Keeping state election infrastructure safe: How Cloudflare and local IXP connectivity helped a small country in Europe Authors: Vladislav Bidikov.

Slides:

Advertisements

Similar presentations

Review for Vocabulary Section 3 Quiz. What is the amount of data that can be sent in a certain amount of time? What is the amount of data that can be.

Advertisements

Mohamed Hefeeda 1 School of Computing Science Simon Fraser University, Canada ISP-Friendly Peer Matching without ISP Collaboration Mohamed Hefeeda (Joint.

Content Delivery Networks. History Early 1990s sees 100% growth in internet traffic per year 1994 o Netscape forms and releases their first browser.

The LON-CAPA Resource Sharing Network Gerd Kortemeyer Michigan State University.

Google App Engine and Java Application: Clustering Internet search results for a person Aleksandar Kartelj Faculty of Mathematics,

DNS: Domain Name System Mark Ciocco Chris Janik Networks Class Presentation Tuesday April 18, 2000 To insert your company logo on this slide From the Insert.

Evolved from ARPANET (Advanced Research Projects Agency of the U.S. Department of Defense) Was the first operational packet-switching network Began.

ARIN on the Road – Halifax

For more notes and topics visit:

Internet. 1.Someone creates a website 2.They load it to a web server computer 3.We must have an Internet connection 4.We can see the websites on a browser.

Optimal course of IXP development – NIX.CZ Tomáš Maršálek NIX.CZ, Director of Association , Apricot2009.

Using fb group to support postgraduates: a case study of DSG Anita Adnan ICT Consultant Trainer / Online Instructor Megabase Training & Consultancy

What kind of technical infrastructure would be required? Team 4 I.T.

Introduction1-1 Data Communications and Computer Networks Chapter 1 CS 3830 Lecture 1 Omar Meqdadi Department of Computer Science and Software Engineering.

LINX update to EIX John Souter, Agenda 1.New staff 2.Improvements to monitoring & set-up 3.Move to new optical platform 4.Move to VPLS architecture.

RONOG2 - INTRODUCTION INTERLAN & THE OPERATORS’ COMMUNITY.

Vladislav Bidikov, FCSE, UKIM, Macedonia, Improving Macedonia internet connectivity with RIPE Atlas How a Idea could become reality...

1 TCS Confidential. 2 Objective : In this session we will be able to learn:  What is Cloud Computing?  Characteristics  Cloud Flavors  Cloud Deployment.

Euro-IX Update RIPE65 - Amsterdam Bijal Sanghani

Euro-IX Update NIX-meeting February 4th What do we do? 2 Forums per year Maintaining the Website, database and tools Mailing Lists Newsletter –

THE INTERNET AND THE WORLD WIDE WEB. INTERNET INTERNET - short term for interconnected networks, is a global network of computers tied together to share.

Internet Someone creates a website 2.They load it to a web server computer 3.We must have an Internet connection 4.We can see the websites.

CLOUD COMPUTING When it's smarter to rent than to buy.. Presented by D.Datta Sai Babu 4 th Information Technology Tenali Engineering College.

IPv6 Matrix Project - Page 1 IPv6 Matrix Project Tracking IPv6 connectivity Worldwide Dr. Olivier MJ.

What is Cloud Computing 1. Cloud computing is a service that helps you to perform the tasks over the Internet. The users can access resources as they.

DOMAIN NAME SYSTEM By Gazain Naeem. Domain Name System is the hierarchical computer system which is connected to the internet. It works like a telephone.

AfriNIC’s Vision is spearheading Internet technology and policy development in the African Region. AfriNIC Update Manila, APNIC-27.

GIS IN THE CLOUD Cloud computing furnishes scalable GIS technology that is maintained off premises and delivered on demand as services via the Internet.

KSK Rollover Update David Conrad, CTO ICANN 59 – ccNSO Members Meeting

Web Programming Language

A. Cookie B. Google Earth C. Cache D. ISP E. Netiquette F. Phishing

Introduction to Windows Server 2008

Software defined networking: Experimental research on QoS

Vietnam Research and Education Network (vinaREN)

KSK Rollover Update David Conrad, CTO ICANN 59 – GAC 29 June 2017.

A Survey of Data Center Network Architectures By Obasuyi Edokpolor

Measuring IXP Interconnectivity

Network Operating System Lab

Cloud computing-The Future Technologies

A Study of Wireless Virtual Network Computing

XMPP messaging in a peer to peer manner Instructed by:

1. Public Network - Each Rackspace Cloud Server has two networks

Unit 5: Providing Network Services

Montenegro Internet eXchange Point (MIXP) – a success story

Partnership of Governments, Businesses and Civil Society: the ICANN example in coordinating resources and policy making Dr. Olivier MJ Crépin-Leblond

Rachel Akisada & Melanie Kingsley

DoS - DNS Attacks A famous DNS attack was a DDoS "ping" attack. The attackers broke into machines on the Internet (popularly called "zombies") and.

2018 New Microsoft Exam Dumps Killtest

Servicenumber.org/internet-explorer. Resolve Issue Internet Explorer.

Evolved from ARPANET (Advanced Research Projects Agency of the U.S. Department of Defense) Was the first operational packet-switching network Began.

Chapter 1 - Introduction to Computers and the Internet

CS222 Web Programming Course Outline

Video for Instruction Overview

Serbian Open Exchange Seven years from the beginning

1 Introduction to the Internet.

IPv6 Implementation Challenges in Iran

RECAP ( ) Jörg Domaschka

The vulnerability of the modern society

Cloud Web Filtering Platform

A worldwide system of interconnected computer networks.

IXP.mk – University neutral IXP initiative

By Abdoulie Sowe SIXP Administrator

Computer Networks Primary, Secondary and Root Servers

Copenhagen, Denmak Bijal Sanghani

Internet eXchange Point Database Netnod Meeting– 2018

Internet Exchange.

Assoc. Prof. Hussam Elbehiery

HOW DO I CONTACT GMAIL BY PHONE IN USA

QuickBooks Error H202 - Fix QuickBooks issues

Presentation transcript:

Keeping state election infrastructure safe: How Cloudflare and local IXP connectivity helped a small country in Europe Authors: Vladislav Bidikov

About me Programmer by heart 7 years ago was asked to be part of the Computer center on the Faculty for Computer Science and Engineering (FCSE) Experience in networking for 10+ years Started exploring the RIPE Atlas project years ago – RIPE Atlas Ambassador Created IXP.mk last year (July 2018) as the first IXP in Macedonia

The problem Initial idea started before RIPE SEE4 (Belgrade 2015) Previous idea the “famous” MATRIX project – dead in the water for years. The faculty has good cooperation with major ISP December 2016 – FCSE starts the project “Research platform (testbed) for high availability internet connections”, - multy year project for cooperation and research of possible ways to improve connectivity to between major ISP and University networks December 2016 – First meeting with help from RIPE/ISOC for getting key players on board 2017 – Work on the initiative 2018 – IXP momentum emerges and IXP.mk is officially born

Initial ideas for the Election Info system Use IXP.mk to allow almost unlimited bandwidth for Macedonian ISPs (minimal connectivity is 1G per ISP) which will feed info into the Election system (Try to) Use Cloudflare for “international” access via a special dedicated link (initial link was 300Mbit and service was not stable) Virtualize all servers

Cloudflare steps in We contacted Cloudflare since they have project “Athenian” which allows election comities to use the service for free Although the service was designed for USA – we got on boarded in less than 24h We started to experiment and saw problem we need to resolve in the Election Information system with the vendor producing the system

Redesign of the Election Information system Application was monolithic – One Application server and One Database server; Cloudflare caching was useless since the whole HTML needed to be rebuild every 5 minutes Application was split info modular architecture – with dynamic data as JSON file per electoral region (around 4000 JSON files)

Results

Results

Results

Results

Results (closure of polling booths)

Conclusion Election system was online 100% Input od result data was going over the IXP so it was independent of ISP uplink and ISP connectivity All DDOS attacks where stopped by Cloudflare and the link never went over 100 Mbit Trust into the Election system

Future work Get more ISP to come to IXP.mk Get CDN into IXP.mk (Google? Facebook? Akamai? Others?) Get root dns server instances IXP.mk is ready – we have new Quanta switches (thanks ISOC) we have 10G and 40G optics (thanks Flexoptix) we are running Ixpmanager 5.3.0 (updated over the weekend) 

vladislav.bidikov@finki.ukim.mk @bidikov Connect with us – http://ixp.mk vladislav.bidikov@finki.ukim.mk @bidikov