The Mutually Agreed Norms for Routing Security (MANRS) initiative announced the launch of the MANRS Observatory, a new online tool that measures the level of networks’ compliance to MANRS, a key indicator of the state of routing security and resiliency of the Internet.
Routing security is vital to the future and stability of the Internet, but it’s under constant threat. In 2018, more than 12,000 routing outages or attacks – such as hijacking, leaks, and spoofing – led to stolen data, lost revenue, reputational damage and more.
Last year, a routing leak by a Nigerian ISP caused some of Google’s traffic to be misrouted through China resulting in outages in many parts of the world and in June of this year, a massive route leak knocked out large parts of the Internet offline for several hours.
MANRS, a global initiative driven by the networking community (network and IXP operators) and supported by the Internet Society, aims to reduce the most common threats to the Internet’s routing system through technical and collaborative action.
Those who join MANRS must implement specific measures – filtering, anti-spoofing, coordination, global validation – to improve the resiliency and security of the routing infrastructure to keep the Internet safe for businesses and consumers alike.
The Observatory shows the degree of networks’ adherence to MANRS by tracking the number of routing incidents by region and by country and monitoring metrics for MANRS actions.
The tool aggregates data from a number of trusted third-party sources into a user-friendly online dashboard. This snapshot enables network operators to identify problematic areas to help them improve the security of their networks.
Benefits of the MANRS Observatory include:
- Performance barometer: MANRS participants can easily monitor how well they adhere to the requirements of this initiative and make any necessary adjustments to their security controls.
- Business development: Participants can see how they and their peers are performing. They can leverage the MANRS Observatory to determine whether potential partners’ security practices are up to par.
- Government: Policy makers can better understand the state of routing security and resilience and help improve it by calling for MANRS best practices.
- Social responsibility: MANRS implementation is simple, voluntary and non-disruptive. The Observatory can help participants ensure they and their peers are keeping their networks secure, which helps improve routing security of the Internet as a whole.
“Routing security is based almost entirely on trust between networks,” said Andrei Robachevsky, Senior Technology Program Manager at the Internet Society.
“One of the advantages of the MANRS Observatory is that it adds an element of accountability. MANRS is seeing steady adoption, but we need more networks to implement the actions and more customers to demand routing security best practices.
“The more network operators applying MANRS actions, the fewer incidents happening, the less damage done. Our hope is that the MANRS Observatory will help drive greater participation,” he added.
MANRS membership is growing. Today, there are 201 Network Operators (ISPs) and 34 Internet Exchange Points (IXPs) committed to improving Internet security.
MANRS participants include network operators from small regional ISPs to Tier-1 carrier networks, and from university networks to major content and cloud providers all over the world. Notable MANRS newcomers include Microsoft and Google.