Providing NRENs with a baseline toolset for SOC services
As the need for SOC operations arose within the NREN community, the GÉANT project created an interoperable set of tooling which can serve as a starting point for a NREN’s SOC. This tooling aims to assist with automation of the NREN’s security processes and data gathering. While a full stack including the acceptance of log and IDS data has been developed using existing tools, the focus had been layed upon easy and modular expandability.
The core layout is as follows:
The current state of the tooling can be installed in a docker environment and is available upon request from GÉANTs gitlab.
A mailing discussion group for interested nrens has been created, subscription information can be found here: soc-tools Mailing list