+-------------------------------------+
| README.cesnet - Warden Client 1.0.0 |
| CESNET Specifics                    |
+-------------------------------------+

Content

 A. Overall Information
 B. Registration
 C. Configuration
 D. Testing
 E. Authors of this document

--------------------------------------------------------------------------------
A. Overall Information

 1. About CESNET Warden Server

    Warden is a client-based architecture service designed to share detected
    security issues (events) among CSIRT and CERT teams in a simple and fast way.

    CESNET offers Warden server for security events exchange within its networks.

 2. Version

    1.0.0 (2011-11-16)

--------------------------------------------------------------------------------
B. Registration

    Client attempting to communicate with CESNET Warden server must be
    registered. Registration is currently provided by Tomas Plesnik at
    address plesnik@ics.muni.cz and following information is needed:

    * For sender client:
      - hostname of the machine, where client runs,
      - name of the detection service (for example 'ScanDetector'),
      - client type = sender,
      - description tags of sent events (more at 
        https://homeproj.cesnet.cz/projects/warden/wiki/Typy_udalosti), 
      - CIDR from which client will communicate with Warden server.

    * For receiver client:
      - hostname of the machine, where client runs,
      - client type = receiver,
      - type of requested events (for example 'portscan', more at
        https://homeproj.cesnet.cz/projects/warden/wiki/Typy_udalosti),
      - receiving of sent events from my organization = yes/no (organizations
        are separated based on the top-level and second-level domain),
      - CIDR from which client will communicate with Warden server.

    Clients need to have valid certificate to prove their identity to the
    Warden server. For CESNET network, 'server' type certificate from Terena
    Certificate Service (provided by Comodo) is needed. Hostname of the
    machine must correspond with certificate subject, Alternative Name
    extension is not supported. Administrator of Warden client must be
    entitled to obtain this certificate. CESNET TCS request service 
    interface resides at

      https://tcs.cesnet.cz/

--------------------------------------------------------------------------------
C. Configuration

    CESNET Warden server resides at URI 'https://warden.cesnet.cz:443/Warden'.  

--------------------------------------------------------------------------------       
D. Testing

    For testing purposes of sender clients, event type 'test' can be used.
    These events will end up in server database, but will not be taken
    further into consideration.

--------------------------------------------------------------------------------
E. Authors of this document

    Pavel Kacha     <ph@cesnet.cz>
    Jan Soukal      <soukal@ics.muni.cz>

Copyright (C) 2011 Cesnet z.s.p.o