OPNFV Security Panel

•

0 likes•214 views

OPNFV Security Panel featuring insights from: Luke Hinds, Nokia Networks; Rana Pratap Sircar, Ericsson; Nir Halachmi, Huawei; and John McDowall, Palo Alto Networks

Software

OPNFV Security Group
Luke Hinds
Security Group Project Lead
Principle Security Architect @ Nokia Networks

Overview
• Founded Jan 22, 2015
• Four members! (room for more)
• Improve OPNFV security through documentation,
code / design review, upstream inter-work.
• An ‘umbrella’ group to encourage development of
security within the OPNFV eco-system.
• Effectively handle vulnerability and threats in a co-
ordinated manner.
2

Projects…
OPNFV Security Guide
– Best Practices
– Hardening Guidelines
– 'Living' document
– Project Input welcomed
https://etherpad.opnfv.org/p/security-guide

4
– Improve Audit
– Code Commits upstream
– CADF Framework
– Project Input welcomed
https://wiki.opnfv.org/requirements_projects/inspector
Projects…
Inspector

Secure Coding
Gerrit Code / Design Review:
Tag ‘SecurityImpact’
opnfv-security@lists.opnfv.org
5
Secure Coding Guidelines:

Secure Coding – what we check for..
Shell Executions:
>>> from subprocess import call
>>> filename = input("What file would you like to display?n")
What file would you like to display?
non_existent; rm -rf importantFiles #
>>> call("cat " + filename, shell=True)
6

Secure Coding – what we check for..
Permissions:
with open('testfile.txt', 'w') as fout:
fout.write("secrets!")
flags = os.O_WRONLY | os.O_CREAT | os.EXLC
with os.fdopen(os.open('testfile.txt', flags,
0600), 'w') as fout:
fout.write("secrets!")
7
Defaults to OS permissions
Can be read by All!
Only the user has read
permissions

Vulnerability Management
9
– Coordinated response
– Responsible Disclosure Process
– Advisory
https://wiki.opnfv.org/security/osvm

Come and join us...
10
–Every Wednesday @ 14:00 UTC
–#opnfv-sec

What's hot

PIACERE - DevSecOps Automated

PIACERE

Know Your Security Model

Mikhail Shcherbakov

Containerization has increased the pace of deployment but doesn't overcome the need for application security. Key to making your security teams comfortable with containers is to maintain visibility into the various software components and proactively patching vulnerabilities as they are disclosed. Aporeto provides a service mesh for application security on any orchestrator, including Kubernetes, and/or any on-premises or cloud infrastructure including AWS, Azure and Google. Their easy to deploy solution provides consistent security that is automated to eliminate both manual efforts and human errors. Don Chouinard, Product Marketing lead at Aporeto, will share how Aporeto uses InfluxData to maintain visibility into the security state of the various application components whenever they run using automatically generated security policies.

How Aporeto Secures Cloud-native Across Public, Private, & Hybrid Clouds with...

DevOps.com

Practical DevSecOps - Arief Karfianto

idsecconf

The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...

WhiteSource

Fortify dev ops (002)

Madhavan Marimuthu

DevSecOps means considering application and infrastructure security from the beginning. This also means automating some security doors to prevent the DevOps workflow from slowing down. The goal of DevSecOps (development, security, and operations) is to make everyone responsible for security, with the main target on implementing security decisions and actions at an equivalent scale and speed as development and operations decisions and actions. Implementing DevSecOps are often an elaborate process for a corporation , but well worthwhile when considering the advantages . Implementation usually includes the subsequent stages: Planning and development Building and testing Deployment and operation Monitoring and scaling Tonex's DevSecOps Training Bootcamp DevSecOps training Bootcamp is a practical DevSecOps course, participants can acquire in-depth knowledge and skills to apply, implement and improve IT security in modern DevOps. Participants understand DevOps and DevSecOps to take full advantage of the agility and responsiveness of the secure DevOps method, IT security on SDLC, and the entire life cycle of the application. DevSecOps Training Bootcamp focuses on: Concepts Principles Processes Policies Guidelines Mitigation Applied Risk Management Framework (RMF) Technical Skills Audience: Security Staff IT Leadership IT Infrastructure CIOs / CTOs /CSO Configuration Managers Developers and Application Team Members and Leads IT Operations Staff IT Project & Program Managers Product Owners and Managers Release Engineers Agile Staff and ScrumMasters Software Developers Software Team Leads System Admin Training Objectives: Identify and explain the phases of the DevOps life cycle Define the roles and responsibilities that support the DevOps environment Describe the security components of DevOps and determine its risk principles Analyze, evaluate and automate DevOps application security across SDLC Identify and explain the characteristics required to meet the definition of DevOps computing security Discuss strategies for maintaining DevOps methods Perform gap analysis between DevOps security benchmarks and industry standard best practices Evaluate and implement the safety controls necessary to make sure confidentiality, integrity and availability (CIA) in DevOps environments Perform risk assessments of existing and proposed DevOps environments Integrate RMF with DevOps Explain the role of encryption in protecting data and specific strategies for key management And more. Course Content: DevOps vs. DevSecOps DevOps Security Requirements DevOps Typical Security Activities Tools for Securing DevOps Principles Behind DevSecOps DevSecOps and Application Security How to DevSecOps DevSecOps Maturity RMF, DevOps and DevSecOps For More Information: https://www.tonex.com/training-courses/devsecops-training-bootcamp/

DevSecOps Training Bootcamp - A Practical DevSecOps Course

Tonex

Open source software components play an important role by providing us with the building blocks of our products. However, even as we enjoy the benefits of open source components, they are not without their challenges, especially when it comes to security vulnerabilities. In this webinar with Circle CI, you'll learn how: - WhiteSource Orb can help teams catch vulnerabilities within open source components at early stages of the development cycle - You can start implementing the WhiteSource CircleCI orb into your CI configuration - To gain insights into your software helping you make smarter decisions in working with open source components.

CI/CD pipeline security from start to finish with WhiteSource & CircleCI

WhiteSource

Aleksei Dremin - Application Security Pipeline - phdays9

Alexey Dremin

DevSecOps is a very loaded term and it includes many topics. Despite what some will lead you to believe, DevSecOps is not just an integration of security testing tools. Nor is it merely a focus on achieving security quality attributes on CI and CD. DevSecOps is beyond the automatizing security testing and there are common misconceptions and roadblocks on how you can establish it successfully. Learning Objectives: 1: Identify key principles of DevSecOps and see how it relates to DevOps principles. 2: Analyze common pitfalls and see where integration security takes part in DevSecOps. 3: Demonstrate how to do “Continuous Security” by using a lifecycle approach. (Source: RSA Conference USA 2018)

Dos and Don'ts of DevSecOps

Priyanka Aash

WhiteSource Webinar What's New With WhiteSource in December 2018

WhiteSource

DevSecOps outline

Nickleus Jimenez

Secure DevOPS Implementation Guidance

Tej Luthra

DevSecCon Asia 2017 Joel Divekar: Using Open Source Automation tools for DevS...

DevSecCon

Service based apps using open source components and containers for continuous deployment in DevOp teams need to react fast and deploy often. With increasing complexity of software systems and the need for agility and flexibility the demand for security increases. These slides show an approach for DevSecOp automation and present the results of a survey about the current status of security automation in software development companies. If you want to see the resulting concept which was developed during the study, please contact me on linked in.

How to automate your DevSecOps successfully

Manuel Pistner

As presented at Open Source Open Standards (GovNet) (http://opensourceconference.co.uk/), this deck covers some of the material which operators of open source data centers and users of container and cloud technologies should be aware of when seeking to be security conscious. Traditionally, when datacentre operators talk about application security, there has been a tendency to focus on issues related to key management, firewalls and data access. By contrast, application developers have a security focus which is more aligned with code analysis and fuzzing techniques. The reality is, secure application deployment principles extend from the infrastructure layer through the application and include how the application is deployed. With the prevalence of continuous deployment, it’s imperative to focus efforts on what attackers’ view as vulnerable; particularly in an environment where new exploits are being disclosed almost daily. In this session we’ll present: - How known vulnerabilities can make their way into production deployments - How vulnerability impact is maximized - A methodology for ensuring deployment of vulnerable code can be minimized - A methodology to minimize the potential for vulnerable code to be redistributed

Secure application deployment in the age of continuous delivery

Tim Mackey

In the fusion between DevOps and DevSecOps, the pace and agility of the DevSecOps approach made AppSec and InfoSec were a little left behind. The DevOps squad topology does not involve any of the organization's AppSec and InfoSec Engineer. Many DevOps team are also not included them since they lack the information on how to manage and configure DevOps CI / CD pipelines and DevSecOps approaches. There's no shortage of talent — you probably don't have a mission worth getting out of bed or a culture that fosters continuous learning such DevSecOps skill and tools and growth where people feel psychologically safe. Besides, there is no shortage of skills — most have a poor understanding of what they need to be successful or the skills that need to leverage to improve their security posture.

Why Security Engineer Need Shift-Left to DevSecOps?

Najib Radzuan

DevSecOps Beginners Guide : How to secure process in DevOps with OpenSource

DevOps Indonesia

Secure application deployment in Apache CloudStack

Tim Mackey

All organizations want to go faster and decrease friction in their cloud software delivery pipeline. Infosec has an opportunity to change their classic approach from blocker to enabler. This talk will discuss hallmarks of CI/CD and some practical examples for adding security testing across different organizations. The talk will cover emergent patterns, practices and toolchains that bring security to the table. Presented at OWASP NoVA, Sept 25th, 2018

DevSecOps and the CI/CD Pipeline

James Wickett

What's hot (20)

PIACERE - DevSecOps Automated

Know Your Security Model

How Aporeto Secures Cloud-native Across Public, Private, & Hybrid Clouds with...

Practical DevSecOps - Arief Karfianto

The Devops Challenge: Open Source Security Throughout the DevOps Pipline- A W...

Fortify dev ops (002)

DevSecOps Training Bootcamp - A Practical DevSecOps Course

CI/CD pipeline security from start to finish with WhiteSource & CircleCI

Aleksei Dremin - Application Security Pipeline - phdays9

Dos and Don'ts of DevSecOps

WhiteSource Webinar What's New With WhiteSource in December 2018

DevSecOps outline

Secure DevOPS Implementation Guidance

DevSecCon Asia 2017 Joel Divekar: Using Open Source Automation tools for DevS...

How to automate your DevSecOps successfully

Secure application deployment in the age of continuous delivery

Why Security Engineer Need Shift-Left to DevSecOps?

DevSecOps Beginners Guide : How to secure process in DevOps with OpenSource

Secure application deployment in Apache CloudStack

DevSecOps and the CI/CD Pipeline

Similar to OPNFV Security Panel

All organizations want to go faster and decrease friction in delivering software. The problem is that InfoSec has historically slowed this down or worse. But, with the rise of CD pipelines and new devsecops tooling, there is an opportunity to reverse this trend and move Security from being a blocker to being an enabler. This talk will discuss hallmarks of doing security in a software delivery pipeline with an emphasis on being pragmatic. At each phase of the delivery pipeline, you will be armed with philosophy, questions, and tools that will get security up-to-speed with your software delivery cadence. From DeliveryConf 2020

Pragmatic Pipeline Security

James Wickett

SecurifyLabs & Tiki @ Countermeasure 2014

securifylabs

Presented at All Things Open 2023 Presented by Viral Chhasatia & Karan Marjara - Amazon Title: Open Source evaluation: A comprehensive guide on what you are using Abstract: What happens if an open source package your service relies on changes direction or shuts down? This talk provides a step-by-step approach that enables users to thoroughly assess open source software risks and rewards before making a final decision to use it in your product or service. Find more info about All Things Open: On the web: https://www.allthingsopen.org/ Twitter: https://twitter.com/AllThingsOpen LinkedIn: https://www.linkedin.com/company/all-things-open/ Instagram: https://www.instagram.com/allthingsopen/ Facebook: https://www.facebook.com/AllThingsOpen Mastodon: https://mastodon.social/@allthingsopen Threads: https://www.threads.net/@allthingsopen 2023 conference: https://2023.allthingsopen.org/

Open Source evaluation: A comprehensive guide on what you are using

All Things Open

How do you integrate security within a Continuous Deployment (CD) environment - where every 5 minutes a feature, an enhancement, or a bug fix needs to be released? Traditional application security tools which require lengthy periods of configuration, tuning and application learning have become irrelevant in these fast-pace environments. Yet, falling back only on the secure coding practices of the developer cannot be tolerated. Secure coding requires a new approach where security tools become part of the development environment – and eliminate any unnecessary overhead. By collaborating with development teams, understanding their needs and requirements, you can pave the way to a secure deployment in minutes.

DevOps & Security: Here & Now

Checkmarx

Dev opsandsecurity owasp

Helen Bravo

Businesses are looking to accelerate the delivery of production quality software with fewer defects, and better security. Continuous Integration/Continuous Deployment (CI/CD) also known as DevOps is a rapidly maturing practice for reducing the time and effort it takes to test and deploy code into production. The rapid automation of the integration and deployment activities is common especially on cloud-based platforms. Adding security testing into the DevOps pipeline can help address the needs of regulated, compliance and public sector focused organizations. This white paper describes the use of open source technologies and commercial packages to design and deploy a Secure DevOps pipeline. Tools such as Yasca, SonarQube, and OpenSCAP amongst others when integrated with vulnerability scanners such as Tenable Nessus, HP Fortify and others provide a robust SecDevOps implementation. This white paper by stackArmor provides an overview on how an organization can implement a Secure DevOps pipeline and its key elements.

Implementing Secure DevOps on Public Cloud Platforms

Gaurav "GP" Pal

DevOps & DevSecOps in Swiss Banking

Aarno Aukia

How to Contribute to Cloud Native Computing Foundation

CodeOps Technologies LLP

How to contribute to cloud native computing foundation (CNCF)

Krishna-Kumar

As presented by Tim Mackey, Senior Technical Evangelist at Black Duck Software, at Open Source Open Standards (GovNet) (http://opensourceconference.co.uk/), this deck covers some of the material which operators of open source data centers and users of container and cloud technologies should be aware of when seeking to be security conscious. Traditionally, when datacentre operators talk about application security, there has been a tendency to focus on issues related to key management, firewalls and data access. By contrast, application developers have a security focus which is more aligned with code analysis and fuzzing techniques. The reality is, secure application deployment principles extend from the infrastructure layer through the application and include how the application is deployed. With the prevalence of continuous deployment, it’s imperative to focus efforts on what attackers’ view as vulnerable; particularly in an environment where new exploits are being disclosed almost daily. In this session we’ll present: - How known vulnerabilities can make their way into production deployments - How vulnerability impact is maximized - A methodology for ensuring deployment of vulnerable code can be minimized - A methodology to minimize the potential for vulnerable code to be redistributed

Secure application deployment in the age of continuous delivery

Black Duck by Synopsys

DevOps purists may chafe at the DevSecOps term given that security and other important practices are supposed to already be an integral part of routine DevOps workflows. But the reality is that security often gets more lip service than thoughtful and systematic integration into open source software sourcing, development pipelines, and operations processes--in spite of an increasing number of threats. In this session, we’ll look at successful practices that distributed and diverse teams use to iterate rapidly. We’ll discuss how a container platform can serve as the foundation for DevSecOps in your organization. We'll also consider the risk management associated with integrating components from a variety of sources--a consideration that open source software has had to deal with since the beginning. Finally, we'll show ways by which automation and repeatable trusted delivery of code can be built directly into a DevOps pipeline.

DevSecOps: The Open Source Way

Black Duck by Synopsys

Security teams are often seen as roadblocks to rapid development or operations implementations, slowing down production code pushes. As a result, security organizations will likely have to change so they can fully support and facilitate cloud operations. This presentation will explain how DevOps and information security can co-exist through the application of a new approach referred to as DevSecOps.

DevSecOps 101

Narudom Roongsiriwong, CISSP

20220603_pperego_openSUSE conference.pdf

Paolo Perego

As kubernetes matures into the standard de facto Operating System of the Cloud, in addition to a shift in deployment methods such as GitOps and Continuous delivery paradigms - automation of security is one of our main concerns The security policy alignment starts from the CI/CD pipelines, and continues to runtime security solutions. In this talk, we will introduce a few solutions built around kubernetes from the early stages of the CI/CD pipelines through runtime application security models which we are seeing from many companies on the security vertical. Scanning tools [ static ] Runtime [ pro-active, permissive ] Few words about Haggai: Haggai is a DevOps Architect, Group & TechLead at Tikal, for the past 15 years Haggai’s has provided solutions in the domains of Ci/CD, Configuration Management, and Security. And in the past, ~4 years specialized in Kubernetes-based deployment schemes.

Kube Security Shifting left | Scanners & OPA

Haggai Philip Zagury

Building OPNFV as a Platform

OPNFV

Deepfence.pdf

Vishwas N

DevOps is a revolution starting to deliver. The “shift left” security approach is trying to catch up, but challenges remain. We will go over concrete security approaches and real data that overcome these challenges. It takes more than adding “hard to find” security talent to your DevOps team to reach DevSecOps benefits. Our discussion focuses on the practical side and lessons-learned from helping organizations gear up for this paradigm shift.

Outpost24 webinar: Turning DevOps and security into DevSecOps

Outpost24

Zephyr-Overview-20230124.pdf

ibramax

[OPD 2019] Governance as a missing part of IT security architecture

OWASP

In this presentation Stephan will discuss some recent research that emerged he was asked to build malicious applications that bypassed custom security controls. He will walk through some of the basics of reversing malicious apps for android as well as common android malware techniques and methodologies. From the analysis of the wild android malware, he will discuss techniques and functionality to include when penetration testing against 3rd-party android security controls. BIO Stephan Chenette is the Director of Security Research and Development at IOActive where he conducts ongoing research to support internal and external security initiatives within the IOActive Labs. Stephan has been in involved in security research for the last 10 years and has presented at numerous conferences including: Blackhat, CanSecWest, RSA, EkoParty, RECon, AusCERT, ToorCon, SecTor, SOURCE, OWASP, B-Sides and PacSec. His specialty is in writing research tools for both the offensive and defensive front as well as investigating next generation emerging threats. He has released public analyses on various vulnerabilities and malware. Prior to joining IOActive, Stephan was the head security researcher at Websense for 6 years and a security software engineer for 4 years working in research and product development at eEye Digital Security.

2013 Toorcon San Diego Building Custom Android Malware for Penetration Testing

Stephan Chenette

Similar to OPNFV Security Panel (20)

Pragmatic Pipeline Security

SecurifyLabs & Tiki @ Countermeasure 2014

Open Source evaluation: A comprehensive guide on what you are using

DevOps & Security: Here & Now

Dev opsandsecurity owasp

Implementing Secure DevOps on Public Cloud Platforms

DevOps & DevSecOps in Swiss Banking

How to Contribute to Cloud Native Computing Foundation

How to contribute to cloud native computing foundation (CNCF)

Secure application deployment in the age of continuous delivery

DevSecOps: The Open Source Way

DevSecOps 101

20220603_pperego_openSUSE conference.pdf

Kube Security Shifting left | Scanners & OPA

Building OPNFV as a Platform

Deepfence.pdf

Outpost24 webinar: Turning DevOps and security into DevSecOps

Zephyr-Overview-20230124.pdf

[OPD 2019] Governance as a missing part of IT security architecture

2013 Toorcon San Diego Building Custom Android Malware for Penetration Testing

How to Reuse OPNFV Testing Components in Telco Validation Chain

OPNFV

Morgan Richomme, Orange Power consumption is a key driver of NFV. However very few projects deal with this aspect. This session will detail a prototype realized in OPNFV Orange labs aiming to track power consumption during CI operations. We could imagine that, if we generalize the information colelction to the Pharos community, we may get significative figures to establish power consumption profiles and why not try to get even deeper and get applicative profile using statistical tools

Energy Audit aaS with OPNFV

OPNFV

Hands-On Testing: How to Integrate Tests in OPNFV

OPNFV

Yujun Zhang, ZTE Corporation, Mark Beierl, Dell EMC StorPerf uses heat to create VMs with attached cinder volumes. The volumes are used *without* a file system (ie target=/dev/vdb). The FIO workload is run and stats collected every minute. When we get 10 samples in a row that fit within a certain range and slope, we say it is a valid measurement. This avoids false numbers due to Ceph balancing or other warm up. The metrics can be read after job completes, and there is an indicator to state if the volume metrics stabilized or not. Storage QPI will be calculated based on the test results from storperf by QTIP. It aims to be a comparable indicator for storage performance among different platforms.

Storage Performance Indicators - Powered by StorPerf and QTIP

OPNFV

Yujun Zhang, ZTE Corporation, Donald Hunter, Cisco, Trevor Cooper, Intel The testing community created tens of testing projects, hundreds of testing cases, thousands of testing jobs. Huge amount of testing data has been produced. What comes next, then? The testing community puts in place tools and procedures to declare testcases/projects, normalize and upload results. These tools and procedures have been adopted so we now have lots of data covering lots of scenarios, hardware, installers. In this presentation, we shall discuss the stakes and challenges of result post processing. * How analytics can provide valuable inputs to the community, end users or upstream projects. * How can we produce accurate indicators, reports and graphs, focus on interpreting / consuming test results. * How can we get the best of breeds of our result mine?

Big Data for Testing - Heading for Post Process and Analytics

OPNFV

Jose Lausuch, Ericsson, Nikolas Hermanns, Ericsson How can we make sure that new code in OPNFV does not break or stop CI? How can we ensure quick feedback for each patch-set? With the new way to snapshot a virtual deployment it is now possible to get virtual clouds up and running in about 2 min. In addition, through low amount of disk/cpu consumption and isolation of the networking it is possible to have a very high number of virtual deployments co-existing in the same bare-metal server.

Testing, CI Gating & Community Fast Feedback: The Challenge of Integration Pr...

OPNFV

Dan Radez, Red Hat, Tim Rozet, Red Hat The OPNFV ecosystem is made up of projects that need to integrate with each other. Project Apex uses Triple-o under the covers which most people usually need some assistance to integrate with. Come and spend a session with the Apex development team learning the ins and outs of Triple-o. In this session participants will learn about the deployment process that is run when an Apex/Triple-o deployment is executed and how to assign services to nodes and generate networking configurations withing Triple-o to successfully integrate and deploy a new component in OpenStack. Come learn how to untangle the learning curve presented when integrating and using Triple-o and simplify your future development and deployment endeavors with a new found intimate knowledge of the Apex & Triple-o platform.

How Many Ohs? (An Integration Guide to Apex & Triple-o)

OPNFV

Fatih Degirmenci, Ericsson, Yolanda Robla Mota, RedHat, Markos Chandras, SUSE OPNFV has been working with the communities such as OpenStack, OpenDaylight, and fd.io as part of its Cross Community CI (XCI) effort in order to provide means for the developers to work with the latest versions of upstream components, cutting the time it takes to develop new features significantly and testing them on the OPNFV Infrastructure. Apart from developing and testing new features, OPNFV XCI will enable developers to identify bugs earlier, issue fixes faster, and get feedback on a daily basis. This is a prerequisite for OPNFV in its CD & DevOps journey. OPNFV aims to run XCI by reusing what other communities developed such as bifrost and openstack-ansible. While doing this, OPNFV intends to develop, maintain, and evolve OPNFV Infrastructure like how the other OPNFV projects do; upstream first. Whatever missing functionality and issues we identify in the components we use as part of our infrastructure and CI/CD toolchain, we strive to fix them directly upstream. During this session, we will talk about the progress we have made so far, contributions we made to our upstream communities, and share our experiences. We will also highlight the key benefits of XCI for the community in order for developers to utilize the mechanisms, work with OpenStack master to implement new features and fix bugs using the toolchain XCI established.

Being Brave: Deploying OpenStack from Master

OPNFV

Jose Lausuch, Ericsson OPNFV provides different test frameworks which help developers to write new test cases. Those frameworks also borrow and integrate a variety of testing tools from other open source communities (OpenStack, OpenDaylight, Open-O, ...). This session will go through all the tools that have been integrated so far in OPNFV and the cross community collaboration that has already started in Danube time frame.

Upstream Testing Collaboration

OPNFV

Aaron Smith, Red hat, Pasi Vaananen, Red Hat Carrier-Grade Cloud Infrastructure (Aaron Smith, Pasi Vaananen, Red Hat): The move from vertically integrated hardware and software to distributed execution in a cloud complicates the delivery of highly available services. Vertically integrated systems enabled all system layers required to communicate and participate in the support of availability of the service to be under control of single system vendor. With NFV, the cloud philosophy of infrastructure and application decoupling requires new open interfaces to support the necessary flow of information between layers and clear separation of the fault and availability management responsibilities between the infrastructure and application SW subsystems. Even in the cloud environment, traditional availability concepts such as fast detection, correlation, and fault notification still apply. A fast, low-latency fault management platform will be presented that allows cloud-based services to achieve 5NINES of availability and service continuity. Performance measurements from a prototype of the system will be presented along with a demo of the operation of a service requiring 50 ms fault remediation.

Enabling Carrier-Grade Availability Within a Cloud Infrastructure

OPNFV

Ray Paik, Linux Foundation, Serena Feng, ZTE OPNFV launched its Internship program in Q1'2016, and there have been more than 10 interns around the world contributing to different OPNFV activities ranging from cross community CI, documentation, infrastructure, testing, etc. In this talk, there will be an overview of the OPNFV internship program that is different from more traditional internship programs and a discussion on areas for improvement that were identified. A community member who mentored two interns will also share her experience managing interns remotely and her advice for future interns & mentors. Finally, OPNFV interns will give a quick lightening round talk on their internship projects highlighting their contributions to the community. [NOTE: This is designed as a 60-minute session with interns' lightening round talks as 6-8 interns could be attending the OPNFV Summit. Presentations from Serena/Ray is expected to take about 20-25 minutes]

Learnings From the First Year of the OPNFV Internship Program

OPNFV

Juha Kosonen, Nokia, Mika Rautakumpu, Nokia The Open Compute Project (OCP) is a collaborative community focused on redesigning hardware technology to efficiently support the growing demands on compute infrastructure. The designs have been optimized to lower cost of infrastructure and operations e.g. by removing non-essential components, disaggregating rack level solution with common resources, and simplifying server serviceability. OpenStack provides the foundation for the NFVI and MANO components within OPNFV. OPNFV releases Colorado and recent Danube have been successfully integrated to OCP hardware and running smoothly. Also hardware acceleration is supported. The concept itself has gained a lot of interest from mobile operators, some of them are running OPNFV on top of OCP hardware in their test laboratories too. This presentation will introduce how OpenStack, OCP and OPNFV open source projects fits perfectly together.

OPNFV and OCP: Perfect Together

OPNFV

The Return of QTIP, from Brahmaputra to Danube

OPNFV

Fatih Degirmenci, Ericsson, Jack Morgan, Intel The OPNFV community relies on our community labs, CI and testing projects to ensure we release quality code. The current strategies to use hardware resources in OPNFV community labs will not be able to sustain its current growth. New strategies need to be implemented to allow for new OPNFV projects. The presenters will look at the current lab usage model and discuss ways already being worked in OPNFV community labs through the POD descriptor file. In our CI process through Dynamic CI, Cross Community CI and other initiatives. In our testing projects use of hardware resources and its importance in the release process. The presenters will show current tools used to track usage such as the Bitergia dashboard.

Improving POD Usage in Labs, CI and Testing

OPNFV

Zhiqiang Yu, China Mobile, Huabin Tang, China Mobile Open Data Center Committee (ODCC) is co-founded by Baidu, Tencent, Alibaba, China Telecom, China Mobile, Intel, China Academy of Information and Communications Technology (CAICT). It is a non-profit industrial organization, focusing on researching open hardware such as server, data center and open network technologies to meet the growing demand on hardware in Chinese market. Scorpio Multi-node Server is an ODCC project sponsored by China Mobile. It is a 4U size server chassis with 8 compute nodes or 4 storage nodes in maximum. It can also be mixture of different kind of servers, like 4 compute nodes and 2 storage nodes. Compared with traditional ATCA or Blade server, Multi-node Server's advantages include: 1.It is easier and cheaper to extend. 2.It has more choices for compute and storage nodes combination. 3.It is easier to maintain by engineers. 4. Even higher density. 5. 4U is more flexible than 10~14U Blade server. OPNFV develops an integrated and tested open source platform that can be used to build NFV functionality. We are running OPNFV releases Colorado on Scorpio Multi-node smoothly and will try recent Danube on it in China Mobile’s Novonet (Next Generation Network) laboratory. This presentation will introduce how OPNFV and Scorpio Multi-node server fit perfectly together. It's a fully open implementation of open software and open hardware.

Run OPNFV Danube on ODCC Scorpio Multi-node Server - Open Software on Open Ha...

OPNFV

Sridhar Pothuganti, NXP, Trinath Somanchi, NXP Telco operators are on journey to discover what virtualization means for the network. Markets have believed that NFV architecture elements: NFVI and VIM, hold the complete responsibility in providing virtualized networks with carrier grade properties. Telco operators have reached to a conclusion that VNFs must take their fair share of responsibility to realize NFV goals while meeting carrier-grade behavior in the entire NFV architecture. While the trend moves on, Cloud native VNFs are emerging best citizens of the cloud. Thus communication from EMS to VNFM is blurred and eventually may disappear in the future. This requires better understanding of, and agreement over the role of VNFMs and EMS for VNFs. This presentation describes the evolution of Distributed VNF management, Architectural design considerations and Use-case scenarios. The following proposal is based on a comprehensive study on evolving cloud native VNF management.

Distributed vnf management architecture and use-cases

OPNFV

Kentaro Matsumoto, KDDI Corporation, Hyde Sugiyama, Red Hat, Inc As telecom career, we KDDI have been managing thousands of physical servers and run various kinds of workloads. In our operation of such a huge environment, We are frequently required to shut down our servers for maintenance, but it is not easy to negotiate with our tenant users to allow downtime. To make it easier, we are developing the structure called "Zone Migration", using the framework of OpenStack project "Watcher". "Zone Migration" makes it possible to migrate tenants’ workloads from compute nodes and storage devices we want to maintain (source zone) to new blank ones (destination zone) efficiently, automatically, and with minimum downtime. These requirements as follows are realized. -A lot of VMs and volumes should be migrated within a limited time frame -Operations should be automated, but also can be controlled manually -Time and load of migration should be under control so that tenants’ systems will not be affected We are proceeding with the project in cooperation with NEC and Red Hat, and developing this structure on Red Hat OpenStack Platform.

Software-defined migration how to migrate bunch of v-ms and volumes within a...

OPNFV

Sridhar Pothuganti, NXP, Trinath Somanchi, NXP Network security and reliability are the most challenging tasks in any cloud. With NFV and SDN in place, Network Functions are virtualzied and network traffic is managed in separated control and data planes. Thus reducing the operational and capital expenditure. Virtualized Network Functions are tied with Software Defined Networks to boost the power of virtualization. This itself is challenging when Network services and security is a concern. While OpenStack is the best opted solution for IaaS, many service provides are moving towards best solutions to deal with service delivery and security challenges in SDN and NFV integrated OpenStack Cloud. The Presentation outlines the challenges and proposes probable solutions for NFV and SDN integrated OpenStack Cloud.

Securing your nfv and sdn integrated open stack cloud- challenges, use-cases ...

OPNFV

Ulas Kozat, Huawei, Yaoguang Wang, Huawei In the first phase of telco-cloud vision, the physical network functions are targeted for virtualization and became Virtual Network Functions (VNF) decoupled from the specific hardware platform. As we dive into the second phase of the cloud era, the core need is to provide VNF implementations that can take advantage of what cloud has to offer in terms of utility based computing (a.k.a. scaling), availability, data durability, etc. To this end, we have been developing a VNF Performance Modeling framework for automatic characterization of a particular VNF implementation in terms of its cloud-readiness and its bottlenecks towards cloud-readiness. We will present the details of our performance modeling framework and show its utility based on the existing open source VNF implementations. The next frontier of telco-cloud vision is to develop cloud-native network functions and services. Thus, in the last part of our talk, we will cover the future evolution of the framework and discuss the needs, requirements, potential metrics for evaluating the cloud-nativeness of network functions.

My network functions are virtualized, but are they cloud-ready

OPNFV

Shuya Nakama, Okinawa Open Laboratory / NEC Solution Innovators, Eric Chang, Institute for Information Industry, Hideyasu Hayashi, Okinawa Open Laboratory and NEC Solution Innovators, Torii Takashi, NEC Corporation and Okinawa Open Laboratory There are many countries in Asia region those have the motivation to innovate their telecom system and educate new technologies to young engineers. It is important how to encourage and involve these countries to OPNFV communities, and also educate to contribute to open source activities. In these session, we will introduce our trial to the issue. Okinawa Open Laboratories (OOL) in Japan and Institute for Information Industry (III) in Taiwan, have been doing joint research activities in these years about SDN/NFV area, and this year, we have connected each testbed using OPNFV. Over the distributed testbed, we have started our POC of NFV use cases such as vEPC, vCPE etc. We also have communication with several research and academic organization in Asia region, so we would like to connect each country’s testbed and expand our testbed to Asia region. There are many challenges, and we have learned from our experience, so in the session we will share the lessons learned from our trial. That will be good example for the whole community, and help progressing collaboration of global eco system.

Challenge in asia region connecting each testbed and poc of distributed nfv ...

OPNFV

More from OPNFV (20)

How to Reuse OPNFV Testing Components in Telco Validation Chain

Energy Audit aaS with OPNFV

Hands-On Testing: How to Integrate Tests in OPNFV

Storage Performance Indicators - Powered by StorPerf and QTIP

Big Data for Testing - Heading for Post Process and Analytics

Testing, CI Gating & Community Fast Feedback: The Challenge of Integration Pr...

How Many Ohs? (An Integration Guide to Apex & Triple-o)

Being Brave: Deploying OpenStack from Master

Upstream Testing Collaboration

Enabling Carrier-Grade Availability Within a Cloud Infrastructure

Learnings From the First Year of the OPNFV Internship Program

OPNFV and OCP: Perfect Together

The Return of QTIP, from Brahmaputra to Danube

Improving POD Usage in Labs, CI and Testing

Run OPNFV Danube on ODCC Scorpio Multi-node Server - Open Software on Open Ha...

Distributed vnf management architecture and use-cases

Software-defined migration how to migrate bunch of v-ms and volumes within a...

Securing your nfv and sdn integrated open stack cloud- challenges, use-cases ...

My network functions are virtualized, but are they cloud-ready

Challenge in asia region connecting each testbed and poc of distributed nfv ...

Recently uploaded

Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...

kellynguyen01

Unlocking the Future of AI Agents with Large Language Models

aagamshah0812

Foundation models are machine learning models which are easily capable of performing variable tasks on large and huge datasets. FMs have managed to get a lot of attention due to this feature of handling large datasets. It can do text generation, video editing to protein folding and robotics. In case we believe that FMs can help the hospitals and patients in any way, we need to perform some important evaluations, tests to test these assumptions. In this review, we take a walk through Fms and their evaluation regimes assumed clinical value. To clarify on this topic, we reviewed no less than 80 clinical FMs built from the EMR data. We added all the models trained on structured and unstructured data. We are referring to this combination of structured and unstructured EMR data or clinical data.

Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...

harshavardhanraghave

In the realm of real-time applications, Large Language Models (LLMs) have long dominated language-centric tasks, while tools like OpenCV have excelled in the visual domain. However, the future (maybe) lies in the fusion of LLMs and deep learning, giving birth to the revolutionary concept of Large Action Models (LAMs). Imagine a world where AI not only comprehends language but mimics human actions on technology interfaces. For example, the Rabbit r1 device presented at CES 2024, driven by an AI operating system and LAM, brings this vision to life. It executes complex commands, leveraging GUIs with unprecedented ease. In this presentation, join me on a journey as a software engineer tinkering with WebRTC, Janus, and LLM/LAMs. Together, we’ll evaluate the current state of these AI technologies, unraveling the potential they hold for shaping the future of real-time applications.

Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications

Alberto González Trastoy

How To Use Server-Side Rendering with Nuxt.js

Andolasoft Inc

Conference: Engage2024 in Antwerp Type: Workshop Speakers: Florian Vogler, Henning Kunz, Christoph Adler Title: Navigating the Future with The Hitchhiker's Guide to Notes and Domino 14 Abstract: Embark on an exhilarating journey with industry trailblazers Florian Vogler, Henning Kunz, and Christoph Adler in this not-to-be-missed workshop at the forefront of the tech universe. Get ready for a thrilling kick-off as we navigate the current state of the HCL universe, setting the stage for an exploration of the groundbreaking Notes and Domino 14. Discover the latest enhancements and revolutionary features that will redefine your experience. In this interactive session, unlock a treasure trove of tips and tricks to elevate your utilization of version 14, both with and without the game-changing panagenda MarvelClient. Brace yourself for also diving into Nomad, Nomad Web, and VoltMX, expanding your horizons in the expansive HCL landscape. Be a part of this exclusive opportunity to stay ahead in the ever-evolving world of HCL technologies. Your journey to mastering Notes and Domino 14 begins here. And remember, in the spirit of intergalactic exploration, don't forget to bring your towel!

W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...

panagenda

HR Software Buyers Guide in 2024 - HRSoftware.com

Fatema Valibhai

In an era where security concerns are paramount, the integration of artificial intelligence (AI) into CCTV cameras has revolutionized surveillance capabilities. One of the most significant advancements is the ability to achieve real-time threat detection, enabling immediate responses to potential security breaches. This blog explores how AI is reshaping surveillance through real-time threat detection and the implications of this technology.

Optimizing AI for immediate response in Smart CCTV

shikhaohhpro

Investing in AI transformation today The modern business advantage: Uncovering deep insights with AI Organizations around the world have come to recognize AI as the transformative technology that enables them to gain real business advantage. AI’s ability to organize vast quantities of data allows those who implement it to uncover deep business insights, augment human expertise, drive operational efficiency, transform their products, and better serve their customers

Microsoft AI Transformation Partner Playbook.pdf

Willy Marroquin (WillyDevNET)

Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf

kalichargn70th171

Looking for an efficient way to manage your finances? Look no further than our money management app. With easy-to-use features, you can track your expenses, create budgets, and monitor your savings goals all in one place. Our app provides real-time updates on your spending habits and helps you make smarter financial decisions. Take control of your finances today with our user-friendly money management app.

Right Money Management App For Your Financial Goals

Jhone kinadey

👉 𝑾𝑰𝑳𝑳 𝑷𝑹𝑶𝑽𝑰𝑫𝑬 𝒀𝑶𝑼 𝑾𝑰𝑻𝑯 𝑺𝑬𝑿𝒀 𝑴𝑶𝑫𝑬𝑳𝑺 𝑾𝑯𝑶 𝑾𝑰𝑳𝑳 𝑫𝑨𝑵𝑪𝑬 & 𝑫𝑹𝑰𝑵𝑲 𝑾𝑰𝑻𝑯 𝒀𝑶𝑼 𝑨𝑵𝑫 𝑨𝑳𝑺𝑶 𝑷𝑹𝑶𝑽𝑰𝑫𝑬 𝒀𝑶𝑼 𝑺𝑬𝑿𝑼𝑨𝑳 𝑩𝑶𝑫𝒀 𝑻𝑶 𝑩𝑶𝑫𝒀 𝑴𝑨𝑺𝑺𝑨𝑮𝑬 𝑾𝑰𝑻𝑯 𝑺𝑬𝑿. 👉𝒀𝑶𝑼 𝑴𝑨𝒀 𝑻𝑨𝑲𝑬 𝑻𝑯𝑬𝑴 𝑶𝑼𝑻 𝑭𝑶𝑹 𝑨 𝑷𝑨𝑹𝑻𝒀 𝑶𝑹 𝑨𝑳𝑺𝑶 𝑭𝑶𝑹 𝑨𝑵𝒀 𝑷𝑹𝑰𝑽𝑨𝑻𝑬 𝑷𝑨𝑹𝑻𝑰𝑬𝑺. 👉𝑻𝑯𝑬𝑺𝑬 𝑮𝑰𝑹𝑳𝑺 𝑨𝑹𝑬 𝑰𝑵𝑻𝑬𝑹𝑬𝑺𝑻𝑬𝑫 𝑰𝑵 𝑯𝑨𝑽𝑰𝑵𝑮 𝑺𝑶𝑴𝑬 𝑭𝑼𝑵 𝑾𝑰𝑻𝑯 𝒀𝑶𝑼 𝑨𝑵𝑫 𝑾𝑰𝑳𝑳 𝑬𝑵𝑺𝑼𝑹𝑬 𝑻𝑯𝑨𝑻 𝒀𝑶𝑼 𝑯𝑨𝑽𝑬 𝑪𝑶𝑴𝑷𝑳𝑬𝑻𝑬 𝑭𝑼𝑵. 28/April/2024 {{🎗️SCH🎗️}} 8923113531 How to book call girls The Booking process is particularly time-saving and more comfortable for us. Below mentioned are the steps you need to follow to hire our call girl: Step 1 - Visit our Call Girls Service website Step 2 - check for the portfolios of our sexy and hot call girls Step 3 - check on the services provided by the specific call girls Step 4 - Once you have selected the call girls and respective services, go to the contact us page. Step 5 - on the contact page, you will get our phone number, WhatsApp number, and email address. You can choose any one of them to connect with us. Call Us – 8923113531 ✣ ✤ ✥ ✦ 𝑻𝑰𝑴𝑬 𝑾𝑨𝑺𝑻𝑬𝑹𝑺 𝑨𝑵𝑫 𝑩𝑨𝑹𝑮𝑨𝑰𝑵𝑬𝑹𝑺 𝑨𝑹𝑬 𝑷𝑳𝑬𝑨𝑺𝑬 𝑬𝑿𝑪𝑼𝑺𝑬, 𝑾𝑬 𝑹𝑬𝑺𝑷𝑬𝑪𝑻 𝒀𝑶𝑼𝑹 𝑺𝑨𝑭𝑬𝑻𝒀 𝑨𝑵𝑫 𝑷𝑹𝑰𝑽𝑨𝑪𝒀 𝑨𝑵𝑫 𝑬𝑿𝑷𝑬𝑪𝑻 𝑻𝑯𝑬 𝑺𝑨𝑴𝑬 𝑭𝑹𝑶𝑴 𝒀𝑶𝑼.✣ ✤ ✥ ✦ Duration Normal Girls Housewives High-Profile Models (Celebrities) 1 Shot ₹ 8,000 ₹ 10,000 ₹ 15,000 2 Shots ₹ 15,000 ₹ 15,000 ₹ 25,000 Full Day ₹ 35,000 ₹ 35,000 ₹ 40,000 Full Night ₹ 40,000 ₹ 40,000 ₹ 50,000 Weekend ₹ 45,000 ₹ 45,000 ₹ 50,000 Party Nights ₹ 50,000 ₹ 50,000 ₹ 60,000

CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️

anilsa9823

Diamond Application Development Crafting Solutions with Precision

SolGuruz

Document contains steps to getting ups and running quickly with MyTimeClock Employee Scheduling and Time Keeping Cloud Software as a Service Solution, Web version. Try MyTimeClock or any of our other software packages risk-free by registering for a FREE ACCOUNT at https://register.myintellisource.com/. If you would like more information about our company or its software, follow us on Facebook, Instagram, LinkedIn, Twitter, or YouTube, visit our home page at https://www.myintellisource.com/, or send us an email at cs@myintellisource.com. Take care and have a great day.

Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...

MyIntelliSource, Inc.

Data spaces in distributed environments should be allowed to evolve in agile ways providing data space owners with large flexibility about which data they store. Agility and heterogeneity, however, jeopardize data exchanges because representations may build on varying ontologies and data consumers may not rely on the semantic correctness of their queries in the context of semantically heterogeneous, evolving data spaces. Graph data spaces are one example of a powerful model for representing and querying data whose semantics may change over time. To assert and enforce conditions on individual graph data spaces, shape languages (e.g SHACL) have been developed. We investigate the question of how querying and programming can be guarded by reasoning over SHACL constraints in a distributed setting and we sketch a picture of how a future landscape based on semantically heterogeneous data spaces might look like.

Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...

Steffen Staab

CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service

anilsa9823

A great deal of attention in medical devices has shifted towards cybersecurity with the ratification of section 524B of the FD&C act. This new law enables the FDA to enforce cybersecurity controls in any medical device that is capable of networked communications or that has software. In this webinar we will recap the process for managing vulnerabilities, identify categories of vulnerabilities and solutions and more.

The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...

ICS

Test automation is a cornerstone of software development and quality assurance in today's rapidly evolving digital landscape. Its significance cannot be overstated. Businesses can enhance efficiency, productivity, and accelerate software delivery to market through automation, streamlining testing processes effectively. This comprehensive guide addresses the best practices for test automation in 2024. It offers a detailed checklist to empower you to optimize your automation efforts and maintain a competitive edge.

The Ultimate Test Automation Guide_ Best Practices and Tips.pdf

kalichargn70th171

How To Troubleshoot Collaboration Apps for the Modern Connected Worker

ThousandEyes

Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live Booking Contact Details :- WhatsApp Chat :- [+91-9999965857 ] The Best Call Girls Delhi At Your Service Russian Call Girls Delhi Doing anything intimate with can be a wonderful way to unwind from life's stresses, while having some fun. These girls specialize in providing sexual pleasure that will satisfy your fetishes; from tease and seduce their clients to keeping it all confidential - these services are also available both install and outcall, making them great additions for parties or business events alike. Their expert sex skills include deep penetration, oral sex, cum eating and cum eating - always respecting your wishes as part of the experience (29-April-2024(PSS)

Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live

Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure

Recently uploaded (20)