Re: Opinion wanted: Cyber orchestration "distro"

[Mike Thomsen]

I'm also free to review the bundle if you need help. I also don't mind
helping with the grunt work of reshaping it into a bundle that can be used
with NiFi proper instead of as a special distro.

On Tue, Mar 6, 2018 at 12:17 PM, Joe Witt  wrote:

> Andre,
>
> You're definitely free to do such a thing - it basically sounds like a
> 'cyber security focused nifi powered distro' which means largely an
> assembly that pulls in cybersecurity specific/relevant extensions and
> the base framework.
>
> You just cannot call that thing 'Apache NiFi/NiFi', need to honor its
> marks, and the ASLv2.  But otherwise you're pretty much good to go.  I
> do think you should consider contributing components that are ASLv2
> friendly and for which their might be value in the apache nifi
> community directly and I think this is a great example of why we
> want/need an extension registry mechanism and path to provide
> extensions outside the big bang release.
>
> Thanks
>
> On Tue, Mar 6, 2018 at 12:08 PM, Andy LoPresto 
> wrote:
> > Andre,
> >
> > I’m happy to contribute and review code for this distro. I think it’s a
> > great idea, and hopefully will be bolstered by the Registry effort where
> we
> > can make pre-selected NAR groups for different focuses (cybersecurity,
> IIoT,
> > ML, etc.).
> >
> > Andy LoPresto
> > alopre...@apache.org
> > alopresto.apa...@gmail.com
> > PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69
> >
> > On Mar 6, 2018, at 12:07 AM, Andre  wrote:
> >
> > Folks,
> >
> > I have been privately working on a number of "processors" focused on
> > orchestration of cyber security related activities (eg update firewall
> > rules with data provided via an HTTP endpoint) etc.
> >
> > While some of these tasks can be easily solved with generic NiFi
> components
> > or with little (or no custom processors at all) truth is that most
> security
> > practitioners just don't get it.
> >
> > Result is that unless you show up with a processor called UpdateCiscoAcl
> > (random example), people's brains just melt.
> >
> > I have been considering spinning up a separate project, based on a cut
> down
> > version of NiFi, that will employ the base framework towards this
> specific
> > use case by publishing specific processors that generally do not appeal
> to
> > the rest of the crowd.
> >
> > My base rationale is the following:
> >
> > - Reduce the need to add processors to the master tree and require people
> > to review processors that are of very limited use outside specific
> contexts.
> > - Improve overall user experience for this particular use case
> > - Reduce impact to the NiFi brand by the release of code that errr, may
> not
> > be up to the standards of my fellow committers ;-)
> >
> > Given my position as a PMC member and profound respect to all of you, I
> > would like to reach out to the rest of the team for you overall thoughts
> > about this?
> >
> > Looking forward to hearing from you.
> >
> >
>

Re: Opinion wanted: Cyber orchestration "distro"

[Joe Witt]

Andre,

You're definitely free to do such a thing - it basically sounds like a
'cyber security focused nifi powered distro' which means largely an
assembly that pulls in cybersecurity specific/relevant extensions and
the base framework.

You just cannot call that thing 'Apache NiFi/NiFi', need to honor its
marks, and the ASLv2.  But otherwise you're pretty much good to go.  I
do think you should consider contributing components that are ASLv2
friendly and for which their might be value in the apache nifi
community directly and I think this is a great example of why we
want/need an extension registry mechanism and path to provide
extensions outside the big bang release.

Thanks

On Tue, Mar 6, 2018 at 12:08 PM, Andy LoPresto  wrote:
> Andre,
>
> I’m happy to contribute and review code for this distro. I think it’s a
> great idea, and hopefully will be bolstered by the Registry effort where we
> can make pre-selected NAR groups for different focuses (cybersecurity, IIoT,
> ML, etc.).
>
> Andy LoPresto
> alopre...@apache.org
> alopresto.apa...@gmail.com
> PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69
>
> On Mar 6, 2018, at 12:07 AM, Andre  wrote:
>
> Folks,
>
> I have been privately working on a number of "processors" focused on
> orchestration of cyber security related activities (eg update firewall
> rules with data provided via an HTTP endpoint) etc.
>
> While some of these tasks can be easily solved with generic NiFi components
> or with little (or no custom processors at all) truth is that most security
> practitioners just don't get it.
>
> Result is that unless you show up with a processor called UpdateCiscoAcl
> (random example), people's brains just melt.
>
> I have been considering spinning up a separate project, based on a cut down
> version of NiFi, that will employ the base framework towards this specific
> use case by publishing specific processors that generally do not appeal to
> the rest of the crowd.
>
> My base rationale is the following:
>
> - Reduce the need to add processors to the master tree and require people
> to review processors that are of very limited use outside specific contexts.
> - Improve overall user experience for this particular use case
> - Reduce impact to the NiFi brand by the release of code that errr, may not
> be up to the standards of my fellow committers ;-)
>
> Given my position as a PMC member and profound respect to all of you, I
> would like to reach out to the rest of the team for you overall thoughts
> about this?
>
> Looking forward to hearing from you.
>
>

Re: Opinion wanted: Cyber orchestration "distro"

[Andy LoPresto]

Andre,

I’m happy to contribute and review code for this distro. I think it’s a great 
idea, and hopefully will be bolstered by the Registry effort where we can make 
pre-selected NAR groups for different focuses (cybersecurity, IIoT, ML, etc.).

Andy LoPresto
alopre...@apache.org
alopresto.apa...@gmail.com
PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69

> On Mar 6, 2018, at 12:07 AM, Andre  wrote:
> 
> Folks,
> 
> I have been privately working on a number of "processors" focused on
> orchestration of cyber security related activities (eg update firewall
> rules with data provided via an HTTP endpoint) etc.
> 
> While some of these tasks can be easily solved with generic NiFi components
> or with little (or no custom processors at all) truth is that most security
> practitioners just don't get it.
> 
> Result is that unless you show up with a processor called UpdateCiscoAcl
> (random example), people's brains just melt.
> 
> I have been considering spinning up a separate project, based on a cut down
> version of NiFi, that will employ the base framework towards this specific
> use case by publishing specific processors that generally do not appeal to
> the rest of the crowd.
> 
> My base rationale is the following:
> 
> - Reduce the need to add processors to the master tree and require people
> to review processors that are of very limited use outside specific contexts.
> - Improve overall user experience for this particular use case
> - Reduce impact to the NiFi brand by the release of code that errr, may not
> be up to the standards of my fellow committers ;-)
> 
> Given my position as a PMC member and profound respect to all of you, I
> would like to reach out to the rest of the team for you overall thoughts
> about this?
> 
> Looking forward to hearing from you.



signature.asc
Description: Message signed with OpenPGP using GPGMail