Security Monitoring

Chapter:
Security
Version:
Updated:
2015-09-02
Contact Person:
Olivier Bettan / Susana González Zarzosa
olivier.bettan@thalesgroup.com susana.gzarzosa@atos.net
Feedback:
Although taking the binaries from our forge is sometimes an option, you may want to choose automated deployment facilities provided in the FI-WARE Cloud environment you are using. The following is a description of those facilities in the FI-PPP Testbed (available to FI-PPP partners) and the FI-LAB (open to any developer). There are three basic automated deployment mechanisms available:
  • Images. A ready-made Virtual Machine, with the GE deployed and properly configured. This is pretty simple but it does not allow for any customised options and it requires a dedicated Virtual Machine.
  • Deploying a dedicated GE instance in your own virtual infrastructure. There will be images that will allow you to deploy a VM that contains a chef agent. Once such VM is deployed, you can deploy the GE software plus additional software by using automated facilities.
For this particular generic enabler instance the available deployment methods are as follows:

Deploying a dedicated GE instance based on an image

MulVAL Attack Paths Engine, Scored Attack Paths and Remediation

These three GEis are hoisted in the same VM instance. In order to deploy a dedicated instance of these GEi perform the following actions:
  • Access the FI-WARE Cloud Portal (http://cloud.lab.fi-ware.org)
  • Login with your login/password (if you don't have a login/password, please register on http://account.lab.fi-ware.org)
  • Click on the "Images" option at the left, then "Launch" selecting the row with the name SecMonitoring-GE-AttackGraph-Scoring-Remediation-Thales-3.3.3
In a matter of minutes a ready-to-use VM instance of these GEis will appear in the "Instances" area (see the FI-WARE Cloud Portal guide for additional information on VM management using FI-WARE Cloud).

Deploying a dedicated GE instance in your own virtual infrastructure

MulVAL Attack Paths Engine, Scored Attack Paths and Remediation

As these three applications are offered in the same VM instance and can be installed via Chef recipes deploying an image with a chef agent installed. Then, you can go to the Instance tab and press the “Add software” button to automatically install the GE (with the cookbook called sls) and additional software from the software catalogue. Use the cookbook called The instructions to deploy software using recipes are available on a tutorial available on http://lab.fi-ware.org