have been considering spinning up a separate project, based on a cut down
> version of NiFi, that will employ the base framework towards this specific
> use case by publishing specific processors that generally do not appeal to
> the rest of the crowd.
>
> My base rationale is the following:
>
> - Reduce the need to add processors to the master tree and require people
> to review processors that are of very limited use outside specific contexts.
> - Improve overall user experience for this particular use case
> - Reduce impact to the NiFi brand by the release of code that errr, may not
> be up to the standards of my fellow committers ;-)
>
> Given my position as a PMC member and profound respect to all of you, I
> would like to reach out to the rest of the team for you overall thoughts
> about this?
>
> Looking forward to hearing from you.
>
>

Re: Opinion wanted: Cyber orchestration "distro"

[Andy LoPresto]

Andre,

I’m happy to contribute and review code for this distro. I think it’s a great 
idea, and hopefully will be bolstered by the Registry effort where we can make 
pre-selected NAR groups for different focuses (cybersecurity, IIoT, ML, etc.).

Andy LoPresto
alopre...@apache.org
alopresto.apa...@gmail.com
PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69

> On Mar 6, 2018, at 12:07 AM, Andre  wrote:
> 
> Folks,
> 
> I have been privately working on a number of "processors" focused on
> orchestration of cyber security related activities (eg update firewall
> rules with data provided via an HTTP endpoint) etc.
> 
> While some of these tasks can be easily solved with generic NiFi components
> or with little (or no custom processors at all) truth is that most security
> practitioners just don't get it.
> 
> Result is that unless you show up with a processor called UpdateCiscoAcl
> (random example), people's brains just melt.
> 
> I have been considering spinning up a separate project, based on a cut down
> version of NiFi, that will employ the base framework towards this specific
> use case by publishing specific processors that generally do not appeal to
> the rest of the crowd.
> 
> My base rationale is the following:
> 
> - Reduce the need to add processors to the master tree and require people
> to review processors that are of very limited use outside specific contexts.
> - Improve overall user experience for this particular use case
> - Reduce impact to the NiFi brand by the release of code that errr, may not
> be up to the standards of my fellow committers ;-)
> 
> Given my position as a PMC member and profound respect to all of you, I
> would like to reach out to the rest of the team for you overall thoughts
> about this?
> 
> Looking forward to hearing from you.



signature.asc
Description: Message signed with OpenPGP using GPGMail

Opinion wanted: Cyber orchestration "distro"

[Andre]

 Folks,

I have been privately working on a number of "processors" focused on
orchestration of cyber security related activities (eg update firewall
rules with data provided via an HTTP endpoint) etc.

While some of these tasks can be easily solved with generic NiFi components
or with little (or no custom processors at all) truth is that most security
practitioners just don't get it.

Result is that unless you show up with a processor called UpdateCiscoAcl
(random example), people's brains just melt.

I have been considering spinning up a separate project, based on a cut down
version of NiFi, that will employ the base framework towards this specific
use case by publishing specific processors that generally do not appeal to
the rest of the crowd.

My base rationale is the following:

- Reduce the need to add processors to the master tree and require people
to review processors that are of very limited use outside specific contexts.
- Improve overall user experience for this particular use case
- Reduce impact to the NiFi brand by the release of code that errr, may not
be up to the standards of my fellow committers ;-)

Given my position as a PMC member and profound respect to all of you, I
would like to reach out to the rest of the team for you overall thoughts
about this?

Looking forward to hearing from you.