May 8-11, 2017

Event Details

FWaaS v2: A New Beginning

The Firewall as a Service (FWaaS) team has been busy over the last couple of cycles coming up with an alternate model to the existing API (from Havana) to make it more usable based on feedback from a number of quarters. The FWaaS v2 API enables users to apply collections of firewall rules as a policy on a neutron port (both Layer3 & VM). Further, we can selectively apply different policies for ingress and egress traffic.

Security is needed at multiple levels and to protect against attacks originating internally, which prompts a need to support richer Security abstractions at the VM interface as well. At this point in the network, with the presence of Security Groups, the implementation takes care to exist as an additional layer over the Security Group API to provided additional enhancements.

Details of the API, along with the detailed use cases and a demo will be presented. A Roadmap of features for the Pike release and onwards and discussions for user feedback will also be covered.


What can I expect to learn?

The attendees will get familiar with the FWaaS v2 API. The use cases can help users see how they can  deploy it in their own cloud environments. We would also like this to be a forum to connect with (potential) users to get their feedback and help drive priorities for the roadmap and the Pike release specifically.

Tuesday, May 9, 3:40pm-4:20pm
Difficulty Level: Beginner
Sridar Kandaswamy is a Technical Leader in the Openstack team at Cisco Systems Inc. In his past life, he used to work on Switching & L4 - L7 services (the physical kind). In the community, he has been working with FWaaS in OpenStack as a core contributor.   FULL PROFILE
Yushiro FURUKAWA Senior Software Engineer, Fujitsu Limited. He has been working in Neutron and Neutron-FWaaS(Firewall as a Service) since Kilo development cycle and core reviewer of neutron-fwaas, networking-fujitsu(Fujitsu's mechanism driver for Neutron ML2 plugin) and python-scciclient(Fujitsu's baremetal plugin).  In Queens cycle, he has developed packet logging feature for Neutron... FULL PROFILE
Juniper Networks India Pvt Ltd