Salsa Call 17-Apr-08

**Salsa Call 17-Apr-08**

**Attending**
Chris Misra, U. Mass (chair)
Ken Klingenstein, Internet2
Rodney Petersen, Educause
Deke Kassabian, U. Penn
Doug Pearson, REN-ISAC/Indiana U.
Joe St. Sauver, Internet2/U. Oregon
Jim Pepin, Clemson
Mark Poepping, CMU
Chas DiFatta, CMU
Renee Frost, Internet2
Steve Olshansky, Internet2 (scribe)

*Discussion*
- Security Professionals Conference
- NSF CyberSecurity Summit
- REN-ISAC member meeting
Planning is going well for all 3 meetings, and registration numbers are strong.

- Eduroam + FWNA
Canada is rolling out Eduroam, but traction in the US is slow in coming. Many campuses have guest-use systems in place, and if they deploy Eduroam their view is that they would still need to keep these existing guest systems in place. This could be a large factor in the slow adoption in the US.

- Internet2 member meeting - update
Salsa lunch and the MACE/Salsa dinner are on Tuesday. Lucy Lynch from ISOC is the dinner guest. The strategic planning group has several events planned, including open sessions for drop-in discussion and feedback. All Salsa are encouraged to provide feedback to them on any topic of interest, but particularly about the role of Security in the plan going forward.

- 2-port Internet conversation - continued
It was noted that one campus has a service in place that allows a user to authenticate to open firewall ports, if the user has the appropriate privileges to do so.

One common security approach utilized is to concentrate protection around critical resources, and keep the rest of the network relatively open in order to allow your users to get their work done with as little friction as possible… I.e. this approach is to keep the firewalls close to (or in some cases on) the hosts you are trying to protect, rather than at your perimeter.

- APHIDS update
There was discussion about the development status, and the timing of announcing it to the broader community for early feedback and potential community contribution. Based on recent discussions on security lists there appears to be growing interest in this area. This will be discussed at the upcoming Internet2 Member Meeting (Security Topics Update session) and Security Professionals conference.

- Cornell Spider update
This is a tool used to locate sensitive data in need of protection.
Development continues, and Internet2 will be hosting it when it is ready for broader distribution.

- Potential funding for Internet2 security efforts
Topics being discussed include support for RENOIR and APHIDS, and the public posting of high-level security actions taken by high-visibility sites.

Also being discussed is utilizing EDDY for mail diagnostics and shared darknet.

Doug may be able to provide some staff resources toward this overall effort.

Next call: Thu 1-May-2008