SlideShare a Scribd company logo

How Internet Peering Improves Security

Download as PPTX, PDF
William Norton
William Norton

This brief discussion talk brings forth and supports the thesis that Internet Peering improves network security.

Technology
1 of 21
Peering Improves Security William B. Norton Chief Strategy Officer, IIX Executive Director, DrPeering International wbn@iixPeering.net wbn@DrPeering.net US Telecom Webinar Live from Silicon Valley October 30, 2013 10AM PST
Meet the Presenter • Started working on Internet (NSFNET) in 1988 • 1st “Chairman” of North American Network Operator Group (NANOG) (19941998) • 1998-2008 Co-Founder & Chief Technical Liaison, Equinix Inc. (NSDQ: EQIX) • 2008-Present - Executive Director, DrPeering Int’l • Two-day On-Site Peering Workshops (EU/Africa) • The 2013 Internet Peering Playbook • 2013 Chief Strategy Officer, International Agenda…
Agenda • Introduction: What you need to know about Peering for this talk • Thesis: How Peering Improves Security 1. Less vulnerable to DDOS side affects 2. Fewer network elements make peering less vulnerable 3. Security response and recovery time are improved with peers • Discussion: Q&A What you need to know…
Section I: Introduction WHAT YOU NEED TO KNOW ABOUT PEERING
Internet Transit Service Model • 99.9% of all • Announce Reachability • Metered Service • Simple • “Internet This Way” 5 95th percentile measurement
• • • • 95th Percentile Billing Calculation 5 minute samples Month of deltas 95th percentile Max(in,out) 6 Transit Prices Drop
Internet Price Declines (U.S.) • • • • “Can’t go lower” “No one is making $” Pricing varies widely Trend unmistakable 7 Internet Peering…
What is Internet Peering? • Definition: Internet Peering is the business relationship whereby two companies reciprocally provide access to each others’ customers. 8
Internet Peering 3 Key Points 1. Peering is not a transitive relationship 2. Peering is not a perfect substitute 3. Peering is typically settlement free 9
The Top 5 Motivations to Peer 1. Lower Transit Costs (#1 ISP Motivation to Peer) 2. Improve end user experience (#1 Content Motivation) 3. Better control over routing-strategic (Yahoo!, NetFlix 2008) 4. Usage based billing – make more money by peering (AboveNet) 5. Sell more underlying transport capacity (Telecom Italia) NEW 6. Peering Improves Security! 10
Section II: Thesis HOW PEERING IMPROVES SECURITY: 3 TENETS
On the Commodity Internet T $ $ P C B T A D $ T E B $ T F $ T G Traffic traverses potentially many networks before reaching its destination intermingled
All traffic in the Commodity Internet is intermingled T $ $ P C D B $ T B E $ T T A F $ T G Which works fine when there is plenty of interconnection Bandwidth, networks have plenty of Memory, CPU, etc. Aggregation Efficiency are great. Works fine until
But when there are DDOS attacks… T $ $ P C $ D T B E B $ T T A X F $ T G …anywhere along the transit path, Packet loss, latency, poor performance. Result: DOS: AG Unable to establish a secure channel. Spot events…
But when there are Spot Events… T $ $ P C $ D T B E B $ T T A X F Note: Not just DDOS Spot Events (MS Update, Oprah interview, etc.) $ T G …anywhere along the transit path, Packet loss, latency, poor performance. Result: DOS: AG Unable to establish a secure channel. Peering bypass
1) Peering Bypasses the Commodity Internet T $ $ P C D $ T B E B $ T T X A “Important Traffic is Peered” – Andreas Sturm (DE-CIX) 1) By making specific traffic Immune from the side affects of DDOS, Peering Improves Security F $ T G Peering Point (IXP) 2nd: vulnerability
Commodity Internet has many points of vulnerability Networks can be hijacked T $ $ P C B D $ T B E $ T T A No visibility to upstream compromises May be in protected IDC or On the top of a telephone pole F Interconnects can be tapped, mirrored, redirected, captured $ T G Peering bypass
2) Peering Reduces the network vulnerability Networks can be hijacked T $ $ P C D $ T B E B $ T T A F Interconnects can be tapped, mirrored, redirected, captured For the subset of peered traffic. Hardened building Better Visibility, peers should notice disruption. Peering Improves Security $ T G Peering Point (IXP)
3) Peering Improves Recovery Time Networks can be hijacked T $ $ P C D $ T B E B $ T T A F Interconnects can be tapped, mirrored, redirected, captured Practical Matter – peers exchange Contact Info, NOC #’s, network maps, Escalation procedures, cell phone #’s You met the personfaster resolution times. $ T G Peering Point (IXP)
Peering Improves Security 1. Internet Transit intermingles traffic – Vulnerable to DDOS side affect – Peering bypasses the “wild wild west commodity Internet” 2. Internet Transit more points of vulnerability – Interconnects and networks along the path – Peering involves fewer network elements between content and eyeballs 3. Security response is faster with peers – Upstream NOCs won’t take your call
Thank you for your time! Email me ! Talk about (agree/disagree) the thesis “Peering Improves Security” How peering might help your situation wbn@iixPeering.net

Recommended

The Death of Transit and Beyond
The Death of Transit and BeyondThe Death of Transit and Beyond
The Death of Transit and BeyondAPNIC
 
ION Malta - Seeweb Thoughts on IPv6 Transition
ION Malta - Seeweb Thoughts on IPv6 TransitionION Malta - Seeweb Thoughts on IPv6 Transition
ION Malta - Seeweb Thoughts on IPv6 TransitionDeploy360 Programme (Internet Society)
 
Zero Touch 5G Slicing Infrastructure Management | Thủy Đặng, Trinh Nguyen
Zero Touch 5G Slicing Infrastructure Management | Thủy Đặng, Trinh NguyenZero Touch 5G Slicing Infrastructure Management | Thủy Đặng, Trinh Nguyen
Zero Touch 5G Slicing Infrastructure Management | Thủy Đặng, Trinh NguyenVietnam Open Infrastructure User Group
 
ION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandDeploy360 Programme (Internet Society)
 
Ciena - the journey to the adaptive network
Ciena - the journey to the adaptive networkCiena - the journey to the adaptive network
Ciena - the journey to the adaptive networkJisc
 
ION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSECION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSECDeploy360 Programme (Internet Society)
 
Michael Enescu - Cloud + IoT at IEEE
Michael Enescu - Cloud + IoT at IEEEMichael Enescu - Cloud + IoT at IEEE
Michael Enescu - Cloud + IoT at IEEEMichael Enescu
 
ION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSDeploy360 Programme (Internet Society)
 

Recommended

The Death of Transit and Beyond
The Death of Transit and BeyondThe Death of Transit and Beyond
The Death of Transit and BeyondAPNIC
 
ION Malta - Seeweb Thoughts on IPv6 Transition
ION Malta - Seeweb Thoughts on IPv6 TransitionION Malta - Seeweb Thoughts on IPv6 Transition
ION Malta - Seeweb Thoughts on IPv6 TransitionDeploy360 Programme (Internet Society)
 
Zero Touch 5G Slicing Infrastructure Management | Thủy Đặng, Trinh Nguyen
Zero Touch 5G Slicing Infrastructure Management | Thủy Đặng, Trinh NguyenZero Touch 5G Slicing Infrastructure Management | Thủy Đặng, Trinh Nguyen
Zero Touch 5G Slicing Infrastructure Management | Thủy Đặng, Trinh NguyenVietnam Open Infrastructure User Group
 
ION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandDeploy360 Programme (Internet Society)
 
Ciena - the journey to the adaptive network
Ciena - the journey to the adaptive networkCiena - the journey to the adaptive network
Ciena - the journey to the adaptive networkJisc
 
ION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSECION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSECDeploy360 Programme (Internet Society)
 
Michael Enescu - Cloud + IoT at IEEE
Michael Enescu - Cloud + IoT at IEEEMichael Enescu - Cloud + IoT at IEEE
Michael Enescu - Cloud + IoT at IEEEMichael Enescu
 
ION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSDeploy360 Programme (Internet Society)
 
Hyperscalable Unified IoT Platform - Janko Isidorovic - Codemotion Amsterdam ...
Hyperscalable Unified IoT Platform - Janko Isidorovic - Codemotion Amsterdam ...Hyperscalable Unified IoT Platform - Janko Isidorovic - Codemotion Amsterdam ...
Hyperscalable Unified IoT Platform - Janko Isidorovic - Codemotion Amsterdam ...Codemotion
 
ION Malta - MANRS Introduction
ION Malta - MANRS IntroductionION Malta - MANRS Introduction
ION Malta - MANRS IntroductionDeploy360 Programme (Internet Society)
 
Future wireless - open roaming
Future wireless - open roamingFuture wireless - open roaming
Future wireless - open roamingJisc
 
Protecting your Peering Edge
Protecting your Peering EdgeProtecting your Peering Edge
Protecting your Peering EdgeInternet Society
 
Web rtc for iot, edge computing use cases
Web rtc for iot, edge computing use casesWeb rtc for iot, edge computing use cases
Web rtc for iot, edge computing use casesNTT Communications Technology Development
 
09 the global-internet-peering-ecosystem
09 the global-internet-peering-ecosystem 09 the global-internet-peering-ecosystem
09 the global-internet-peering-ecosystem William Norton
 
Internet peering, graphics only
Internet peering, graphics onlyInternet peering, graphics only
Internet peering, graphics onlyBrough Turner
 
Building the Internet of Things
Building the Internet of ThingsBuilding the Internet of Things
Building the Internet of ThingsAngelo Corsaro
 
Readying the campus for the internet of things (io t) - Networkshop44
Readying the campus for the internet of things (io t) - Networkshop44Readying the campus for the internet of things (io t) - Networkshop44
Readying the campus for the internet of things (io t) - Networkshop44Jisc
 
Understanding Remote Peering - Connecting to the Core of the Internet
Understanding Remote Peering - Connecting to the Core of the InternetUnderstanding Remote Peering - Connecting to the Core of the Internet
Understanding Remote Peering - Connecting to the Core of the InternetWilliam Norton
 
Fog Computing and the Internet of Things
Fog Computing and the Internet of ThingsFog Computing and the Internet of Things
Fog Computing and the Internet of ThingsS.Mostafa Sayyedi
 
ION Malta - IETF Update
ION Malta - IETF UpdateION Malta - IETF Update
ION Malta - IETF UpdateDeploy360 Programme (Internet Society)
 
5G and IoT Security
5G and IoT Security5G and IoT Security
5G and IoT SecurityNUS-ISS
 
It's More than Cloud - Digital Disruption - your business model is under thre...
It's More than Cloud - Digital Disruption - your business model is under thre...It's More than Cloud - Digital Disruption - your business model is under thre...
It's More than Cloud - Digital Disruption - your business model is under thre...David Terrar
 
Fog computing provide security to data in cloud ppt
Fog computing provide security to data in cloud pptFog computing provide security to data in cloud ppt
Fog computing provide security to data in cloud pptpriyanka reddy
 
Live, Work, Play with Intelligent Robots
Live, Work, Play with Intelligent RobotsLive, Work, Play with Intelligent Robots
Live, Work, Play with Intelligent RobotsNUS-ISS
 
Mind Your MANRS: Improving the Security and Resilience of the Global Routing ...
Mind Your MANRS: Improving the Security and Resilience of the Global Routing ...Mind Your MANRS: Improving the Security and Resilience of the Global Routing ...
Mind Your MANRS: Improving the Security and Resilience of the Global Routing ...Internet Society
 
"How overlay networks can make public clouds your global WAN" from LASCON 2013
"How overlay networks can make public clouds your global WAN" from LASCON 2013"How overlay networks can make public clouds your global WAN" from LASCON 2013
"How overlay networks can make public clouds your global WAN" from LASCON 2013Ryan Koop
 
Fog computing
Fog computingFog computing
Fog computingParmeshwar Wahatule
 
ION Malta - Opening Slides
ION Malta - Opening SlidesION Malta - Opening Slides
ION Malta - Opening SlidesDeploy360 Programme (Internet Society)
 
13.1 internet exchange-point-playbook
13.1 internet exchange-point-playbook13.1 internet exchange-point-playbook
13.1 internet exchange-point-playbookWilliam Norton
 
15.1 transition create-peering-strategy
15.1 transition create-peering-strategy15.1 transition create-peering-strategy
15.1 transition create-peering-strategyWilliam Norton
 

More Related Content

What's hot

Hyperscalable Unified IoT Platform - Janko Isidorovic - Codemotion Amsterdam ...
Hyperscalable Unified IoT Platform - Janko Isidorovic - Codemotion Amsterdam ...Hyperscalable Unified IoT Platform - Janko Isidorovic - Codemotion Amsterdam ...
Hyperscalable Unified IoT Platform - Janko Isidorovic - Codemotion Amsterdam ...Codemotion
 
Future wireless - open roaming
Future wireless - open roamingFuture wireless - open roaming
Future wireless - open roamingJisc
 
Protecting your Peering Edge
Protecting your Peering EdgeProtecting your Peering Edge
Protecting your Peering EdgeInternet Society
 
09 the global-internet-peering-ecosystem
09 the global-internet-peering-ecosystem 09 the global-internet-peering-ecosystem
09 the global-internet-peering-ecosystem William Norton
 
Internet peering, graphics only
Internet peering, graphics onlyInternet peering, graphics only
Internet peering, graphics onlyBrough Turner
 
Building the Internet of Things
Building the Internet of ThingsBuilding the Internet of Things
Building the Internet of ThingsAngelo Corsaro
 
Readying the campus for the internet of things (io t) - Networkshop44
Readying the campus for the internet of things (io t) - Networkshop44Readying the campus for the internet of things (io t) - Networkshop44
Readying the campus for the internet of things (io t) - Networkshop44Jisc
 
Understanding Remote Peering - Connecting to the Core of the Internet
Understanding Remote Peering - Connecting to the Core of the InternetUnderstanding Remote Peering - Connecting to the Core of the Internet
Understanding Remote Peering - Connecting to the Core of the InternetWilliam Norton
 
Fog Computing and the Internet of Things
Fog Computing and the Internet of ThingsFog Computing and the Internet of Things
Fog Computing and the Internet of ThingsS.Mostafa Sayyedi
 
5G and IoT Security
5G and IoT Security5G and IoT Security
5G and IoT SecurityNUS-ISS
 
It's More than Cloud - Digital Disruption - your business model is under thre...
It's More than Cloud - Digital Disruption - your business model is under thre...It's More than Cloud - Digital Disruption - your business model is under thre...
It's More than Cloud - Digital Disruption - your business model is under thre...David Terrar
 
Fog computing provide security to data in cloud ppt
Fog computing provide security to data in cloud pptFog computing provide security to data in cloud ppt
Fog computing provide security to data in cloud pptpriyanka reddy
 
Live, Work, Play with Intelligent Robots
Live, Work, Play with Intelligent RobotsLive, Work, Play with Intelligent Robots
Live, Work, Play with Intelligent RobotsNUS-ISS
 
Mind Your MANRS: Improving the Security and Resilience of the Global Routing ...
Mind Your MANRS: Improving the Security and Resilience of the Global Routing ...Mind Your MANRS: Improving the Security and Resilience of the Global Routing ...
Mind Your MANRS: Improving the Security and Resilience of the Global Routing ...Internet Society
 
"How overlay networks can make public clouds your global WAN" from LASCON 2013
"How overlay networks can make public clouds your global WAN" from LASCON 2013"How overlay networks can make public clouds your global WAN" from LASCON 2013
"How overlay networks can make public clouds your global WAN" from LASCON 2013Ryan Koop
 

What's hot (20)

Hyperscalable Unified IoT Platform - Janko Isidorovic - Codemotion Amsterdam ...
Hyperscalable Unified IoT Platform - Janko Isidorovic - Codemotion Amsterdam ...Hyperscalable Unified IoT Platform - Janko Isidorovic - Codemotion Amsterdam ...
Hyperscalable Unified IoT Platform - Janko Isidorovic - Codemotion Amsterdam ...
 
ION Malta - MANRS Introduction
ION Malta - MANRS IntroductionION Malta - MANRS Introduction
ION Malta - MANRS Introduction
 
Future wireless - open roaming
Future wireless - open roamingFuture wireless - open roaming
Future wireless - open roaming
 
Protecting your Peering Edge
Protecting your Peering EdgeProtecting your Peering Edge
Protecting your Peering Edge
 
Web rtc for iot, edge computing use cases
Web rtc for iot, edge computing use casesWeb rtc for iot, edge computing use cases
Web rtc for iot, edge computing use cases
 
09 the global-internet-peering-ecosystem
09 the global-internet-peering-ecosystem 09 the global-internet-peering-ecosystem
09 the global-internet-peering-ecosystem
 
Internet peering, graphics only
Internet peering, graphics onlyInternet peering, graphics only
Internet peering, graphics only
 
Building the Internet of Things
Building the Internet of ThingsBuilding the Internet of Things
Building the Internet of Things
 
Readying the campus for the internet of things (io t) - Networkshop44
Readying the campus for the internet of things (io t) - Networkshop44Readying the campus for the internet of things (io t) - Networkshop44
Readying the campus for the internet of things (io t) - Networkshop44
 
Understanding Remote Peering - Connecting to the Core of the Internet
Understanding Remote Peering - Connecting to the Core of the InternetUnderstanding Remote Peering - Connecting to the Core of the Internet
Understanding Remote Peering - Connecting to the Core of the Internet
 
Fog Computing and the Internet of Things
Fog Computing and the Internet of ThingsFog Computing and the Internet of Things
Fog Computing and the Internet of Things
 
ION Malta - IETF Update
ION Malta - IETF UpdateION Malta - IETF Update
ION Malta - IETF Update
 
5G and IoT Security
5G and IoT Security5G and IoT Security
5G and IoT Security
 
It's More than Cloud - Digital Disruption - your business model is under thre...
It's More than Cloud - Digital Disruption - your business model is under thre...It's More than Cloud - Digital Disruption - your business model is under thre...
It's More than Cloud - Digital Disruption - your business model is under thre...
 
Fog computing provide security to data in cloud ppt
Fog computing provide security to data in cloud pptFog computing provide security to data in cloud ppt
Fog computing provide security to data in cloud ppt
 
Live, Work, Play with Intelligent Robots
Live, Work, Play with Intelligent RobotsLive, Work, Play with Intelligent Robots
Live, Work, Play with Intelligent Robots
 
Mind Your MANRS: Improving the Security and Resilience of the Global Routing ...
Mind Your MANRS: Improving the Security and Resilience of the Global Routing ...Mind Your MANRS: Improving the Security and Resilience of the Global Routing ...
Mind Your MANRS: Improving the Security and Resilience of the Global Routing ...
 
"How overlay networks can make public clouds your global WAN" from LASCON 2013
"How overlay networks can make public clouds your global WAN" from LASCON 2013"How overlay networks can make public clouds your global WAN" from LASCON 2013
"How overlay networks can make public clouds your global WAN" from LASCON 2013
 
Fog computing
Fog computingFog computing
Fog computing
 
ION Malta - Opening Slides
ION Malta - Opening SlidesION Malta - Opening Slides
ION Malta - Opening Slides
 

Viewers also liked

13.1 internet exchange-point-playbook
13.1 internet exchange-point-playbook13.1 internet exchange-point-playbook
13.1 internet exchange-point-playbookWilliam Norton
 
15.1 transition create-peering-strategy
15.1 transition create-peering-strategy15.1 transition create-peering-strategy
15.1 transition create-peering-strategyWilliam Norton
 
Remote Internet Peering Vs IP Transit: A Shift in Internet Architecture
Remote Internet Peering Vs IP Transit: A Shift in Internet ArchitectureRemote Internet Peering Vs IP Transit: A Shift in Internet Architecture
Remote Internet Peering Vs IP Transit: A Shift in Internet ArchitectureRuth Plater
 
Peering in an IP World - Technology Requirements (3-nov, 2009)
Peering in an IP World - Technology Requirements (3-nov, 2009)Peering in an IP World - Technology Requirements (3-nov, 2009)
Peering in an IP World - Technology Requirements (3-nov, 2009)steve ulrich
 
Docker summit : Docker Networking Control-plane & Data-Plane
Docker summit : Docker Networking Control-plane & Data-PlaneDocker summit : Docker Networking Control-plane & Data-Plane
Docker summit : Docker Networking Control-plane & Data-PlaneMadhu Venugopal
 
13 the taxonomy-of-internet-data-centers
13 the taxonomy-of-internet-data-centers13 the taxonomy-of-internet-data-centers
13 the taxonomy-of-internet-data-centersWilliam Norton
 
Cilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDPCilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDPThomas Graf
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversBrent Salisbury
 
Technical Introduction to IBM's Open Blockchain (OBC)
Technical Introduction to IBM's Open Blockchain (OBC)Technical Introduction to IBM's Open Blockchain (OBC)
Technical Introduction to IBM's Open Blockchain (OBC)Altoros
 
Docker London: Container Security
Docker London: Container SecurityDocker London: Container Security
Docker London: Container SecurityPhil Estes
 
Building an AI Startup: Realities & Tactics
Building an AI Startup: Realities & TacticsBuilding an AI Startup: Realities & Tactics
Building an AI Startup: Realities & TacticsMatt Turck
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughThomas Graf
 

Viewers also liked (12)

13.1 internet exchange-point-playbook
13.1 internet exchange-point-playbook13.1 internet exchange-point-playbook
13.1 internet exchange-point-playbook
 
15.1 transition create-peering-strategy
15.1 transition create-peering-strategy15.1 transition create-peering-strategy
15.1 transition create-peering-strategy
 
Remote Internet Peering Vs IP Transit: A Shift in Internet Architecture
Remote Internet Peering Vs IP Transit: A Shift in Internet ArchitectureRemote Internet Peering Vs IP Transit: A Shift in Internet Architecture
Remote Internet Peering Vs IP Transit: A Shift in Internet Architecture
 
Peering in an IP World - Technology Requirements (3-nov, 2009)
Peering in an IP World - Technology Requirements (3-nov, 2009)Peering in an IP World - Technology Requirements (3-nov, 2009)
Peering in an IP World - Technology Requirements (3-nov, 2009)
 
Docker summit : Docker Networking Control-plane & Data-Plane
Docker summit : Docker Networking Control-plane & Data-PlaneDocker summit : Docker Networking Control-plane & Data-Plane
Docker summit : Docker Networking Control-plane & Data-Plane
 
13 the taxonomy-of-internet-data-centers
13 the taxonomy-of-internet-data-centers13 the taxonomy-of-internet-data-centers
13 the taxonomy-of-internet-data-centers
 
Cilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDPCilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDP
 
Docker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan DriversDocker Networking with New Ipvlan and Macvlan Drivers
Docker Networking with New Ipvlan and Macvlan Drivers
 
Technical Introduction to IBM's Open Blockchain (OBC)
Technical Introduction to IBM's Open Blockchain (OBC)Technical Introduction to IBM's Open Blockchain (OBC)
Technical Introduction to IBM's Open Blockchain (OBC)
 
Docker London: Container Security
Docker London: Container SecurityDocker London: Container Security
Docker London: Container Security
 
Building an AI Startup: Realities & Tactics
Building an AI Startup: Realities & TacticsBuilding an AI Startup: Realities & Tactics
Building an AI Startup: Realities & Tactics
 
LinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking WalkthroughLinuxCon 2015 Linux Kernel Networking Walkthrough
LinuxCon 2015 Linux Kernel Networking Walkthrough
 

Similar to How Internet Peering Improves Security

Cloud Computing,雲端運算-中研院網格計畫主持人林誠謙
Cloud Computing,雲端運算-中研院網格計畫主持人林誠謙Cloud Computing,雲端運算-中研院網格計畫主持人林誠謙
Cloud Computing,雲端運算-中研院網格計畫主持人林誠謙Tracy Chen
 
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGSOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGHoang Nguyen
 
Network_System_Admin.docx
Network_System_Admin.docxNetwork_System_Admin.docx
Network_System_Admin.docxPhilip Martin
 
Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) ClubHack
 
FreedomBox & Community Wi-Fi networks
FreedomBox & Community Wi-Fi networksFreedomBox & Community Wi-Fi networks
FreedomBox & Community Wi-Fi networksGeekNightHyderabad
 
Michael schapira - Hebrew University Jeruslaem - Secure Internet Routing
Michael schapira - Hebrew University Jeruslaem - Secure Internet RoutingMichael schapira - Hebrew University Jeruslaem - Secure Internet Routing
Michael schapira - Hebrew University Jeruslaem - Secure Internet Routingvpnmentor
 
The Considerations for Internet of Things @ 2017
The Considerations for Internet of Things @ 2017The Considerations for Internet of Things @ 2017
The Considerations for Internet of Things @ 2017Jian-Hong Pan
 
Astricon - Realities of Global Infrastructure in the Cloud
Astricon - Realities of Global Infrastructure in the CloudAstricon - Realities of Global Infrastructure in the Cloud
Astricon - Realities of Global Infrastructure in the CloudCory von Wallenstein
 
Simplifying IoT by Solving Software Complexity at the Edge
Simplifying IoT by Solving Software Complexity at the EdgeSimplifying IoT by Solving Software Complexity at the Edge
Simplifying IoT by Solving Software Complexity at the EdgeSamy Fodil
 
IoT Security: How Your TV and Thermostat are Attacking the Internet
IoT Security: How Your TV and Thermostat are Attacking the InternetIoT Security: How Your TV and Thermostat are Attacking the Internet
IoT Security: How Your TV and Thermostat are Attacking the InternetNathan Wallace, PhD, PE
 
Computer Networks Foundation 2022
Computer Networks Foundation 2022Computer Networks Foundation 2022
Computer Networks Foundation 2022OxfordCambridge
 
Stanford Cybersecurity January 2009
Stanford Cybersecurity January 2009Stanford Cybersecurity January 2009
Stanford Cybersecurity January 2009Jason Shen
 

Similar to How Internet Peering Improves Security (20)

Cloud Computing,雲端運算-中研院網格計畫主持人林誠謙
Cloud Computing,雲端運算-中研院網格計畫主持人林誠謙Cloud Computing,雲端運算-中研院網格計畫主持人林誠謙
Cloud Computing,雲端運算-中研院網格計畫主持人林誠謙
 
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGSOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
 
Network_System_Admin.docx
Network_System_Admin.docxNetwork_System_Admin.docx
Network_System_Admin.docx
 
Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 )
 
[IJET-V1I6P4] Authors: Bhatia Shradha, Doshi Jaina,Jadhav Preeti, Shah Nikita
[IJET-V1I6P4] Authors: Bhatia Shradha, Doshi Jaina,Jadhav Preeti, Shah Nikita[IJET-V1I6P4] Authors: Bhatia Shradha, Doshi Jaina,Jadhav Preeti, Shah Nikita
[IJET-V1I6P4] Authors: Bhatia Shradha, Doshi Jaina,Jadhav Preeti, Shah Nikita
 
ppt
pptppt
ppt
 
Networking
NetworkingNetworking
Networking
 
FreedomBox & Community Wi-Fi networks
FreedomBox & Community Wi-Fi networksFreedomBox & Community Wi-Fi networks
FreedomBox & Community Wi-Fi networks
 
Essay On Network Security
Essay On Network SecurityEssay On Network Security
Essay On Network Security
 
Michael schapira - Hebrew University Jeruslaem - Secure Internet Routing
Michael schapira - Hebrew University Jeruslaem - Secure Internet RoutingMichael schapira - Hebrew University Jeruslaem - Secure Internet Routing
Michael schapira - Hebrew University Jeruslaem - Secure Internet Routing
 
The Considerations for Internet of Things @ 2017
The Considerations for Internet of Things @ 2017The Considerations for Internet of Things @ 2017
The Considerations for Internet of Things @ 2017
 
Astricon - Realities of Global Infrastructure in the Cloud
Astricon - Realities of Global Infrastructure in the CloudAstricon - Realities of Global Infrastructure in the Cloud
Astricon - Realities of Global Infrastructure in the Cloud
 
Simplifying IoT by Solving Software Complexity at the Edge
Simplifying IoT by Solving Software Complexity at the EdgeSimplifying IoT by Solving Software Complexity at the Edge
Simplifying IoT by Solving Software Complexity at the Edge
 
IoT Security: How Your TV and Thermostat are Attacking the Internet
IoT Security: How Your TV and Thermostat are Attacking the InternetIoT Security: How Your TV and Thermostat are Attacking the Internet
IoT Security: How Your TV and Thermostat are Attacking the Internet
 
Session 3 Results
Session 3 ResultsSession 3 Results
Session 3 Results
 
SDN-based Inter-Cloud Federation for OF@TEIN
SDN-based Inter-Cloud Federation for OF@TEINSDN-based Inter-Cloud Federation for OF@TEIN
SDN-based Inter-Cloud Federation for OF@TEIN
 
Ministry of Foreign Affairs
Ministry of Foreign AffairsMinistry of Foreign Affairs
Ministry of Foreign Affairs
 
Computer Networks Foundation 2022
Computer Networks Foundation 2022Computer Networks Foundation 2022
Computer Networks Foundation 2022
 
21092018-C4E-What's Next for the Net? Security, Reliability, Capability, Perf...
21092018-C4E-What's Next for the Net? Security, Reliability, Capability, Perf...21092018-C4E-What's Next for the Net? Security, Reliability, Capability, Perf...
21092018-C4E-What's Next for the Net? Security, Reliability, Capability, Perf...
 
Stanford Cybersecurity January 2009
Stanford Cybersecurity January 2009Stanford Cybersecurity January 2009
Stanford Cybersecurity January 2009
 

More from William Norton

14 the folly-of-peering-ratios
14 the folly-of-peering-ratios14 the folly-of-peering-ratios
14 the folly-of-peering-ratiosWilliam Norton
 
11 internet peering-playbook
11 internet peering-playbook11 internet peering-playbook
11 internet peering-playbookWilliam Norton
 
10 the 21st-century-internet-peering-ecosystem
10 the 21st-century-internet-peering-ecosystem10 the 21st-century-internet-peering-ecosystem
10 the 21st-century-internet-peering-ecosystemWilliam Norton
 
08 the 20th-century-internet-peering-ecosystem
08 the 20th-century-internet-peering-ecosystem08 the 20th-century-internet-peering-ecosystem
08 the 20th-century-internet-peering-ecosystemWilliam Norton
 
7.2 day 2 agenda opening
7.2 day 2 agenda opening7.2 day 2 agenda opening
7.2 day 2 agenda openingWilliam Norton
 
07.1 break client specific application decks
07.1 break client specific application decks07.1 break client specific application decks
07.1 break client specific application decksWilliam Norton
 
07 public vs-private-peering-debate
07 public vs-private-peering-debate07 public vs-private-peering-debate
07 public vs-private-peering-debateWilliam Norton
 
05 the business-case-for-internet-peering
05 the business-case-for-internet-peering05 the business-case-for-internet-peering
05 the business-case-for-internet-peeringWilliam Norton
 
04a peering simulation-game
04a peering simulation-game04a peering simulation-game
04a peering simulation-gameWilliam Norton
 
03 internet transit-playbook
03 internet transit-playbook03 internet transit-playbook
03 internet transit-playbookWilliam Norton
 
01 internet peering-workshop-agenda
01 internet peering-workshop-agenda01 internet peering-workshop-agenda
01 internet peering-workshop-agendaWilliam Norton
 

More from William Norton (20)

14 the folly-of-peering-ratios
14 the folly-of-peering-ratios14 the folly-of-peering-ratios
14 the folly-of-peering-ratios
 
12.1 lunch break
12.1 lunch break12.1 lunch break
12.1 lunch break
 
11 internet peering-playbook
11 internet peering-playbook11 internet peering-playbook
11 internet peering-playbook
 
10.1.break
10.1.break10.1.break
10.1.break
 
10 the 21st-century-internet-peering-ecosystem
10 the 21st-century-internet-peering-ecosystem10 the 21st-century-internet-peering-ecosystem
10 the 21st-century-internet-peering-ecosystem
 
08 the 20th-century-internet-peering-ecosystem
08 the 20th-century-internet-peering-ecosystem08 the 20th-century-internet-peering-ecosystem
08 the 20th-century-internet-peering-ecosystem
 
7.2 day 2 agenda opening
7.2 day 2 agenda opening7.2 day 2 agenda opening
7.2 day 2 agenda opening
 
07.1.1 application
07.1.1 application07.1.1 application
07.1.1 application
 
07.1 break client specific application decks
07.1 break client specific application decks07.1 break client specific application decks
07.1 break client specific application decks
 
07 public vs-private-peering-debate
07 public vs-private-peering-debate07 public vs-private-peering-debate
07 public vs-private-peering-debate
 
06 selecting an-ixp
06 selecting an-ixp06 selecting an-ixp
06 selecting an-ixp
 
05 the business-case-for-internet-peering
05 the business-case-for-internet-peering05 the business-case-for-internet-peering
05 the business-case-for-internet-peering
 
04c.1.break
04c.1.break04c.1.break
04c.1.break
 
04a peering simulation-game
04a peering simulation-game04a peering simulation-game
04a peering simulation-game
 
04 internet peering
04 internet peering04 internet peering
04 internet peering
 
03.1.break
03.1.break03.1.break
03.1.break
 
03 internet transit-playbook
03 internet transit-playbook03 internet transit-playbook
03 internet transit-playbook
 
02 internet transit
02 internet transit02 internet transit
02 internet transit
 
01 internet peering-workshop-agenda
01 internet peering-workshop-agenda01 internet peering-workshop-agenda
01 internet peering-workshop-agenda
 
16 peering policies
16 peering policies16 peering policies
16 peering policies
 

Recently uploaded

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 

Recently uploaded (20)

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

How Internet Peering Improves Security

  • 1. Peering Improves Security William B. Norton Chief Strategy Officer, IIX Executive Director, DrPeering International wbn@iixPeering.net wbn@DrPeering.net US Telecom Webinar Live from Silicon Valley October 30, 2013 10AM PST
  • 2. Meet the Presenter • Started working on Internet (NSFNET) in 1988 • 1st “Chairman” of North American Network Operator Group (NANOG) (19941998) • 1998-2008 Co-Founder & Chief Technical Liaison, Equinix Inc. (NSDQ: EQIX) • 2008-Present - Executive Director, DrPeering Int’l • Two-day On-Site Peering Workshops (EU/Africa) • The 2013 Internet Peering Playbook • 2013 Chief Strategy Officer, International Agenda…
  • 3. Agenda • Introduction: What you need to know about Peering for this talk • Thesis: How Peering Improves Security 1. Less vulnerable to DDOS side affects 2. Fewer network elements make peering less vulnerable 3. Security response and recovery time are improved with peers • Discussion: Q&A What you need to know…
  • 4. Section I: Introduction WHAT YOU NEED TO KNOW ABOUT PEERING
  • 5. Internet Transit Service Model • 99.9% of all • Announce Reachability • Metered Service • Simple • “Internet This Way” 5 95th percentile measurement
  • 6. • • • • 95th Percentile Billing Calculation 5 minute samples Month of deltas 95th percentile Max(in,out) 6 Transit Prices Drop
  • 7. Internet Price Declines (U.S.) • • • • “Can’t go lower” “No one is making $” Pricing varies widely Trend unmistakable 7 Internet Peering…
  • 8. What is Internet Peering? • Definition: Internet Peering is the business relationship whereby two companies reciprocally provide access to each others’ customers. 8
  • 9. Internet Peering 3 Key Points 1. Peering is not a transitive relationship 2. Peering is not a perfect substitute 3. Peering is typically settlement free 9
  • 10. The Top 5 Motivations to Peer 1. Lower Transit Costs (#1 ISP Motivation to Peer) 2. Improve end user experience (#1 Content Motivation) 3. Better control over routing-strategic (Yahoo!, NetFlix 2008) 4. Usage based billing – make more money by peering (AboveNet) 5. Sell more underlying transport capacity (Telecom Italia) NEW 6. Peering Improves Security! 10
  • 11. Section II: Thesis HOW PEERING IMPROVES SECURITY: 3 TENETS
  • 12. On the Commodity Internet T $ $ P C B T A D $ T E B $ T F $ T G Traffic traverses potentially many networks before reaching its destination intermingled
  • 13. All traffic in the Commodity Internet is intermingled T $ $ P C D B $ T B E $ T T A F $ T G Which works fine when there is plenty of interconnection Bandwidth, networks have plenty of Memory, CPU, etc. Aggregation Efficiency are great. Works fine until
  • 14. But when there are DDOS attacks… T $ $ P C $ D T B E B $ T T A X F $ T G …anywhere along the transit path, Packet loss, latency, poor performance. Result: DOS: AG Unable to establish a secure channel. Spot events…
  • 15. But when there are Spot Events… T $ $ P C $ D T B E B $ T T A X F Note: Not just DDOS Spot Events (MS Update, Oprah interview, etc.) $ T G …anywhere along the transit path, Packet loss, latency, poor performance. Result: DOS: AG Unable to establish a secure channel. Peering bypass
  • 16. 1) Peering Bypasses the Commodity Internet T $ $ P C D $ T B E B $ T T X A “Important Traffic is Peered” – Andreas Sturm (DE-CIX) 1) By making specific traffic Immune from the side affects of DDOS, Peering Improves Security F $ T G Peering Point (IXP) 2nd: vulnerability
  • 17. Commodity Internet has many points of vulnerability Networks can be hijacked T $ $ P C B D $ T B E $ T T A No visibility to upstream compromises May be in protected IDC or On the top of a telephone pole F Interconnects can be tapped, mirrored, redirected, captured $ T G Peering bypass
  • 18. 2) Peering Reduces the network vulnerability Networks can be hijacked T $ $ P C D $ T B E B $ T T A F Interconnects can be tapped, mirrored, redirected, captured For the subset of peered traffic. Hardened building Better Visibility, peers should notice disruption. Peering Improves Security $ T G Peering Point (IXP)
  • 19. 3) Peering Improves Recovery Time Networks can be hijacked T $ $ P C D $ T B E B $ T T A F Interconnects can be tapped, mirrored, redirected, captured Practical Matter – peers exchange Contact Info, NOC #’s, network maps, Escalation procedures, cell phone #’s You met the personfaster resolution times. $ T G Peering Point (IXP)
  • 20. Peering Improves Security 1. Internet Transit intermingles traffic – Vulnerable to DDOS side affect – Peering bypasses the “wild wild west commodity Internet” 2. Internet Transit more points of vulnerability – Interconnects and networks along the path – Peering involves fewer network elements between content and eyeballs 3. Security response is faster with peers – Upstream NOCs won’t take your call
  • 21. Thank you for your time! Email me ! Talk about (agree/disagree) the thesis “Peering Improves Security” How peering might help your situation wbn@iixPeering.net

Editor's Notes

  1. The Internet Transit service is shown in the diagram below provides access to the global Internet by:announcing the customer route across the Internet so any network on the Internet knows how to reach the customer network, andannouncing to the customer the information necessary to be able to send traffic to any destination in the Internet.In this mini ecosystem, we see the Cyan ISP purchasing transit from the Orange Transit Provider. The Orange ISP announces to the Cyan ISP reachability to the entire Internet (shown as many colored networks to the right of the Transit Providers). The Transit Providers propagate the Cyan route (shown as a cyan circle) across the Internet so that all networks know how to reach the Cyan ISP. With this reciprocal Internet Transit service, all Internet attachments know how to reach the Cyan ISP, and the Cyan ISP knows how to reach all Internet destinations.
  2. Why did the 95th percentile come into existence? In the early Internet days, Internet traffic was charged on a circuit capacity basis. But if you didn’t use very much of this capacity, you were still paying as if you did. This made Internet Transit tough to sell so the usage-based (metered) model began. Initially some ISPs charged on average use, which ended up being skewed by the occasional burstiness associated with a spot event. To address this, one ISP adopted the 95th percentile measure that was primarily introduced to not overly punish a customer for the occasional spike in traffic volume, and still allow the ISP to bill based the load placed on its network. This approach seemed palatable and sold. The rest of the industry followed suit and 95-5 was born.
  3. WestNet is an ISP with green customers, MidNet is an ISP with blue customers, and EastNet is an ISP with red customers.WestNet is in a Peering relationship with MidNet in which WestNet learns how to reach MidNet's blue customers, and MidNet reciprocally learns how to reach WestNet's green customers.EastNet is in a Peering relationship with MidNet in which EastNet learns how to reach MidNet's blue customers, and MidNet reciprocally learns how to reach EastNet's red customers.After these two peering sessions are established, the routing tables are in place as shown in the boxes beneath the ISP clouds. Since MidNet peers with both EastNet and WestNet, MidNet customers can reach both EastNet and WestNet customers.