Matt Torrisi Customer Success Operations Data Connectors: Is Your Online Security Intelligent?

Slides:



Advertisements
Similar presentations
Working at a Small-Medium Business or ISP
Advertisements

African Wholesale Traffic Aggregation Opportunities 2010 and beyond.. HKG Co-Lo Conference - October 2010.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
Advanced Topics of WAN Compiled from Previous ISQS 6341 Project November 2003.
By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.
Analysis of BGP Routing Tables
Bgpmon real-time collection and distribution of BGP updates Dave Matthews, Yan Chen, Dan Massey Department of Computer Science Colorado State University.
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Exterior Gateway Protocols: EGP, BGP-4, CIDR Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.
Living in a Network-Centric World
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Inbound Statistics Slides Attract. 1 Blogging There are 31% more bloggers today than there were three years ago 46% of people read blogs more than once.
Inter-domain Routing Outline Border Gateway Protocol.
1 The Geography and Governance of Internet Addresses Paul Wilson APNIC.
How the Internet Works Acknowledgment and Disclaimer: This presentation is supported in part by the National Science Foundation under Grant Any.
Peering, network sharing, interconnects Eckart Zollner September 2014.
Comparing modem and other technologies
Chapter 22 Network Layer: Delivery, Forwarding, and Routing
Chapter 4. After completion of this chapter, you should be able to: Explain “what is the Internet? And how we connect to the Internet using an ISP. Explain.
1 Internet Society Creating an Enabling Environment for the Internet: Role of IXPs ENOG 8 – 9 September 2014, Baku Maarit Palovirta, European Regional.
Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.
RIPE64 Enum Working Group DE-CIX NGN Services.
Impact of Prefix Hijacking on Payments of Providers Pradeep Bangera and Sergey Gorinsky Institute IMDEA Networks, Madrid, Spain Developing the Science.
Copyright © 2002 Pearson Education, Inc. Slide 3-1 CHAPTER 3 Created by, David Zolzer, Northwestern State University—Louisiana The Internet and World Wide.
Future of Africa’s iGDP Protect. Connect. Grow.. Is Africa still a significant market? Africa is the 2nd largest continent, in both size and population.
A View from the Stoep: Tracking the evolution of local hosting in ZA and beyond Joe Abley, Director of Architecture Jim Cowie, Chief Scientist iWeek 2015.
1 The Research on Analyzing Time- Series Data and Anomaly Detection in Internet Flow Yoshiaki HARADA Graduate School of Information Science and Electrical.
Definitions What is a network? A series of interconnected computers, linked together either via cabling or wirelessly. Often linked via a central server.
© Copyright 2007 Arbinet-thexchange, Inc. All Rights Reserved. VoIP Peering Pilot Using the Internet2 Backbone.
ValueAd Inc. AdXpress ® Enterprise Ad Serving platform.
NETWORKING COMPONENTS AN OVERVIEW OF COMMONLY USED HARDWARE Christopher Johnson LTEC 4550.
An Overview of Peering; Benefits of Peering Andrew Ogilvie Managing Director, Xtraordinary Networks Ltd
David Wetherall Professor of Computer Science & Engineering Introduction to Computer Networks Hierarchical Routing (§5.2.6)
BCNET Conference April 29, 2009 Andree Toonk BGPmon.net Prefix hijacking! Do you know who's routing your network? Andree Toonk
9-1 Chapter 9 The Internet.
Border Gateway Protocol (BGP) W.lilakiatsakun. BGP Basics (1) BGP is the protocol which is used to make core routing decisions on the Internet It involves.
CS 447 Networks and Data Communication Department of Computer Science Southern Illinois University Edwardsville Fall, 2015 Dr. Hiroshi Fujinoki
1 Overview Remember, we are just beginning to herd the cats. Much of this will become clearer LATER! The more we learn, the more all of this will come.
1 Lecture # 21 Evolution of Internet. 2 Circuit switching network This allows the communication circuits to be shared among users. E.g. Telephone exchange.
Peering Concepts and Definitions Terminology and Related Jargon.
T. S. Eugene Ngeugeneng at cs.rice.edu Rice University1 COMP/ELEC 429/556 Introduction to Computer Networks Inter-domain routing Some slides used with.
NETWORKING COMPONENTS Buddy Steele Assignment 3, Part 1 CECS-5460: Summer 2014.
1 Mean Time to Innocence Your Dashboards are Green – but your end users are still complaining. Now What? Phil Stanhope October 2015.
CS 4396 Computer Networks Lab BGP. Inter-AS routing in the Internet: (BGP)
1 Mean Time to Innocence Your Dashboards are Green – but your end users are still complaining. Now What? Phil Stanhope October 2015.
Networks. Ethernet  Invented by Dr. Robert Metcalfe in 1970 at Xerox Palo Alto Research Center  Allows group of computers to communicate in a Local.
UNIT 2 LESSON 4 CS PRINCIPLES. OBJECTIVES Students will be able to: Describe the redundancy of routing between two points on the Internet. Send messages.
CSE 592 INTERNET CENSORSHIP (FALL 2015) LECTURE 16 PHILLIPA GILL - STONY BROOK U.
Securing BGP Bruce Maggs. BGP Primer AT&T /8 Sprint /16 CMU /16 bmm.pc.cs.cmu.edu Autonomous System Number Prefix.
1 Border Gateway Protocol (BGP) and BGP Security Jeff Gribschaw Sai Thwin ECE 4112 Final Project April 28, 2005.
Topic 6, Lesson 3: The Internet Computer Communications and Networking.
Securing BGP Bruce Maggs. BGP Primer AT&T /8 Sprint /16 CMU /16 bmm.pc.cs.cmu.edu Autonomous System Number Prefix.
Inter-domain Routing Outline Border Gateway Protocol.
Assignment # 3 Networking Components By: Jeff Long.
Cyber security: Lithuanian National Regulatory Authority expertise in monitoring national networks resilience Dr. Rytis Rainys | rrt.lt at TAIEX Multi-beneficiary.
NT1210 Introduction to Networking
Dissecting Significant Outages from 2014 Valerio Plessi CCIE R&S Customer Success Engineer
How LinkedIn used TCP Anycast to make the site faster Ritesh Maheshwari Shawn Zandi.
One Hop for RPKI, One Giant Leap for BGP Security Yossi Gilad (Hebrew University) Joint work with Avichai Cohen (Hebrew University), Amir Herzberg (Bar.
CSE 561 Computer Networking Introduction. CSE 320 Internet Applications (2011) Internet Users 3.2B users worldwide 1.32 B in Asia Web 976 m – Number of.
Improving Resilience and Performance in Light of Recent Internet Outages Troy Whitney – Manager, Solutions Engineering.
Is Your Online Security Intelligent?
Net 323 D: Networks Protocols
Net 323 D: Networks Protocols
CS222 Web Programming Course Outline
Is Your Online Security Intelligent? Internet Performance Management
Content Delivery: Extending to the Edge through the IX
Computer communications
The real-time Internet routing observatory
AS15169.
Presentation transcript:

Matt Torrisi Customer Success Operations Data Connectors: Is Your Online Security Intelligent?

SCENARIOS THAT MATTER TO YOU THE INTERNET, IN 60 SECONDS… ish

Application Security

Network Security

Is that the whole picture? 7

Reachability Availability 8 Is that the whole picture?

Scenario 1 Traffic between two floors of the same office building in Singapore takes over 350ms round trip, traveling via San Jose, California Scenario 2 Traffic from Western Europe to the US takes around 70ms round trip, traveling via Iceland’s incumbent provider Is either scenario unusual? Source: Dyn

Scenario 1 – TYPICAL NTT won’t peer with Tinet in Singapore; Tinet must drag traffic to San Jose to hand it off to NTT, who drags it home again to Singapore. Scenario 2 – UNUSUAL Iceland’s Siminn hijacked routes of major firms for weeks and passed the traffic along. In general, traffic never flows via Iceland (cost, geo). Is either scenario unusual? Source: Dyn

Scenario 1 Latency for traffic from the American Southwest to a major travel website suddenly doubles, traveling through Atlanta on Destination to Denver. Scenario 2 Traffic from Montevideo, Uruguay to AWS Brazil takes around 290 ms round trip, traveling through Miami. Is either scenario unusual? Source: Dyn 1 2

Is either scenario unusual? Source: Dyn 1 2 Scenario 1- TYPICAL While adding a data center in Denver to join Atlanta, the same ISP was used, despite only allowing peering Atlanta. Traffic will still peer there, before being dragged to the new DC in Denver. New Peering provider likely needed. Scenario 2- VERY TYPICAL Despite being only 2000 km from São Paulo, traffic on Telstar will pass through Miami, then Dallas(!?), before reaching Brazil. Welcome to South America. Actually...

Scenario 1 Latencies to Google’s public DNS servers increase dramatically from S. America Scenario 2 Latencies to a Microsoft network (hosting important domains) decrease momentarily from E. Europe Source: Dyn Research Is either scenario

Scenario 1 – UNUSUAL Google departs Brazil for unexplained reasons. DNS queries answered from California. No route hijacking involved. (See our 10/30 blog post) Scenario 2 – UNUSUAL (MALICIOUS!) Microsoft network (more specific of routed prefix) is hijacked, misdirection limited to immediate vicinity. Not Man-in-the-Middle! Traces terminated at the hijacker. Source: Dyn Is either scenario unusual?

THE INTERNET: IT’S NOT THE HIGHWAY

IT’S NOT YOUR CIRCULATORY THE INTERNET:

IT’S NOT A TELEPHONE THE INTERNET:

IT’S A HUMAN THE INTERNET:

● Internet exchange points can form around critical landing sites, if local conditions are right. 1. Submarine Cables Tie Continents Together 19

● Connecting landing point and exchange point cities ● Arbitraging differences in Internet pricing ● Creating diversity that can survive local cable breaks 2. Fiber Networks to IXPs 20

● Internet service providers of all sizes compete to serve consumer interest, interconnecting in small and medium-sized regional hub cities 3. Regional & Local Internet 21

●Delivery of bits from city-level infrastructure to local offices and consumers 4. The Last Mile 22

3,000 OUTAGES/DAY ACROSS THE GLOBAL INTERNET WITH EFFECTS THAT CAN LAST FOR HOURS Source: Dyn Research SECURITY AFFECTS YOUR

Source: Dyn Research 500,000 DOMAINS ACROSS 1,500 NETWORKS SERVING 150 CITIES WERE AFFECTED BY ROUTING HIJACKS IN 2014 DNS

HIJACKS Hijacks Raised when a prefix you Originate is announced by a different Origin AS Hijacked Sub-prefix Raised when you are monitoring a prefix and a more specific prefix within that range is announced by a different Origin

ANATOMY OF A HIJACK Normal YouTube announced through a /22 block /22 Pakistan govt attempted to block an ‘offensive’ video Pakistan Telecom implemented this by announcing a more specific /24 prefix Propagated globally and redirected all YouTube users to Pakistan Telecom /24 Source: Dyn

HIJACK PT. II: GOING NUCLEAR March 2015: Vega (AS 12883) starts announcing British Telecom prefixes. Initially, 14 prefixes, later 167 prefixes including UK’s Atomic Weapons Establishment (AWE) Traceroutes confirm traffic heads into Ukraine through Vega, but still reaches it’s destination at AWE via BT Source: Dyn

WHAT IS BGP? Routing Protocol BGP = Border Gateway Protocol Properties ubiquitous: the de facto internet standard distributed: no centralized coordination trust-based: routers believe what they learn gossipy: share information

BGP IDENTIFIES

Destination “X” Dyn Edge Core AS PATH & DATA

Destination “X” Dyn Edge Core AS PATH & DATA ALERTING Destination “X”

ACTIVE MANAGEMENT Results of an active monitoring of BGP. Real-time global routing table from over 500 sessions 160+ sending traceroutes to over 1.5 million targets daily 6 billion data-points daily Line-of-site to 98% of the entire global Internet “It’s good to see this great data being exposed for operational purposes. — The internet is so critical for for almost every business today.” – Gartner (Jonah Kowall, VP).

@mikelsteadman DYN INTERNET

THROUGH MEASUREMENT, YOU ARE IN

NOTES ON HIJACKS Real Hijacks are rare False positives occur more often Usually prefixes with different Originating ASes Examples: Salesforce owns ExactTarget Verisign owns multiple ASes Only the Network Operator can really know what they expect. But... Are you sure you know ALL your prefixes and

YOUR MOVE 5 Critical Internet Intelligence Questions Where is my audience (geography & key ISP’s)? How do ISP’s bring my brand to market? How do we identify external attacks on our brand (domain)? How do we monitor and analyze the performance of the internet? Who oversees our ability to watch, control, and optimize our Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, control, and optimize online infrastructure for an exceptional end-user experience. We have a world-class network and unrivaled, objective intelligence into Internet conditions.

THE GOOD NEWS The Internet is a service delivery medium, like any other. It can be measured and managed to meet your critical business goals. Dyn delivers the global measurement infrastructure and interactive tools to help your global business succeed and Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, control, and optimize online infrastructure for an exceptional end-user experience. We have a world-class network and unrivaled, objective intelligence into Internet conditions.

THANK YOU!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.