CESNET's Warden



Functional Components Description

The architecture of the WARDEN system is that of the client – server type. The Warden system consists of a server, receiving clients and sending clients. The server, on request of receiving clients, distributes new (previously undistributed) events fed to the server by sending clients.

Each entity/network that wishes to feed data into the WARDEN system should have a so called sending client. Each entity/network that wishes to receive data from the WARDEN system should have a so called receiving client. The server (the centre) ensures the data reception and storage as well as the interface for the access to data stored. Data which the clients send into the centre will be referred to as events. Events are sent by the clients after authentication; the access to the centre is also authenticated. X.509 is used for the authentication.


Services provided

None.


Current Usage

The Warden system is currently developed and deployed mainly to satisfy the needs of the national research and education network CESNET2 administered by the CESNET association for its members and other entities involved. In the future, we plan to develop the Warden project as open. Until then, non-members of CESNET2 wishing to participate in the project can participate only based on ad-hoc agreements.


Keywords

Network security, event sharing, platform


Services

  • The server, on request of receiving clients, distributes new (previously undistributed) events fed to the server by sending clients.

  • Each entity/network that wishes to feed data into the WARDEN system should have a so called sending client.

  • The server (the centre) ensures the data reception and storage as well as the interface for the access to data stored. Data which the clients send into the centre will be referred to as events. Events are sent by the clients after authentication; the access to the centre is also authenticated. X.509 is used for the authentication.


Technical equipment

  • Server:

    • Dell PowerEdge R410

    • 2x Intel Xeon L5640 (2.26GHz, 6C, 12M Cache, 5.86 GT/s QPI, 60W TDP, Turbo, HT)

    • 32 GB RAM, DDR3-1066MHz

    • 540 GB RAID5 HDD (3x 300GB, 15k RPM, 3.5” SAS; PERC H700A RAID Controller)

    • 2 port Broadcom NetXtreme II BCM5716 1000Base-T (C0) PCI Express


Use request

Open source