Hi all, We are in the process of setting up several PODs of servers for use in OPNFV CI/CD and other related dev/test/demo projects. One of the things we need to ensure is that we are deeply aware of how the servers are acting (starting with the jumphosts, and extending to the control/compute hosts), so that we can identify any problematic behavior asap. For that purpose we need advice on what analytics/security tools (preferably open source) are typically used in OPNFV labs to address such needs as to:
* Identify host intrusion attempts (either incoming or outgoing) * Identify Botnet type behaviors * Identity other suspect behaviors * Identify sources (site/addresses, organizations) of code that are retrieved in the OPNFV build, deploy, and test processes * Advise on the level of trust in those code sources The fact that OPNFV CI/CD involves the dynamic retrieval of many unknown components from across the internet, which as they unfold pull in additional resources, requires us to setup a system to watch that process and the resulting test system carefully. We will likely use commercial tools for these things, but would like to understand what is currently done in OPNFV Community Labs, either for CI/CD PODs or assigned project test PODs, and what if any of those tools are open source. Thanks for your help, Bryan Sullivan | AT&T
_______________________________________________ opnfv-tech-discuss mailing list opnfv-tech-discuss@lists.opnfv.org https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss
