Open Stack

Hello, Neutron developers.

My name is Mario and I am a Masters student in Networking and Security.

I am considering the possibility of integrating IDS technology to Neutron
as part of my Masters project.
As there are many flavors of open ID[P]S out there and those might follow
different philosophies, my approach would be developing a Neutron plugin
that might cover IDS integration as a service and also a driver (or more,
depending on time constraints) to cover the specifics of an IDS. Following
the nature of Neutron and OpenStack projects these drivers would be
developed for Free and Open Software IDSs and the plugin would be as
vendor-agnostic as possible. In order to achieve that the plugin would have
to deal with the need for logging and alerting.

The time window I have for the development of this project goes from
February to the end of June and I would be able to allocate around 5h a
week to it.

Now, I would like to know your opinion on this idea, given that you know
the project inside out and you are the ones making it happen day after day.
Do you think there is usefulness on bringing that functionality inside the
Neutron project (as a plugin)? I'd prefer do something that contributes to
it rather than a one-shot piece of software that will be stored on a shelf.

I'd like to know if you think that what I am proposing is possible in terms
of time and features or if it seems to be just the delusion of an ignorant.
Do you think the component should also have the capability to change
security-related policies, like load-balancing and firewall rules as to
react to identified threats?

I would appreciate any insight you could give me about this idea, or any
other I could help with instead.

Thank you for your attention,

Mario
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150116/2db8f738/attachment.html>