Internet2 Home ESnet Home

Live netcast and video on demand information. REN-ISAC SES Project

July 21, 2009, 2:00 PM - 2:20 PM
UTC/GMT -4 hours
Location: Auditorium
Add to iCal Add to Google Calendar
  • Doug Pearson
    REN-ISAC  [pdf]
  • Session Evaluation
    Session Abstract The SES (Security Event Standardization) system is being developed to enable real-time sharing of security event data, in standardized representation, within a trusted federation, and among federations.

    SES Phase I will facilitate the parsing of various event types, including IDS, firewall, sshd, DNS, and phishing, to yield mid-level events (i.e. events of interest), normalize a description of the events in IETF IDMEF and IODEF formats, and provide a transport, storage, and retrieval substrate, in the context of a trusted federation. In addition to the underlying event information sharing capabilities, SES is designed as a tool framework, providing the capability to incorporate correlation and analysis components, interface with systems that provide automated notification of security incidents, and interface with systems that treat higher-level incident information in a federated context. The SES respository will provide a base for longitudinal security trend and incident analysis.

    SES is being developed within the REN-ISAC community (Research and Education Networking Information Sharing and Analysis Center), and in collaboration with the Internet2 CSI2 effort, under grant from the Department of Justice to Internet2.

    This presentation will provide an overview of the project fundamentals and a description of pilot implementation scheduled for this summer in the REN-ISAC community.

    REN-ISAC Handout (pdf)

    If you attended this meeting, please fill out the Session Evaluation

    Netcast Archive Streams [Flash (High)]
    Related Topic Areas