Security incident handling (CSIRT)

The CESNET-CERTS team solves and coordinates the solving of security incidents within the CESNET2 network. CSIRT ensures methodological support in handling security incidents and addressing emergencies to security staff of the connected members’ networks; administers and provides a number of security services; and organises awareness-raising events.

The activities of the team include:

  • Handling and coordination of the handling of security incidents within the CESNET e-infrastructure;
  • Collation, assessment and distribution of information about security incidents;
    • SSERV, ORR, UCEPROT, N6, X2 and X4 systems and other non-public sources.
  • Based on information available and upon agreement with the participant:
    • Interventions into the network infrastructure in cooperation with CESNET NOC,
    • Monitoring in cooperation with CESNET’s Service Desk.
  • Administration and operation of the following systems:
    • IntrusionDetectionSystem (IDS);
    • Honeypot;
    • Warden;
    • Mentat.

CESNET-CERTS is the first CSIRT in the Czech Republic. At the same time, CESNET established the CSIRT.CZ the management of which was subsequently assigned to the CZ.NIC association (fulfils the role of the Czech national CSIRT).

Key benefits

  • CESNET-CERTS is the official security team of the CESNET Association;
  • CESNET-CERTS been accredited by TrustedIntroducer;
  • Offers other comprehensive services in the field of security.

Target audience

The service is available to entities connected to the CESNET e-infrastructure.

Fee

The service is available free of any additional charge to the entities connected to the CESNET e-infrastructure.

Launch

The service is automatically provided to all connected entities.

The participants are obliged to handle the security incidents occurred in collaboration with the CESNET-CERTS team. In accordance with the RFC 2142 memorandum, the Participant should create and maintain the abuse@“participant’s domain” e-mail address to receive complaints about security incidents. The mail received is subsequently distributed to all staff members dealing with the security of the participant’s network.

Related services

Last change: 23.5.2017