On the Road to Better Routing Security: What Are MENA’s Next Steps?

In a region with a wealth of resources and network expertise but a higher than average number of global routing incidents, the Mutually Agreed Norms for Routing Security (MANRS) initiative can help networks champion a more secure routing environment.

Networks in the Middle East and North Africa (MENA) region fall between two regional Internet registries: Réseaux IP Européens Network Coordination Centre (RIPE NCC) and African Network Information Centre (AFRINIC). This gives these networks access to many resources and tools that support them to adopt best practices in routing security, including resource public key infrastructure (RPKI). There’s also great technical expertise in the region, with specialists working to keep more than 800 MENA-based networks up and running.

The region is, however, over represented in terms of routing incidents. Despite representing only 1.18% of all the networks visible on the Internet, the region has been responsible for 2.5-3% of global routing incidents so far this year as of October. Last month, the MANRS Observatory recorded 24 routing incidents from 22 networks in the region. The incidents range from Bogon announcements to more serious route leaks and route mis-originations, as detailed in the screen capture from MANRS Observatory above.

MANRS for a Stronger Internet

When it comes to conforming with MANRS’ readiness actions, MENA networks perform as well as, or better than, the rest of the world. Hundreds of networks within the region are already applying MANRS best practices, but more needs to be done to mitigate routing threats. There’s great potential in the region for increased rates of participation in MANRS, as there are currently only five MENA networks in the MANRS Network Operator Programme.

Taking part in the MANRS initiative shows that participating networks have implemented crucial fixes and are actively working to mitigate the most common threats. In the case of MENA, more network operators, Internet Exchange Points (IXPs), and cloud and content delivery network (CDN) providers should adopt the MANRS actions to actively avoid routing security threats, instead of responding to them when they happen. This would contribute to a stronger, global Internet with lower number of incidents worldwide.

Targeting the Problem Head On

One thing the MANRS team has been doing is offering support to networks that have been identified as having caused routing incidents. We reach out to offer learning material and guides or access to MANRS experts. This approach allows us to address existing routing issues so that more and more networks will be on the right track.

Meanwhile, in a community initiative that aims to foster collaboration and information sharing like MANRS, it’s important to keep in mind that self-motivation to join shows readiness to play an active role in the community. MANRS will continue to raise awareness about the importance of good routing security practices. A combination of promoting best practices and connecting with the those causing incidents networks can help grow our community.

The MENA region is a diverse and rich area with great potential to actively get involved with the MANRS community and contribute to securing the global routing infrastructure, but much more has to be done. Together with the MANRS team, I will work with the technical communities to increase understanding and adoption of MANRS in the region and elsewhere.

Improving the state of routing security is no small task. It requires network operators, IXPs, and CDN and cloud providers of all sizes across the globe to work together to make a real difference. MANRS is a great resource for everyone, and we are here to help. Join us to protect the core of the Internet!

Leave a Comment