Alessandro Paolini (EGI) (Chair) Matthew Viljoen (EGI) Baptiste Grenier (EGI) Renato Santana (EGI) Adrian Coveney (UKRI) Cǎtǎlin Condurache (EGI) David Cohen (NGI_IL) Dragoş Ciobanu-Zabet (IFIN-HH) Gianfranco Sciacca (LHEP) Ionuţ Vasile (NGI_RO) Linda Cornwall (UKRI) Maarten Litmaath (CERN) Matthew Steven Doidge (UKRI) Oxana Smirnova (LU) Pavel Weber (KIT) Sven Gabriel (NIKHEF) Intro (Alessandro) Plan for the new helpdesk (Pavel) Maarten said too much shouldn't be read into these diagrams; the details are subject to change, there are ongoing monthly meetings covering the details of this work Matt suggested establishing an early testing activity, reaching out to the community / compiling a list of people interested in becoming early adopters with the new helpdesk? Pavel said that this is a good proposal and can be done Maarten confirmed that early next year the new helpdesk will be available for workflows that have been certified - this can be used for opening tickets/ having them handled by SUs Alessandro said that documentation is an important aspect - we will ensure that proper docs are ready to be used, when testing the new helpdesk in production. Pavel agreed but warned the danger of relying on just documentation - we also need to proactively train people and not just point to documentation. Workshops, online training and webinars. Renato said that there is a culture change from the old to the new system which shouldn't be underestimated. Matt asked about the status of alarm tickets? - Pavel said this is an enhancement of team tickets - it has been considered and will be implemented. Maarten said the functionality is straightforward - for CERN this means creating SNOW ticket and sending updates, the opening of a ticket a copy is sent to an email list;this is supported under Zammad. Sven asked if this new helpdesk could be used for security communications? Pavel said that they are open to this - the security team are welcome to test the new system and provide feedback. Sven said that confidentiality concerns means that a separate instance may be needed. Pavel said this is already the case in the EOSC helpdesk. Matt added that the security team can become early adopters for this new system and see what it can do for them, Security Report (Sven) Sven confirmed that affected VOs are made aware of security incidents. A GDB slot has been proposed for the next meeting to discuss some of the topics surrounding this. Sven is yet to hear confirmation that this will be on the agenda. On the question of general observation finding sites not meeting expectations and violating policies (e.g. need to have logging/traceability) Matt suggested having self/peer-to-peer/external auditing in place, which is something that is being considered for the future for EGI infrastructure (the possibility of such audits is likely to be added into the next EGI Core Service OLAs) Sven noted that Baptiste has come up with checklist/best-practice for sites to cover important aspects: https://confluence.egi.eu/display/EGIBG/Server+management+guidelines Oxana said that VOs are the proper channels to propagate such a checklist - units and others outside EU will only listen to VOs. New template for the vulnerabilities advisory (Linda) Matt/Maarten thinks that recording who reported a vulnerability is important to record as part of the web, maybe less important for the email notification. All present were happy with the proposed new template.