Hello DNS gurus!
Just a quick update from the DNS TAPIR project before summer holidays:
* DNS TAPIR is moving forward
During the spring we have built a new core platform, running on Kubernetes infrastructure. This cloud-based platform scales much better than our previous test servers. We have done a lot of infrastructure work to get this up and running, including the realtime analysis platform.
* Linux packaging
The DNS TAPIR Edge platform is now packaged for ease of installation and we are expanding to multiple Linux distributions - starting with RHEL.
* The TAPIR Core analysis platform
The core platform consists of two major parts, one that manages the data flows to the various edge installations and stores it for analysis and one part that is the heart of DNS TAPIR - the analysis platform. During the spring we presented more details about the analysis platform that is beginning to take shape. We will produce micro analytics components that run continuously on the realtime data flows received. In addition, live data will be available for our team to work with, creating and testing new algorithms, looking for new attack patterns and events that come up.
We hope to create a video of our presentation of the architecture soon and publish on YouTube.
* TAPIR Edge improvements
We have worked hard to package and make our edge components easy to install, configure and manage. The security services, the RPZ management and the query log management and filtering now works well and we’re continously improving them based on feedback from our own tests. The TAPIR Edge Policy Processor (POP) is a hidden gem, that we’re going to talk more about in the fall. It not only manage the communication from the DNS TAPIR Core, but also manage and merge various sources of data into one set of RPZ zones in a new way, based on years of experience of operating DNS servers. If you want to take a look today, find it in our github repository https://github.com/dnstapir .
* Privacy report
An external company has analysed our methods to protect the privacy of DNS users to make sure that the data flows from the DNS TAPIR EDGE installations does not contain any personal information. The conclusion was clear: DNS TAPIR Core will not contain any personal data collected in the edge. We can provide this report on request.
To learn more about the DNS TAPIR platform, please visit www.dnstapir.se <http://www.dnstapir.se/>. Please don’t hesitate to contact us - info(a)dnstapir.se <mailto:info@dnstapir.se> will put you in contact with the team.
May your name servers run without interruption so you get a great summer!
Best regards,
The DNS TAPIR team
/Olle
DNS TAPIR is a Swedish project supported by Internetstiftelsen, Netnod and SUNET/Vetenskapsrådet. The first part of the work was funded by PTS.SE.
