MANRS, Routing Security, and the Brazilian ISP Community Thumbnail
Mutually Agreed Norms for Routing Security (MANRS) 11 December 2017

MANRS, Routing Security, and the Brazilian ISP Community

By Megan KruseFormer Director, Advocacy and Communications

Last week, I presented MANRS to the IX.BR community. My presentation was part of a bigger theme – the launch of an ambitious program in Brazil to make the Internet safer.

While there are many threats to the Internet that must be mitigated, one common point and a challenge for many of them is that the efficacy of the approaches relies on collaboration between independent and sometimes competing parties. And, therefore, finding ways to incentivize and reward such collaboration is at the core of the solutions.

MANRS tries to do that by increasing the transparency of a network operator’s security posture and its commitment to a more secure and resilient Internet. Subsequently, the operator can leverage its increased security posture, signaling it to potential customers and thus differentiating from their competitors.

MANRS also helps build a community of security-minded operators with a common purpose – an important factor that improves accountability, facilitates better peering relationships, and improves coordination in preventing and mitigating incidents.

So, what does the Brazilian ISP community think about routing security and MANRS?

I ran an interactive poll with four questions to provide a more quantitative answer. More than 100 people participated, which makes the results fairly representative.

A sort summary is that while routing incidents are not perceived as the most painful area, the Brazilian ISP community is willing to embrace the collaborative security approach and work on improving Internet infrastructure.

In the past three months, according to BGPSetream, Brazilian ISPs experienced about 1,000 routing events that likely represent incidents. About a quarter of them were route leaks and hijacks; the rest were outages.

From operational experience, 20% of operators dealt with routing security incidents with impact. For the majority, however, such incidents were either infrequent or had little impact. That says something about the perceived risk.

At the same time, improving routing security is important to the vast majority of operators. Almost half are willing to play an active role in promoting best practices.

Almost one-third of respondents already implement the majority of the MANRS Actions and could join the effort.

When it comes to joining the effort, two-thirds feel they would become active adopters of MANRS, once their network has appropriate controls in place.

We look forward to seeing many Brazilian ISPs officially join MANRS, given these survey results! If you’re interested, please let us know. A MANRS Implementation Guide is also available to help you get your network ready.

You can watch Andrei’s full presentation on YouTube in the video below, or at this link.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related Posts

Strengthening the Internet 6 September 2024

US Government Networks Get a Security Boost: White House Roadmap Tackles Routing Vulnerabilities

The White House's Roadmap to Enhancing Routing Security is an important step toward strengthening routing security in the United...

Strengthening the Internet 14 May 2024

The US Makes a Big Step Toward Better Routing Security

The US Department of Commerce began implementing better routing security practices—a step in the right direction for wider MANRS...

Securing Border Gateway Protocol (BGP) 18 April 2024

The US FCC Signals a Dangerous New Course on BGP Security

The US Federal Communications Commission recently released a draft Declaratory Ruling and Order in the Open Internet Proceeding. However,...