![]() Because Google has such extensive global peering relationships, its portal presents an opportunity for the company to essentially give its peers a nudge for how they're doing on BGP best practices. In addition to adopting and promoting route filters and RPKI, Koley says that Google also raises awareness about the importance of BGP security through its " peering portal." Peering is connection between two networks to let web traffic flow in a more efficient and stable way, and includes exchange of BGP routing information. So with MANRS we're trying to make this as easy a lift as possible for organizations." It takes significant engineering work and if you do it wrong then you actually can significantly impact users. "And once you have all of that information you have to create ways of utilizing it to apply to your BGP policies in the form of filters etc. "There is quite a bit of work that is involved in implementing all of this," says Bikash Koley, vice president of global networking at Google Cloud. And in November, Google completed RPKI registration for more than 99 percent of its routes. On Monday, the European network service provider RETN announced that it has implemented RPKI. Over the last two years, though, RPKI has gained some real momentum, and is now in use by ISPs like AT&T, Telia, NTT, and Cogent. "With nearly 600 total participants in MANRS so far, we believe the enthusiasm and hard work of the CDN and cloud providers will encourage other network operators around the globe to improve routing security for us all," says Aftab Siddiqui, the MANRS project lead and a senior manager of internet technology at the Internet Society. But that process coming to the cloud represents tangible progress that has been elusive up until now. ![]() In some ways the step is incremental, given that MANRS has already formed task forces for network operators and what are known as "internet exchange points," the physical hardware infrastructure where internet service providers and CDNs hand off data to each others' networks. Today the group known as Mutually Agreed Norms for Routing Security is announcing a task force specifically dedicated to helping "content delivery networks" and other cloud services adopt the filters and cryptographic checks needed to harden BGP. Now, after years of slow progress implementing improvements and safeguards, a coalition of internet infrastructure partners is finally turning a corner in its fight to make BGP more secure. It was the latest mishap to stem from design weaknesses in the "Border Gateway Protocol," the internet's foundational, universal routing system. But it wasn't a hack, or even a glitch at any one organization. This spring, services from heavy hitters like Google and Facebook seemed glitchy or inaccessible for people worldwide for more than an hour.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |