Collaboration and shared responsibility are two pillars supporting the Internet’s growth and success. While the global routing system has worked well, it has significant security challenges that we must address. In this panel, security experts will discuss how we can create a culture of collective responsibility and improve the global routing system, including an introduction to the “Mutually Agreed Norms for Routing Security” (MANRS).
18 September 2017 - ION Malta
What’s happening at the Internet Engineering Task Force (IETF)? What RFCs and Internet-Drafts are in progress related to IPv6, DNSSEC, Routing Security/Resiliency, and other key topics? We’ll give an overview of the ongoing discussions in several working groups and discuss the outcomes of recent Birds-of-a-Feather (BoF) sessions, and provide a preview of what to expect in future discussions.
18 September 2017 - At ION Malta, Adam Peake discusses the IANA transition:
The IANA transition was successfully completed in October 2016 creating strengthened relationships between the IETF (Internet protocols and standards), Regional Internet Registries RIRs (IP addresses), and ccTLD and gTLD operators and TLD community and ICANN. A new organisation, Public Technical Identifiers (PTI), an affiliate of ICANN, is now responsible for performing the IANA functions and delivering the IANA Services on behalf of ICANN. The session will discuss these new arrangements and how they have enhanced ICANN’s accountability and transparency to the global Internet community. The session will also describe how ICANN is preparing for the Root KSK Rollover.
18 September 2017 - Rick Lamb, ICANN, on DANE:
If you connect to a “secure” server using TLS/SSL (such as a web server, email server or xmpp server), how do you know you are using the correct certificate? With DNSSEC now being deployed, “DANE” (“DNS-Based Authentication of Named Entities”) has emerged allowing you to securely specify exactly which TLS/SSL certificate an application should use to connect to your site. DANE has great potential to make the Internet much more secure by marrying the strong integrity protection of DNSSEC with the confidentiality of SSL/TLS certificates. In this session, we will explain how DANE works and how you can use it to secure your websites, email, XMPP, VoIP, and other web services.
18 September 2017 - ION Malta
DNSSEC helps prevent attackers from subverting and modifying DNS messages and sending users to wrong (and potentially malicious) sites. So what needs to be done for DNSSEC to be deployed on a large scale? We’ll discuss the reasons for deploying DNSSEC, examine some of the challenges operators have faced, and address those challenges and move deployment forward.
The MANRS initiative and Routing Resilience Manifesto aims to help network operators around the world to improve the security and resilience of the global routing system.
18 September 2017 - ION Malta
What’s happening at the Internet Engineering Task Force (IETF)? What RFCs and Internet-Drafts are in progress related to IPv6, DNSSEC, Routing Security/Resiliency, and other key topics? We’ll give an overview of the ongoing discussions in several working groups and discuss the outcomes of recent Birds-of-a-Feather (BoF) sessions, and provide a preview of what to expect in future discussions.
18 September 2017 - At ION Malta, Adam Peake discusses the IANA transition:
The IANA transition was successfully completed in October 2016 creating strengthened relationships between the IETF (Internet protocols and standards), Regional Internet Registries RIRs (IP addresses), and ccTLD and gTLD operators and TLD community and ICANN. A new organisation, Public Technical Identifiers (PTI), an affiliate of ICANN, is now responsible for performing the IANA functions and delivering the IANA Services on behalf of ICANN. The session will discuss these new arrangements and how they have enhanced ICANN’s accountability and transparency to the global Internet community. The session will also describe how ICANN is preparing for the Root KSK Rollover.
18 September 2017 - Rick Lamb, ICANN, on DANE:
If you connect to a “secure” server using TLS/SSL (such as a web server, email server or xmpp server), how do you know you are using the correct certificate? With DNSSEC now being deployed, “DANE” (“DNS-Based Authentication of Named Entities”) has emerged allowing you to securely specify exactly which TLS/SSL certificate an application should use to connect to your site. DANE has great potential to make the Internet much more secure by marrying the strong integrity protection of DNSSEC with the confidentiality of SSL/TLS certificates. In this session, we will explain how DANE works and how you can use it to secure your websites, email, XMPP, VoIP, and other web services.
18 September 2017 - ION Malta
DNSSEC helps prevent attackers from subverting and modifying DNS messages and sending users to wrong (and potentially malicious) sites. So what needs to be done for DNSSEC to be deployed on a large scale? We’ll discuss the reasons for deploying DNSSEC, examine some of the challenges operators have faced, and address those challenges and move deployment forward.
The MANRS initiative and Routing Resilience Manifesto aims to help network operators around the world to improve the security and resilience of the global routing system.
ION Islamabad, 25 January 2017
By Kevin Meynell, Internet Society
What’s happening at the Internet Engineering Task Force (IETF)? What RFCs and Internet-Drafts are in progress related to IPv6, DNSSEC, Routing Security/Resiliency, and other key topics? We’ll give an overview of the ongoing discussions in several working groups and discuss the outcomes of recent Birds-of-a-Feather (BoF) sessions, and provide a preview of what to expect in future discussions.
23 November 2017 - At ION Belgrade, Kevin Meynell discusses what happened at the recent IETF meeting, and how to get involved in the open Internet standards community.
7 September 2017 - At ION Conference in Durban, South Africa, Kevin Meynell introduces the MANRS initiative on routing security and begins a panel on the topic.
ION Islamabad, 25 January 2017
By Pubudu Jayasinghe, APNIC & Aftab Siddiqui, Internet Society
Today, we can say that IPv6 is already happening all around the world. It’s interesting to see the main reasons that made it happen, how it’s happening, and to make the audience think about their deployment status and strategy. Statistics from different sources are showed, including data from RIPE NCC measurements.
Cyber Security Week 2015: Get involved and contributeAPNIC
Security Specialist, Adli Wahid, presented on the challenges faced by those who are new in the cyber security industry, and how they can get involved and be proactive.
7 September 2017 - At ION Conference Durban, South Africa, Kevin Meynell discusses what's happening at the IETF in the world of Internet standards, and how you can get involved in the process.
3 July 2017 - At ION Costa Rica, Kevin Meynell begins a panel on Routing Security & MANRS by explaining the Mutually Agreed Norms for Routing Security (MANRS) and the basic concepts of routing security.
ION Islamabad, 25 January 2017
By Kevin Meynell, Internet Society
What’s happening at the Internet Engineering Task Force (IETF)? What RFCs and Internet-Drafts are in progress related to IPv6, DNSSEC, Routing Security/Resiliency, and other key topics? We’ll give an overview of the ongoing discussions in several working groups and discuss the outcomes of recent Birds-of-a-Feather (BoF) sessions, and provide a preview of what to expect in future discussions.
23 November 2017 - At ION Belgrade, Kevin Meynell discusses what happened at the recent IETF meeting, and how to get involved in the open Internet standards community.
7 September 2017 - At ION Conference in Durban, South Africa, Kevin Meynell introduces the MANRS initiative on routing security and begins a panel on the topic.
ION Islamabad, 25 January 2017
By Pubudu Jayasinghe, APNIC & Aftab Siddiqui, Internet Society
Today, we can say that IPv6 is already happening all around the world. It’s interesting to see the main reasons that made it happen, how it’s happening, and to make the audience think about their deployment status and strategy. Statistics from different sources are showed, including data from RIPE NCC measurements.
Cyber Security Week 2015: Get involved and contributeAPNIC
Security Specialist, Adli Wahid, presented on the challenges faced by those who are new in the cyber security industry, and how they can get involved and be proactive.
7 September 2017 - At ION Conference Durban, South Africa, Kevin Meynell discusses what's happening at the IETF in the world of Internet standards, and how you can get involved in the process.
3 July 2017 - At ION Costa Rica, Kevin Meynell begins a panel on Routing Security & MANRS by explaining the Mutually Agreed Norms for Routing Security (MANRS) and the basic concepts of routing security.
MANRS - Introduction to Internet Routing SecurityObika Gellineau
This presentation is an overview of MANRS which is an initiative supported by the Internet Society. It fixes issues concerning internet routing that lead to security incidents that affect ISP and internet users alike.
Presentació a càrrec d'Andrei Robachevsky (ISOC) celebrada prèviament a la reunió de la Comissió Tècnica del CATNIX el 26 de juny de 2020 a través de videoconferència.
September 2017 - Aftab Siddiqui presents on the Mutually Agreed Norms for Routing Security (MANRS), and how we can work together to improve the security and resiliency of the Internet's routing system.
Cloud Networking Presentation - WAN Summit - Ciaran RocheCiaran Roche
Ciaran Roche, CTO of Coevolve looks at the recent trends towards multi-cloud environments in enterprises. How can technologies like SD-WAN help extend reliable connectivity to these environments?
Marlabs helps establish and sustain the client’s company wide vision for cyber security strategies for addressing regulations, audit, and security risks.
SDN & NFV: Driving Additional Value into Managed ServicesTBI Inc.
From offering seamless scalability to providing best-in-class security, SDN and NFV are driving value into managed services. Discover how these technologies combine to build a simple, more agile infrastructure at a significantly lower cost. Offer NFV, SDN, and other products from best-of-breed provider NTT through TBI.
Enterprise Management Associates (EMA) research reveals that companies are more successful with SD-WAN transformation when they consume the technology as a managed service. How can an IT organization know if it is choosing the right managed service, though?
Check out these slides to discover the five things you need to know about the power of a managed SD-WAN solution. You will also learn more about:
- Why so many enterprises are choosing managed SD-WAN over DIY deployments
- What to look for in an SD-WAN provider
- Tips for optimizing Day 2 operations with managed SD-WAN
- Charting a path to the future, including secure access service edge
CyberSecurity in a World of Connected Devices: IoT SecurityHaluk Demirkan
Invited Presentation, Security in a World of Connected Devices: A Smart IoT Security Services Framework@ ISSIP Discovery Summit: IoT SecurityNovember 11 & 12, 2015, Santa Clara, CA
Cloud computing can be safe, uncomplicated and move the organization forward IF YOU DO YOUR DUE DILIGENCE!!
It's your data and your neck so don't be afraid to ask the right questions and get them in writing
7 September 2017 - At ION Conference Durban, South Africa, Andrew Alston on how Liquid Telecom deployed IPv6 and how other organizations can do the same.
3 July 2017 - At ION Costa Rica, Kevin Meynell discusses work underway at the IETF on IPv6, DNSSEC, Routing, and more, and how anyone can get involved in the IETF process.
3 July 2017 - At ION Costa Rica, Megan Kruse presents final thoughts and invites participants to get involved with the Internet Society and the Deploy360 program.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
4. Routing Basics
Routers use Border Gateway Protocol (BGP) to exchange
“reachability information” - networks they know how to reach
Routers build a “routing table” and pick the best route when
sending a packet, typically based on the shortest path.
When talking BGP routers use an Autonomous System Numbers
(ASN) uniquely identifying their network
Almost 60,000 networks (Autonomous Systems) across the
Internet
4
5. The Problem Caption 10/12pt
Caption body copy
5
Border Gateway Protocol (BGP)
is based on trust
• No built-in validation of the
legitimacy of updates
• The chain of trust spans continents
• Lack of reliable resource data
8. What’s Happening?
IP prefix hijack
• AS announces prefix it doesn’t originate and wins the “best route” selection
• AS announces more specific prefix than what may be announced by originating AS
• AS announces it can route traffic through shorter route, whether it exists or not
• Packets end up being forwarded to wrong part of Internet
• Denial-of-Service (DoS), traffic interception, or impersonating network or service
Route leaks
• Violation of valley-free routing (e.g. re-announcing transit provider routes to another provider)
• Usually due to misconfigurations, but can be used for traffic inspection and reconnaissance
• Can be equally devastating
IP address spoofing
• Creation of IP packets with false source address
• The root cause of reflection DDoS attacks 8
9. Are There Solutions?
9
Yes!
Prefix and AS-PATH filtering, RPKI, IRR, …
BGPSEC under development at the IETF
Whois, Routing Registries and Peering
databases
But…
• Lack of deployment
• Lack of reliable data
10. A Tragedy of the Commons
10
From a routing perspective, securing
your own network does not necessarily
make it more secure. Network security
is in someone else’s hands.
— The more hands – the better the security
Is there a clear, visible, and industry-
supported line between good and bad?
— A cultural norm?
11. A vital part of the security solution
MANRS
Mutually Agreed Norms for Routing Security
11
12. MANRS was founded with the ambitious goal of
improving the security and reliability of the global
Internet routing system, based on collaboration
among participants and shared responsibility for
Internet infrastructure.
12
13. Mutually Agreed Norms for
Routing Security
13
MANRS defines four concrete actions that
network operators should implement
— Technology-neutral baseline for global adoption
— A minimum set of requirements
MANRS builds a visible community of security-
minded operators
— Promotes culture of collaborative responsibility
14. MANRS Actions
Filtering – Prevent propagation of incorrect routing information
• Ensure the correctness of your own announcements and announcements from your customers to
adjacent networks with prefix and AS-path granularity
Anti-spoofing – Prevent traffic with spoofed source IP addresses
• Enable source address validation for at least single-homed stub customer networks, their own end-
users, and infrastructure
Coordination – Facilitate global operational communication and coordination
between network operators
• Maintain globally accessible up-to-date contact information
Global Validation – Facilitate validation of routing information on a global scale
• Publish your data, so others can validate
14
15. A Note on MANRS’ Limitations
15
MANRS is an absolute minimum an
operator should consider, with low risk
and cost-effective Actions
The more operators implement
MANRS, the fewer routing incidents we
will see, and the smaller will be their
scope
MANRS is not a one-stop solution to all
of the internet’s routing woes, but it is
an important step toward a globally
robust and secure routing infrastructure
16. A study with 451 Research
So what is the business case for
MANRS?
(and routing security)
16
17. Questionnaire-based study
— Assessment against existing 451 Research data
— Common perception elements
Service providers
— Initial targeting interviews
– Global demographic
— 25 telephone interviews
Enterprise Internet teams
— 250 web questionnaires
— 1,000 employee minimum
— Primarily North America
17
14%
14%
11%
10%10%
8%
8%
6%
19%
Enterprise Demographics
Manufacturing
Professional Services
Retail
Telecommunications
Health
Financial
Insurance
Construction
Other
Comprehensive Research Study
18. Enterprises Are Concerned About Security
A core value for a majority
Smaller enterprises had an outsized
concern about security as part of their
primary values
18
0%
10%
20%
30%
40%
50%
1000 - 2499 2500 - 4999 5000 - 9999 10,000 +
Primary Core Value
Part of Our Values
Not Distinguishing
19. Enterprise Concerns Around Security
— Widely varying concerns across a
range of issues
— Security focus is aligned with type of
issues MANRS is looking to address
And confidence that MANRS can help 19
0%
10%
20%
30%
40%
50%
60%
70%
80%
DDoS Traffic hijacking Address spoofing Availability Blacklisting
57%
74%
57%
46%
28%
Internet Security Concerns
20. And Enterprises are Willing to Pay for MANRS
Significant value on security posture
— Median premium of 15%
— 13% would only choose MANRS
compliant providers
20
0
10
20
30
40
50
60
70
no 5% more 10% 15% 20% 25% I would only
choose a
MANRS
Compliant
services
Q: Would you pay a premium for MANRS compliant services?
21. Service Provider motivations are misaligned with Enterprise
perception
No one mentioned customer demands as a
reason
21
0%
5%
10%
15%
20%
25%
30%
35%
40%
Being a good
internet citizen
Being more
secure
Increasing
operating
efficiency
Regulatory
compliance
16%
36%
12%
36%
Reasons for Implementation
Q: Which aspect of MANRS would provide the greatest reason for implementing for your
organization?
22. What We Learned from the Study
Security is Vital to Enterprises
• MANRS knowledge is low, but MANRS attributes are highly valued
• Enterprises are willing to put MANRS compliance into RFPs and require it of their
service providers
MANRS Adds Value for Service Providers
• Service providers can differentiate from their competitors; Identifiable value in a
vague market
• Service providers may be able to add additional revenue streams based on
information security feeds and other add-on services
• MANRS compliance may reduce customer churn
22
23. Why SERVICE PROVIDERS Should Join MANRS
• MANRS is a sign of security proficiency and commitment
• MANRS is one indication that a provider is contributing to solving network
problems at a global scale
• MANRS distinction can add competitive value and enhance operational
effectiveness
• Enterprises indicate willingness to pay more for partnering with a provider with
high security posture
23
24. Why ENTERPRISES Should Require MANRS
• MANRS communicates an enterprise’s security investment to its customers
• Larger enterprises with peering arrangements that involve BGP can
incorporate the MANRS actions into IT operations, which can add maturity
and increase operational efficiency
• Enterprises can require MANRS compliance in RFPs, tender, and purchasing
processes
• In regulated industries, MANRS can be an additional factor for auditors to
consider when assessing the overall security posture of an organization
24
25. Commit to Routing Security,
Collaborative Action, and the Good of the
Internet
Join MANRS Today
25
Can you stand up publicly and say:
- I care about routing security
- I am prepared to spend resources on it
- I am prepared to be held accountable by the
community
26. Join Us
26
Visit www.manrs.org/signup
• Fill out the form with as much detail as
possible.
• We may ask questions and run tests
Get Involved in the Community
• Members support the initiative and
implement the actions in their own
networks
• Members maintain and improve the
document and promote MANRS objectives
27. MANRS Implementation Guide
• Providing guidance to implement MANRS principles
• Based on Best Current Operational Practices deployed by
network operators around the world
• http://www.routingmanifesto.org/bcop/
27
28. What’s Next: MANRS IXP Partnership Programme
There is synergy between MANRS and IXPs
— IXPs form a community with a common operational objective
— MANRS is a reference point with a global presence – useful for building a “safe neighborhood”
How can IXPs contribute?
— Technical measures: Route Server with validation, alerting on unwanted traffic, providing debugging and
monitoring tools
— Social measures: MANRS ambassador role, local audit as part of the on-boarding process
— A development team is working on a set of useful actions
28
29. What’s Next: MANRS Training and Certification
Routing security is hard. How can we make it more accessible? The “simple” MANRS
Implementation Guide turned into a 50-page document that assumes a certain level of expertise.
Online training modules
— Based on the MANRS Implementation Guide
— Walks a student through the tutorial with a test at the end
— Working with and looking for partners that are interested in integrating it in their curricula
A hands-on lab to achieve MANRS certification
— Completing the online modules as a first step in MANRS certification
— Looking for partners
29
31. Visit us at
www.internetsociety.org
Follow us
@internetsociety
Galerie Jean-Malbuisson 15,
CH-1204 Geneva,
Switzerland.
+41 22 807 1444
1775 Wiehle Avenue,
Suite 201, Reston, VA
20190-5108 USA.
+1 703 439 2120
Thank you.
Andrei Robachevsky
robachevsky@isoc.org
31
Editor's Notes
What’s the commonality between a healthy lifestyle and security management? They both sound good in theory –everyone wants to be healthy - but in the short term you don’t feel any better after eating a cup of broccoli.
Skipping the the cake - or spending resources on security management - does not visibly make any difference. At least in short term. We all know someone who lived a long life despite an unhealthy lifestyle, or a company that never got attacked or hacked.
It takes years of healthy choices to make, and see, a difference.