|
Routing security is vital to the future and stability of the Internet, but it’s under constant threat. Mutually Agreed Norms for Routing Security (MANRS) is a global initiative, driven by the networking community and supported by the Internet Society, aiming to reduce the most common threats to the Internet’s routing system through technical and collaborative action. As the effort gets traction and more awareness, we, as the MANRS community, need to ensure its transparency and credibility. This is why we’ve launched a free online tool so that MANRS participants can see how they’re doing, and what they can improve, while anyone can see the health of the Internet routing at a glance. The MANRS Observatory measures networks’ adherence to MANRS—their “MANRS readiness”—a key indicator of the state of routing security and resiliency of the Internet.
Here is what the MANRS Observatory is in a nutshell:
The Observatory has two views: public, open to everyone, and private, available to MANRS participants. The public view user can look at the routing security metrics and statistics on a global, regional, and economic level, while MANRS participants can see performance of individual networks (of more than 64,000!) and even drill down to a detailed monthly incident report for the networks they operate.
The metrics and statistics to measure MANRS readiness are calculated by tracking the number of incidents and networks involved, their anti-spoofing capabilities, and completeness of routing information in public repositories, such as IRRs and RPKI. This data is gathered from trusted third-party sources. (For more information on how MANRS readiness is measured, read “Measurement Framework”) The Observatory was developed jointly with the MANRS community but still has to pass the test of real-life usage and validation by MANRS participants.
One of the main objectives of the Observatory was to report on cases of MANRS non-compliance, and it provides reliable information on that. However, measuring network security from the outside is difficult, and even with highly-reputed data sources, there are sometimes false positives or false negatives (an incident that went unnoticed by the data collection systems). To put it into context, in 2018 alone, there were more than 12,000 routing outages or attacks, such as hijacking, leaks, and spoofing. We’re working with our partners to improve the quality of incident data continuously.
While MANRS is seeing steady adoption—worldwide, there are now over 200 network operators and more than 30 IXPs supporting our initiative—we need more networks to implement the actions and more customers to demand routing security best practices. The more organizations apply MANRS actions, and the fewer security and related incidents happen, the more secure and resilient the Internet will be!
Explore the MANRS Observatory.
A slightly edited version of this article was published here in the Internet Society’s blog.
Sponsored byVerisign
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byRadix
Sponsored byIPv4.Global
Sponsored byCSC
Sponsored byWhoisXML API