Www.internetsociety.org How can we work together to improve security and resilience of the global routing system? Andrei Robachevsky.

Slides:



Advertisements
Similar presentations
The role of networks in the process of immigrant integration NIKOS STATHOPOULOS, NIKOS STATHOPOULOS, DIRECTOR, G&D SOCIAL LAB LTD Integration programs.
Advertisements

Embedding Public Engagement Sophie Duncan and Paul Manners National Co-ordinating Centre for Public Engagement Funded by the UK Funding Councils, Research.
INTERNATIONAL UNION FOR CONSERVATION OF NATURE. 2 Implemented in 12 countries of Africa, Asia, Latin America and the Middle East, through IUCN regional.
Your Technology Is Connected. Are You? Your technology doesn’t exist in a vacuum. Welcome to the networked and interconnected technology ecosystem where.
OpenStand and Collaborative Communities For innovation, solutions and market growth Kantara Initiative 3 June 2014 Summit Karen McCabe Senior Director,
1 Attracting and Retaining Human Capital David Lofquist, HR Director for Russia, ExxonMobil.
Dr. Julian Lo Consulting Director ITIL v3 Expert
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
Mini Introduction to BGP Michalis Faloutsos. What Is BGP?  Border Gateway Protocol BGP-4  The de-facto interdomain routing protocol  BGP enables policy.
Transition of U.S. Commerce Department’s National Telecommunications and Information Administration (NTIA) Stewardship of the IANA Functions to the Global.
APNIC eLearning: Intro to RPKI 10 December :30 PM AEST Brisbane (UTC+10)
Final Exam Part 1. Internet Regulation Internet regulation according to internet society states that it is about restricting or controlling certain pieces.
WHAT IS ISO 9000.
Scaling IXPs Scalable Infrastructure Workshop. Objectives  To explain scaling options within the IXP  To introduce the Internet Routing Registry at.
Connecting Classrooms Online. What is Connecting Classrooms Online?  Connecting Classrooms Online (CCO) provides a single, over-arching framework for.
AN INVITATION TO LEAD: United Way Partnerships Discussion of a New Way to Work Together. October 2012.
UN GLOBAL COMPACT for NGOs
1 Consultative Meeting on “Promoting more effective partnership between INGOs and other CSOs” building on Oxfam’s “Future Roles of INGO in Cambodia”, 24.
Session Chair: Peter Doorn Director, Data Archiving and Networked Services (DANS), The Netherlands.
THE ROAD TO OPEN ACCESS A guide to the implementation of the Berlin Declaration Frederick J. Friend OSI Open Access Advocate JISC Consultant Honorary Director.
ICANN COMMUNITY STRATEGIC PLANNING DISCUSSION Brussels, June
Jessica Lavoie CSC 101 November 27, Societal Topics Weeks 7 and 8 Internet Regulation Internet regulation is restricting or controlling access to.
Committed to Connecting the World International Telecommunication Union Presentation Brief about ICTs Applications activities Telecommunication Development.
An Expansionary Approach towards the IPv6 Address Allocation Model Prof Dr Sureswaran Ramadass Director, NAv6. APRICOT 2010.
Building a More Trusted and Secure Internet RIPE 70, May
What is GEO? launched in response to calls for action by the 2002 World Summit on Sustainable Development, Earth Observation Summits, and by the G8 (Group.
CSC 104 December 13,2012. Internet Regulation: States that it is about restricting or controlling certain pieces of information. This consisting of censorship.
EPA Geospatial Segment United States Environmental Protection Agency Office of Environmental Information Enterprise Architecture Program Segment Architecture.
Best Current Operational Practices – Efforts from the Internet Society Deploy360 – Internet Society.
Technology for Social Justice Enhancing community sector service delivery Stefanie Kechayas – Senior Consultant 17 November 2015 SharePoint Connect and.
Delivering the solution together: Leading by example
Digital Ecosystems Re-tuning the user requirements after 3 years Digital Ecosystems Re-tuning the user requirements after 3 years Towards Business Cases.
Unit-5 Introduction to IS/ISO 9004:2000 – quality management systems – guidelines for performance improvements. Presented by N.Vigneshwari.
A S I A P A C I F I C N E T W O R K I N F O R M A T I O N C E N T R E Emerging Registry Criteria ASO General Assembly Budapest, 19 May 2000.
From World IPv6 Day to World IPv6 Launch: This time it’s for real Andrei Robachevsky
Economies of Scale: A National Network of Quitlines Suzy McDonald, Program Consultant, Tobacco Control Programme, Health Canada.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 Course Introduction.
Common Core Parenting: Best Practice Strategies to Support Student Success Core Components: Successful Models Patty Bunker National Director Parenting.
A BCOP document: Implementing MANRS Job Snijders (NTT) Andrei Robachevsky (ISOC)
19-20 October 2010 IT Directors’ Group meeting 1 Item 6 of the agenda ISA programme Pascal JACQUES Unit B2 - Methodology/Research Local Informatics Security.
Stakeholders Meeting February 18, Welcome!
1 Internet Society Collaborative Security & MANRS ENOG 10 – 14 October 2015, Odessa Maarit Palovirta
FROM PRINCIPLE TO PRACTICE: Implementing the Principles for Digital Development Perspectives and Recommendations from the Practitioner Community.
[COMPANY NAME] UN GLOBAL COMPACT: A PROPOSAL. OVERVIEW The United Nations Global Compact is a set of 10 principles for business conduct which deal with.
Achieving system change for well-being through HIA Health Impact Assessment International Conference 10th October 2008, Liverpool Jude Stansfield, Public.
Egerton University, Njoro 28 th April, 2009 OER Africa An introduction.
IPv6 Adoption Status and Scheduling for Sustainable Development 24 July 2012 Nate Davis Chief Operating Officer, ARIN.
EUB Brazil: IoT Pilots HORIZON 2020 WP EUB Brazil: IoT Pilots DG CONNECT European Commission.
Table of contents Foundation for support of reforms in Ukraine. Initiation……………………….3 Structure of the Foundation …………………………………………………………4 Areas of Activities …………………………………………………….5.
Ian Bird GDB Meeting CERN 9 September 2003
Internet Routing Health Measurement Bar BoF
Why the Multistakeholder Approach Works
COLLABORATIVE SECURITY An approach to tackling Internet
Internet Interconnection
Director, Broadband Infrastructure Office
Working together to improve routing security for all
MANRS IXP Partnership Programme
Measuring routing (in)security
Propuestas Concepción 2018
MANRS for IXPs Why we did it? What did we do?
COS 561: Advanced Computer Networks
HealthFitness: Expanding Markets; Expanding Opportunities
Improving global routing security and resilience
FIRST How can MANRS actions prevent incidents .
2017 IEEE President-Elect Candidate
MANRS Implementation Guides
Amreesh Phokeer Research Manager AfPIF-10, Mauritius
WMO Global Campus: Open Educational Practice in Action
Validating MANRS of a network
Presentation transcript:

How can we work together to improve security and resilience of the global routing system? Andrei Robachevsky

Routing Resilience Manifesto, aka MANRS

The Internet Society Mutually Agreed Norms for Routing Security (MANRS) 3 MANRS builds a visible community of security-minded operators  Promotes culture of collaborative responsibility Defines four concrete actions that network operators should implement  Technology-neutral baseline for global adoption

The Internet Society Good MANRS 1.Filtering – Prevent propagation of incorrect routing information. 2.Anti-spoofing – Prevent traffic with spoofed source IP addresses. 3.Coordination – Facilitate global operational communication and coordination between network operators. 4.Global Validation – Facilitate validation of routing information on a global scale. 4

The Internet Society 1. Filtering Prevent propagation of incorrect routing information Network operator defines a clear routing policy and implements a system that ensures correctness of their own announcements and announcements from their customers to adjacent networks with prefix and AS-path granularity. Network operator is able to communicate to their adjacent networks which announcements are correct. Network operator applies due diligence when checking the correctness of their customer’s announcements, specifically that the customer legitimately holds the ASN and the address space it announces. 5

The Internet Society 2. Anti-Spoofing Prevent traffic with spoofed source IP address Network operator implements a system that enables source address validation for at least single-homed stub customer networks, their own end-users and infrastructure. Network operator implements anti-spoofing filtering to prevent packets with an incorrect source IP address from entering and leaving the network. 6

The Internet Society 3. Coordination Facilitate global operational communication and coordination between the network operators Network operators should maintain globally accessible up- to-date contact information. 7

The Internet Society 4. Global Validation Facilitate validation of routing information on a global scale. Network operator has publicly documented routing policy, ASNs and prefixes that are intended to be advertised to external parties. 8

The Internet Society MANRS is not (only) a document – it is a commitment 1)The company supports the Principles and implements at least one of the Actions for the majority of its infrastructure. 2)The company becomes a Participant of MANRS, helping to maintain and improve the document and to promote MANRS objectives 9

The Internet Society Public launch of the initiative - 6 November

The Internet Society A growing list of participants 11

The Internet Society Current Activities Expanding the group of participants Looking for industry leaders in the region Building a community around MANRS A trusted mailing list, possible other activities Developing better guidance Tailored to MANRS In collaboration with existing efforts, like BCOP 12

The Internet Society Are you interested in participating? 13 Anti-SpoofingFilteringCoordinationGlobal scale

The Internet Society I suspect some of you are asking yourself 14 My company has always taken security seriously, we’ve implemented many of the Actions and much more long time ago… - Why joining MANRS now? What difference will it make?

The Internet Society Is any of these a good reason? 15 Because routing security is a sum of all contributions Because this is a way to demonstrate a new baseline Because a community has gravity that can attract others

The Internet Society Is your local operational community interested in this tool? 16 Relatively small communityx with a common operational objective MANRS as a reference point MANRS as a platform you can build related activities

The Internet Society 17 What the participants say

The Internet Society 18 We believe the security, stability, and resiliency of the Internet operation can be improved via distributed and shared responsibilities as documented in MANRS. As one of the largest academic networks in the world, CERNET is committed to the MANRS actions. Xing Li, Deputy Director, CERNET Adherence to MANRS is an important commitment that operators make back to the Internet community. Together we aim to remove the havens from which miscreants maintain the freedom and anonymity to attack our network and our customers. David Freedman, Claranet Group Comcast is committed to helping drive improvements to the reliability of the Internet ecosystem. We are thrilled to be engaged with other infrastructure participants across the spectrum and around the globe in pursuit of these goals. Jason Livingood, Vice President, Internet Services, Comcast Cogent supports the efforts championed by the MANRS document. The issues being promoted need practical, effective improvements to support the continued growth and reliance on the Internet. Hank Kilmer, Cogent Workonline implements the recommendations contained in the MANRS document by default. By publicly stating the measures that we take to ensure the robustness of our network, we hope to encourage our customers and peers to do the same. Ben Maddison, Director - Network Operations & Strategy, Workonline Communications (Pty) Ltd As one of the most connected Internet providers in the world, security of the Internet is top- of-mind at Level 3 Communications. The Internet is a shared responsibility, and only through these important collaborative efforts can we continue to ensure the protection of this collective infrastructure. Dale Drew, Senior Vice President, Chief Security Officer at Level 3 Communications. We believe that the objectives and scope match our beliefs and our behaviour, and that by signing up, we may help encourage others to do so. Ian Dickinson, Network Architect, Sky Zayo is interested and desires to be more active in promoting global routing security; the MANRS document is in our (and my) opinion a really good initial level of recommendations. I think that the more participation in MANRS, the safer our routing ecosystem. And a safer routing system is good for all of us! Robert Hagens, VP, IP Architecture, Zayo Good network routing practice is the fundamental requirement for trust between providers, and ultimately creates a safer and stronger internet for customers. KPN is committed to providing secure and trustworthy communications, and by joining partners in MANRS, we continue to improve security and resiliency for all. Jaya Baloo, Chief Information Security Officer, KPN We believe in the value of coordination and shared responsibility to have a more secure Internet infrastructure. We strongly agree with the principles, the scope and the actions written in the Routing Resilience Manifesto. Gianfranco Delli Carri, IT.Gate S.p.A. We feel every effort to enhance security in the Internet is worthwhile and therefore support this initiative. Jan Boogman, Swisscom Ltd. We, at AS59715, believe that global cooperation should be a prerequisite to run an Autonomous System and MANRS is the right place to make it happen. Antonio Prado, Chief Technology Officer, SBTAP

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.