The Mutually Agreed Norms for Routing Security (MANRS) is a global community-driven initiative. In 2014, a small group of network operators recognised the need to join forces to improve the security and resilience of the Internet’s global routing system, and with support from the Internet Society, MANRS was born.

Since then, the MANRS community has grown and expanded to empower and support not only network operators,[1] but also Internet exchange points (IXPs),[2] and content delivery network (CDN) and cloud providers[3] to take MANRS actions and reduce common routing threats.[4]

The COVID-19 pandemic has highlighted the importance and urgency for a secure and resilient Internet to ensure that families stay connected, patients receive care, students continue to learn, businesses continue to operate, and regulators, companies and researchers can collaborate in vaccine development and distribution. MANRS is accelerating progress towards securing the global Internet for everyone.

MANRS at a Glance

MANRS aims to become a self-governed community of network operators, IXPs, CDNs, cloud providers and partner organisations,[5] that drives global adoption of MANRS actions and improvements in routing security. Efforts towards achieving this goal include providing reliable tools[6] for compliance and measurement including the MANRS Observatory,[7] building capacity of network engineers through training[8] and fellowship[9] programmes, and advocating for policies that strengthen routing security.

The MANRS Observatory, launched in August 2019, is a web-based tool that collates publicly available data sources including BGPStream, the CIDR Report, CAIDA Spoofer Database, Regional Internet Registry Whois and IRR databases, and PeeringDB to view routing incidents and check general routing health. The Observatory brings increased transparency to routing operations, and sheds light on trends in routing security globally, regionally and for individual networks so that improvements are made based on evidence.

In early 2020, the MANRS Advisory Group[10] was established to represent the rapidly growing MANRS community, move MANRS towards a self-governed community, and provide advice on the increasing number of decisions that need to be made, including conformance criteria, participation and response to major routing incidents.

Our Impact in 2020

Decrease in number of routing incidents

Figure 1. MANRS networks and routing incidents

The number of reported routing incidents has been decreasing from more than 5,000 in 2017 to below 4,000 at the end of 2020, while the number of MANRS participants has been increasing (Figure 1).

While we cannot claim direct causation, we can attribute fewer routing incidents to the increasing number of network operators implementing best routing practices.

In 2020, MANRS participants have almost doubled from 317 participants at the beginning of the year to 588 participants managing 651 autonomous systems from over 60 countries across all continents, as of December 31, 2020.

The MANRS participants are made up of:

  • 510 network operators
  • 62 IXPs
  • 16 CDN and cloud providers

MANRS shows that when the community comes together to create a baseline for routing security, we can protect the core of the Internet. The rapid growth of the community also shows there is a growing sense of shared responsibility among network operators. The interconnected nature of networks means that many solutions only work when other networks make the same improvements. Since no single operator can go it alone, it is through collective actions, like MANRS, that progress is made.

CDNs and cloud providers are on board in securing routing

MANRS launched a new programme[11] in March for CDN and cloud providers in collaboration with eight founding participants: Akamai, Amazon Web Services, Azion, Cloudflare, Facebook, Google, Microsoft and Netflix. By the end of 2020, eight more CDN and cloud providers joined the programme. Since over half of all web traffic is served over CDNs, they play a crucial role in securing Internet routing.

Several CDN and cloud provider participants formed a task force[12] in September to strengthen the programme and produce a bigger impact on securing routing. The task force, made up of Akamai, Amazon, Azion, Cloudflare, Comcast, Facebook, Google, Microsoft, Netflix, Verisign and Vultr, is working on additional actions operators can take and how those commitments can be integrated into existing CDN and cloud providers’ actions.

CSIRTs are also coming on board

In 2020, MANRS actively engaged with the community of Computer Security and Incident Response Teams (CSIRTs) to raise awareness about the importance of including routing security in their service portfolios.[13] We presented the MANRS initiative and demonstrated the MANRS Observatory during the 32nd Annual FIRST Conference in November. The Forum of Incident Response and Security Teams (FIRST) is a global forum of over 500 CSIRTs and its annual conference is the pre-eminent event bringing together those working to prevent and mitigate network security incidents. MANRS has offered Observatory accounts to all FIRST-accredited CSIRTs.

In May, Team Cymru,[14] a member of FIRST, was the first cybersecurity team to join MANRS and has helped increase the visibility of routing security issues among CSIRTs. Having Team Cymru as part of the MANRS community is also an important step in adding routing security information to existing data sources such as the MANRS Observatory, since many organisations around the world use Team Cymru data feeds to actively identify and block threats to their networks and to analyse malicious activities on the Internet.

Widening reach and building capacity through partnerships

In 2019, MANRS created six self-paced tutorials[15] that offer network engineers implementation guidance on the MANRS actions. For individuals participating in the tutorials, MANRS provides one-on-one support through MANRS Clinics and email.

In the effort to accelerate adoption of MANRS actions, we focused on building strategic partnerships in running instructor-led training workshops[16] for groups that combine self-paced modular learning with an opportunity to practically apply MANRS principles in a virtual environment through the MANRS Lab.

A global training workshop was held in March for 91 participants from 75 Internet Society Chapters, which resulted in the Chapters organising local events in collaboration with MANRS ambassadors and fellows to raise awareness about MANRS and develop capacity in implementing MANRS actions (see Section 5 for more details).

In Africa, the Rwanda Internet Community and Technology Alliance (RICTA) and UbuntuNet Alliance joined hands with MANRS to organise the MANRS training workshop over three weeks. In April, RICTA[17] conducted training for 15 local network engineers and operators, and in July, UbuntuNet Alliance[18] conducted training for 18 network engineers from various national research and education networks (NRENs) in eight African countries.

[We] implement these training workshops to empower our network engineers with the required skills to safeguard their networks. Next, we will be following up with the trainees to deploy these best practices and ensure that their NRENs become MANRS members.



Wilson Wasswa, Network Engineer,
UbuntuNet Alliance

I am impressed with the flexibility and convenience of the training especially during the COVID-19 pandemic as participants were still able to do both theoretical and hands-on simulations online.



Lilian Maina, Network Engineer,
Kenya Research and Education Network

I highly recommend this training course because the knowledge and practical information we learned from this course can help in improving the security posture of your organisation while reducing the negative impact of common routing incidents. Moreover, this course helps build personal skills useful in our profession as network engineers. We are the builders of the Internet, and it is important that we work together.

Arthur Tumwesigye, Network Engineer, Research and Education Network for Uganda

MANRS partnered with the Network Startup Resource Center (NSRC)[19] in the development of a detailed video series focused on Internet routing called BGP for All,[20] partially funded by the Internet Society and the National Science Foundation. The video series has a section on MANRS with video clips on each MANRS action.

NSRC has a distributed team of network engineers and trainers across the globe, and we plan to deepen our collaboration in the coming years by: updating the MANRS implementation guidelines[21] for network operators and creating a MANRS implementation guide for IXPs; producing additional technical education video content about routing security and MANRS best practices; and jointly delivering routing security workshops.

Figure 2. An online event organised through partnership with ASREN

Additionally, MANRS has formalised new partnerships during 2020 with AFRINIC (the regional Internet registry for Africa), Asia Pacific Network Operators Group (APNOG),[22] Arab States Research and Education Network (ASREN),[23] Euro-IX[24] and Global Cyber Alliance[25] to raise awareness about MANRS among their members, build capacity and increase adoption of MANRS actions. Throughout 2020, MANRS has been collaborating with APNIC in delivering training on routing security, and the MANRS Routing Security Course is one of a number of free online courses available on the APNIC Academy.[26]

Advocacy for MANRS actions

A clear win for MANRS is recognition of our community by the World Economic Forum (WEF).[27] In January, WEF released a report recommending that Internet service providers (ISPs) strongly consider joining MANRS and implementing MANRS actions to improve the security of the global routing system.

Our advocacy efforts were directed at a variety of groups, including telecom operators in Australia and New Zealand through Communications Day,[28] and in the SAMENA region[29] through the SAMENA Telecommunications Council.[30] We also worked with Cybera[31] to advocate for MANRS actions among their research and education networks.

Senator Kimberley Kitching, the Deputy Chair of Senate Committee on Foreign Affairs and Defense of Australia picked up the article in Communications Day and asked the Security Agency of Australia to advise Australian telecommunications companies on the deployment of the Resource Public Key Infrastructure (RPKI).

On December 10, China Telecom announced that it joined MANRS.[32] Given that the United States Federal Communications Commission launched a proceeding on revoking China Telecom’s authorisations on the same day, the announcement was picked up by several channels, including Next TV,[33] London Tribune,[34] Inside Towers[35] and Cyber Wire.[36] MANRS worked closely with China Telecom engineers for over a year to implement the MANRS actions. We hope that this will become a business case for improving routing security.

MANRS has actively used its website and social media in advocacy through Facebook,[37] Twitter[38] and YouTube[39] since 2014 but during 2020 in particular, we stepped up our efforts to increase engagements on social media. By the end of the year, we had a total of 2,057 followers on Twitter, almost half (938) of whom joined in 2020. In 2020, we posted 628 tweets, resulting in over 2,000 retweets and 5,600 likes. The MANRS Twitter page had on average about 6,000 unique visitors each month during 2020.

On our website our team, partners, fellows, ambassadors and MANRS advocates posted a total of 50 blogs.[40] There were several major routing incidents in the global border gateway protocol (BGP) routing system in 2020, including in April[41] and July,[42] and MANRS took these opportunities to advocate for MANRS actions. MANRS blogs on these major routing incidents reached over 20,000 hits.

Our Community

The MANRS community is comprised of participants, partners, ambassadors and fellows.

As of December 31, there were 588 MANRS participants made up of network operators, IXPs, and CDN and cloud providers implementing MANRS actions. The network operators secure customer-provider interconnections, while IXPs, CDNs and cloud providers create a secure network peering environment and encourage good routing practices from their members, customers and partners. MANRS partners do not necessarily operate networks but actively support MANRS goals.

Here are what some of the participants and partners have said about MANRS in 2020.[43]

Participants

ASREN joins MANRS to improve our security proficiency and commitment to our customers. As a network operator, it is our responsibility to ensure a robust and secure routing infrastructure around the world.

Hadia Yaseen, Network Assistant Engineer, ASREN

SAIX believes Internet routing security is important and needs the contribution of all entities and we hope to do our part. Joining MANRS is a step forward in implementing more Internet reliability and security.

Ahmed Dakroury, Network Consulting Engineer, SAIX

Our guiding purpose is to create connections that empower people to thrive and as founder of the MEX-IX peering platform, this means doing our part to protect the Internet from routing threats. That is why MDC is committed to assist all members of the MEX-IX community in implementing the MANRS programme actions. Together we can make the Internet safer for everyone.


Rene Hernandez, MDC

MANRS began as a collaboration among network operators and IXPs, with Verisign formally becoming a participant in its Network Operator Programme in 2017. Since then, with the help of Verisign and other MANRS participants, the initiative has grown to also include CDN and cloud providers. Verisign deepened its commitment to MANRS by becoming an official participant in its newly launched CDN and Cloud Programme.

Yong Kim, Vice President of Cyber Strategy and Research, Verisign

REANNZ, New Zealand’s National Research and Education Network, is proud to be the first network operator in New Zealand to join MANRS. Alone we’re only able to accomplish so much, but as participation of collaborative routing security initiatives such as MANRS increases, so does the security and reliability of the Internet as a whole.

Aaron Murrihy, Senior Network Engineer, REANNZ

We joined MANRS because we believe in the community of the Internet and the potential it creates. MANRS captures the spirit of efficient and safe networking and shows that when the community comes together, and when there is a growing sense of shared responsibility, we can protect the core of the Internet.

David Monnier, Director of Client Success, Team Cymru

There needs to be some security standards when connecting networks together, and that’s where MANRS comes in. We figure, there are no organisations more integral to the Internet than IXPs, and the reason PhillyIX wanted to join MANRS was to become part of the solution, rather than perpetuate the problem.

Tom Duff, Board President, PhillyIX

We worked with the MANRS community to update [routing security] standards and we are excited to join with other MANRS members in implementing them … We thank MANRS and Internet Society for bringing the Internet community together on this important subject and being the driving force for accelerating Internet security.

Albert Greenberg Corporate Vice President, Azure Networking

Being MANRS compliant not only improves our routing security capabilities, but has the potential to help other networks improve theirs, and is an opportunity for Akamai to make a significant contribution to the improvement of global routing security.

Christian Kaufmann, Vice President Network Technology, Akamai

Being MANRS compliant is an opportunity for Vultr to help our peering partners improve their security while contributing to a more resilient and trustworthy Internet for everyone.


Tomas Lynch, Senior Network Architect, Vultr

Partners

MANRS has a total of 16 partners, five of whom joined in 2020 – AFRINIC, APNOG, ASREN, Euro-IX and Global Cyber Alliance. ASREN and Internet 2 increased their participation in MANRS in 2020 by being both a partner and a network operator participant.

The Internet2 community is increasing participation in MANRS because routing security is a growing area of concern for network operators around the globe. … Taking part in MANRS and the Internet2 community’s efforts connects you with a community of security-minded professionals and organisations committed to making the global routing infrastructure more robust and secure.

Steve Wallace, Security Architect, Internet2

Strengthening our partnership helps us build a better understanding of Internet security policy, technology and risk prevention amongst stakeholders. We look forward to sharing more ideas and experiences and collaborating on other projects that will bring about a better Internet for us all.

Terry Wilson, Global Partnership Officer, Global Cyber Alliance

We run APRICOT to cultivate the skills and understanding needed to develop a robust Internet infrastructure across the Asia-Pacific region – a goal also strongly supported by the MANRS community and the Internet Society. The partnership will let us work more closely together, and I look forward to MANRS playing an increasingly important role among key Internet builders in the region.

Philip Smith, Director, APNOG

MANRS Ambassadors and Fellowship Programme

In 2020, a new MANRS programme[44] brought together ambassadors and fellows to make the global routing infrastructure more robust and secure. Ambassadors[45] are representatives from current MANRS participants who provide mentorship, guidance and feedback to fellows in the routing security community. Fellows[46] are emerging leaders who believe that routing security is essential and are ready to contribute to its improvement. Fellows work with ambassadors to improve their skills in the areas of training, research or policy analysis. In 2020, over 400 candidates applied for the programme from which we selected 13 fellows to work with 4 ambassadors. They are all from different countries, representing all continents. Meet the ambassadors and fellows and see what some of them have to say about their experience with MANRS.

Ambassadors

Anirban Datta works for Fiber@Home Global Ltd. in Bangladesh. His role is to establish international links and points of presence in different parts of the world. He is also involved with many NOGs like bdNOG, SANOG and INNOG. As an instructor, he helps to improve the technical knowledge of the local community.

Read his blogpost on MANRS.

Flavio Luciani has a Master’s degree in computer engineering from Roma 3 University. He has worked with Namex since 2008. He supervises the technical and infrastructural development of the IXP, first as a technical staff, and from March 2020, as Chief Technology Officer.

Read his blogposts on MANRS.

Boris Mimeur is the Vice President of Engineering Operations at CENGN in Canada. He leads the development of secure hybrid cloud platforms that enable test and validation for new products and technologies. In the last two years, Boris has supported the promotion of security in BGP routing through partnerships with multiple Canadian telecom service providers. He has also contributed to the development of the IXP/CXP for the Ottawa Gatineau region.

Sanjeev Gupta co-founded DCS1 in Singapore in 2009 to provide niche consulting services in the enterprise IT architecture arena. His teams have focused on data centres, routing, BGP propagation and IPv6 deployment. Prior to DCS1, Sanjeev had 15 years of experience as Chief Technology Officer for multinational corporations, running large networks at high operational efficiencies.

Fellows

Training Fellows

Hiba Eltigani is a founding member of the Sudan NOG and serves as a member of its executive committee since 2014. She worked as an IP Analyst at AFRINIC and was the leader of the team managing SUDATEL’s core IP network. She also worked as a regulatory affairs professional in both MTN and Zain. Read her blogposts on MANRS.

“MANRS Fellowship provided me with a unique opportunity to interact with a broader community and further explore routing security concepts. These interactions and the related preparations pushed me to examine routing security from different perspectives to make it more relatable to the audience and find a point of connection.”

Muzamer Mohd Azalan is currently the Manager of Network Service IP Operation for Telekom Malaysia. He is a community training volunteer for APNIC, and has led projects related to Remote Trigger Blackhole, CGNAT, VCPE, CORE Network Integration and Global Deployment.

“The best part about this programme, aside from being able to contribute to my community, is connecting with lots of senior and talented engineers and working with a great team.”

Zobair Khan has been working at Fiber@Home in Bangladesh since 2010 with responsibilities in capacity planning, upstream coordination and troubleshooting. He started his career with Transmission Network and previously worked with Cisco, Huawei, Infinera, Juniper, LS Cable and Tejas.

“It was an insightful ride as I came close to many operators and had discussions regarding their network security. I tried to reach different communities by taking part in different NOG events. I presented in bdNOG and btNOG, … and hopefully in SANOG36 in January 2021. I also had a session with local universities to raise awareness [about MANRS]. I arranged a couple of sessions with different NOG participants and network operators, and few of them have applied for MANRS.”

Carmen Denis Polanco is currently the Project Director of the IXP Yucatan, and Coordinator of the Center for Women in Technology in Mexico. She has a degree in Computer Science and 26 years of experience in network interconnection technologies, IT infrastructure and the Internet.

Read her blogpost on MANRS.

Lia Solis Montaño is currently working in Bolivia’s major telecommunications company, ENTEL S.A. as a Core Professional responsible for managing security incidents reported at the ISP level. She has a degree in Systems Engineering, a diploma in Higher Teacher Education and more than 15 years of experience working in the field of the Internet.

Michelle Opiyo is curently working as a Senior Network Engineer at Workonline Communications. Prior to that she served in various capacities at the national research and education network of Kenya (KENET). She volunteers as a trainer for various regional technical forums and NOGs where she trains and mentors engineers.

Read her blogpost on MANRS.

Ram Krishna Pariyar is working at Subisu Cablenet as Senior Network Engineer since 2008. Before joining Subisu, he worked at Prime College as Cisco Academy Instructor and System Administrator for six years. He has also served as Training Coordinator for the Internet Society Nepal Chapter.

Research Fellows

Augusto Luciano Mathurin is an Argentinian Information Systems Engineer. He is a Teacher at Universidad Tecnológica Nacional Santa Fe, Co-Founder of Virtuágora and Chief Technology Officer of Lyris IT. He is also Internet Society’s 25 under 25 awardee.

Alfred Arouna joined Simula Metropolitan Center for Digital Engineering in September 2019. He is currently working at the Center for Resilient Networks and Applications as Research Engineer for the GAIA project. Prior to working at Simula, he worked for over 10 years in the ISP industry, first as a developer and then as a system and network administrator.

Dr. Bahaa Al-Musawi is a Lecturer at the University of Kufa, Iraq, and the Manager of Computers and IT Consultant Bureau at the Information Technology Research and Development Center. He received his BE and ME degrees in 2003 and 2005, respectively, from the University of Technology, Iraq and his PhD degree in 2018 from Swinburne University of Technology in Australia.

Ben Scott made the decision to enter research and academia after working with government and corporations in many broad areas of risk, governance and security. He has an MSc (Cybersecurity) from Edith Cowan University and is a PhD Candidate (Cybersecurity). He is currently completing his CCNA (Cisco) Instructor training and works as a Cybersecurity Lecturer with Southern Cross University.

Policy Fellows

Paola Perez is a Cybersecurity Engineer at the Center for Women in Technology in Venezuela. She was the first female Chair on the Internet Policy Development Process in LACNIC for two years, and was Vice President of the Internet Society Venezuela Chapter for two years. She has an MSc degree in Cybersecurity.

Dr. Sami Salih is an ICT Regulation Expert with more than 15 years of engagements with the Saudi Telecommunications Company, the Sudanese Telecommunications Regulatory Authority and the Sudanese Education and Research Network. He is an active participant and contributor to various forums including SDIPv6TF, SDNOG, AFRINIC, ITU, ICANN, ASREN and UbuntuNet Alliance.

“This programme has allowed me to study and research about routing security, and given me the time to understand the complex topics behind it. Also, it gave me the opportunity to meet great people. I admire the knowledge and work done by other fellows. We as a group, delivered interesting articles about RPKI, and tools to understand it through its RFCs. Personally, I appreciate the chance to post on the MANRS blog. It was a wonderful experience for me.”

Augusto Luciano Mathurin

Our Initiatives

MANRS Ambassadors and Fellowship Programme

Figure 3. Results overview of MANRS Training Team

The 4 ambassadors and 13 fellows were involved in many activities in collaboration with Internet Society Chapters,[47] Special Interest Groups[48] and various organisations around the globe. MANRS Training Fellows conducted a total of 58 regional and national workshops reaching over 1,400 network operators in 17 different countries[49] and 13 NOG and IXP communities[50] across all continents.

Figure 4. MANRS Training Team in action

The Colombia Chapter, for example, worked with MANRS fellows to organise a series of activities and events on routing security for Chapter members and the ISP community through a grant from the Internet Society Foundation. In Jamaica, a MANRS workshop was organised for over 228 members of the Jamaica Chapter, involving the MANRS team and fellows. In addition, regional training for Asia-Pacific, European and Latin America Chapter members were organised.

Besides capacity building, there were a number of research and policy initiatives, such as the incorporation of MANRS actions in the International Telecommunication Union Study Group 17 on Security; involvement in the Internet Engineering Task Force Requests for Comments (RFCs) related to BGP and RPKI; and development of a white paper on MANRS and the United Nations Cyber Norms, a policy brief for NRENs, research on route origin authorisation policy and RPKI deployment, and blogs on various routing security issues.

MANRS Observatory Improvements

The MANRS Observatory[51] is a free online tool that monitors the state of routing security and resiliency. All participants of MANRS have access to Observatory accounts to measure their MANRS readiness and quickly identify problematic areas to help them improve the security of their networks.

In February[52] and November[53] new features were released based on community feedback. They include: 

  • More granular data and shorter reporting cycle to reflect changes on a daily basis (instead of monthly updates).
  • New “aspirant account” to provide insight for prospective MANRS participants to improve the quality of network and help implement the MANRS actions. There are currently 13 aspirant accounts and 17 partner accounts.
  • Improved search, filter and sharing functions that make MANRS Observatory more informative and easy to use.

Continuous improvements are envisaged, including plans to work on improving MANRS Observatory data sources, data collection and verification with the University of Oregon RouteViews BGP monitoring infrastructure.

Events

Throughout 2020, MANRS organised and participated in over 130 events to engage with the community, including online Tech Talks with industry leaders, MANRS community meetings, webinars, tutorials and workshops. More than 2,000 network professionals completed tutorials and workshops on MANRS and routing security.

The InterCommunity 2020[54] on securing global routing held online in June with support from the Internet Society brought together over 200 participants and five guest speakers who discussed the accomplishments, challenges and future of routing security. In addition, the MANRS team was present in local, regional and global events such as the FIRST Virtual Event, Virtual School on Internet Governance, Indigenous Communities Summit, Asia Pacific Regional Internet Conference on Operational Technologies (APRICOT), LAC DNS Forum and many of the NOG events.

Figure 5. MANRS Team at APRICOT 2020

APRICOT 2020 was one of the few face-to-face events that MANRS participated in before countries imposed lockdown measures. The MANRS Community Meeting at APRICOT 2020 was attended by about 50 participants, and we co-organised the RPKI Deployathon[55] in partnership with JPNIC, APNIC and NSRC, allowing participants to deploy RPKI and route validation in a safe, simulated lab environment. In October, MANRS signed a Memorandum of Understanding with APNOG to support APRICOT’s Fellowship Programme.

Challenges and Lessons Learned from the COVID-19 Pandemic

Lockdown and movement restriction measures imposed during the COVID-19 pandemic led to the cancellation of many events, especially during the first half of the year, which disrupted our plans for outreach and community engagement. As a team, we quickly adjusted our plans and prepared a strategy for moving our awareness raising and capacity building initiatives online. For instance, we transformed the MANRS training materials that are normally used for face-to-face courses into an engaging and interactive online course. We worked closely with our partners to run online instructor-led training workshops that combine self-paced learning with the online MANRS lab, which worked very well (see Section 3), and we plan to continue delivering these online training workshops with our partners in the coming years.

We also organised a series of webinars and online community meetings, and participated in relevant online events to promote MANRS uptake as well as ensure continuous engagement with the MANRS community. We ramped up our social media engagement, especially on Twitter where many existing and potential MANRS participants are connecting, and we developed a series of educational blogs on network security basics[56] and threads on how routing security is like online dating,[57] and participated in podcasts.[58]

The experience has been a steep learning curve for the MANRS team, but we have also achieved unprecedented results through our online strategy with record number of MANRS participants joining in 2020. Moving forward, we will continue to explore new online event and training structures to maximise participation and create a supportive environment for learning and sharing of experience on routing security.

Looking Ahead

MANRS will continue to advocate participation among network operators, IXPs, and CDN and cloud providers, and their uptake in implementing routing security measures in the effort to reduce the number of routing incidents by 10% by the end of 2021. Looking ahead in 2021, we will also be working with equipment vendors in a new programme.

More specifically, we will target the following as evidence of broader uptake in routing security:

  • A 10% increase of existing MANRS participants creating route origin authorisation, which shows they support cryptographic validation of IP address ownership;
  • A 5% increase of existing MANRS participants implementing route origin validation, which shows they are checking that a given network is authorised to announce routes to a given IP address range; and
  • A 30% improvement in MANRS participants’ conformance from three months before joining MANRS and three months after, showing that MANRS participants and the MANRS governance structure work well to keep networks clean over time, and not just when they apply and first join.

We plan to continue offering leadership initiatives, such as the MANRS Ambassador and Fellowship Programme, building strategic partnerships to expand our outreach and engage with different communities, and enhancing capacity in routing security among network engineers around the globe. Together with the MANRS Advisory Group, we will also work towards MANRS becoming a self-governed community.

Routing security is vital to the future and stability of the Internet. Join us[59] in protecting the Internet ecosystem.

Annex: Media Mentions about MANRS in 2020

Aaron Murrihy, “Securing the routing of New Zealand’s Research and Education sectors,” REANNZ, October 20, 2020, https://www.reannz.co.nz/news-and-events/securing-the-routing-of-new-zealands-research-and-education-sectors.

Alain Durand, “Resource Public Key Infrastructure (RPKI) Technical Analysis,” ICANN, September 2, 2020, https://www.icann.org/en/system/files/files/octo-014-02sep20-en.pdf.

Albert Greenberg, “Microsoft introduces steps to improve internet routing security,” Microsoft Azure, December 9, 2020, https://azure.microsoft.com/en-us/blog/microsoft-introduces-steps-to-improve-internet-routing-security/.

ASREN, “ASREN Joins MANRS to Improve Routing Security,” November 17, 2020, https://asrenorg.net/?q=content/asren-joins-manrs-improve-routing-security.

Bart Hogeveen, “Which practices help us maintain a secure cyberspace in the Asia Pacific?” APNIC, November 26, 2020, https://blog.apnic.net/2020/11/26/which-practices-help-maintain-secure-cyberspace-asia-pacific/.

Bhadrika Magan, “Event Wrap: InterCommunity 2020 — Securing Internet routing,” APNIC, July 23, 2020, https://blog.apnic.net/2020/07/23/event-wrap-intercommunity-2020-securing-internet-routing/.

Bikash Koley and Royal Hansen, “Expanding our commitment to secure Internet routing,” Google Cloud, December 3, 2020, https://cloud.google.com/blog/products/networking/how-google-is-working-to-improve-internet-routing-security.

China Telecom, “Press Release: China Telecom Joins MANRS,” December 10, 2020, https://www.prnewswire.com/news-releases/china-telecom-joins-manrs-301190973.html.

Ed Wright, “BGP Routing Needs To Mind Its MANRS,” Teridion, https://www.teridion.com/bgp-routing-mind-manrs/.

Edward Lawrence, “The cost of Internet access – and the importance of IP transit,” ITWeb, December 10, 2020, https://www.itweb.co.za/content/JN1gPvOYlwRMjL6m/zlP3gQ2qGRMnRD1W.

Howard Solomon, “Content delivery networks, cloud providers can now join routing security group,” IT World Canada, March 31, 2020, https://www.itworldcanada.com/article/content-delivery-networks-cloud-providers-can-now-join-routing-security-group/429145.

Internet Association of Australia, “IAA to Join the MANRS Community,” February 27, 2020, https://www.internet.asn.au/2020/02/iaa-to-join-the-manrs-community/.

Joe Topjian, “Global validation (on the networking scale),” Cybera, October 14, 2020, https://www.cybera.ca/global-validation-on-the-networking-scale/.

Internet Society Uganda Chapter, “Global Routing Security – BGP/Prefix Hijacking Demo,” June 16, 2020, https://isoc.ug/index.php/2020/06/16/global-routing-security-bgp-prefix-hijacking-demo/.

Kelly Jackson Higgins, “Major Cloud, CDN Providers Join Secure Routing Initiative,” April 1, 2020, https://www.darkreading.com/perimeter/major-cloud-cdn-providers-join-secure-routing-initiative/d/d-id/1337458.

Kieren McCarthy, “Watch your MANRS: Akamai, Amazon, Netflix, Microsoft, Google, and pals join internet routing security effort,” The Register, March 31, 2020, https://www.theregister.com/2020/03/31/manrs_cdns/.

Lily Hay Newman, “A Broken Piece of Internet Backbone Might Finally Get Fixed,” Wired, December 2, 2020, https://www.wired.com/story/bgp-routing-manrs-google-fix/.

Lindsey O’Donnell, “Cloud Providers, CDNs Team Up to Battle Internet Routing Attacks,” Threatpost, April 3, 2020, https://threatpost.com/cloud-cdns-team-internet-routing-attacks/154434/.

Luca Sani, “One year of BGP (in)security,” APNIC, July 3, 2020, https://blog.apnic.net/2020/07/03/one-year-of-bgp-insecurity/.

Lucas Chihinga Tjimango, “Internet Routing,” Internet Society Namibia Chapter, https://isocnamibia.org/news/internet-routing/.

Md Abdul Awal, “Local awareness and assistance is key to RPKI success,” APNIC, April 8, 2020, https://blog.apnic.net/2020/04/08/local-awareness-and-assistance-is-key-to-rpki-success/.

Md Abdul Awal, “ইন্টারনেটের MANRS মেনে চলুন,” BGD e-GOV CIRT, https://www.cirt.gov.bd/internet-manrs/.

MDC, “Make the internet more resilient, join the MANRS initiative,” August 28, 2020, https://www.mdcdatacenters.com/company/blog/make-the-internet-more-resilient-join-the-manrs-initiative/.

Melchior Aelmans, “My 2021 Goals for a Better and Safer Internet,” LinkedIn, January 6, 2021, https://www.linkedin.com/pulse/my-2021-goals-better-safer-internet-melchior-aelmans/.

Pier Carlo Chiodi, “Good MANRS for IXPs route servers made easier,” Pierky’s Blog, December 11, 2020, https://blog.pierky.com/good-manrs-for-ixps-route-servers-made-easier/.

Renato Mota, “Uma parte da internet está quebrada, mas um grupo quer consertá-la; veja como,” December 3, 2020, https://olhardigital.com.br/2020/12/03/noticias/uma-parte-da-internet-esta-quebrada-mas-um-grupo-quer-conserta-la-veja-como/ (Portuguese).

RENU, “Press Release: RENU Joins MANRS,” October 15, 2020, https://renu.ac.ug/assets/docs/RENU_PRESS_RELEASE-MANRS.pdf.

Steven J. Vaughan-Nichols, “Content Delivery Networks and clouds join MANRS internet security effort,” ZDNet, March 31, 2020, https://www.zdnet.com/article/content-delivery-networks-and-clouds-join-manrs-internet-security-effort/.

Steven Wallace, “Coming in 2021: Routing Resources for Network Engineers,” Internet2, December 16, 2020, https://internet2.edu/coming-in-2021-routing-resources-for-network-engineers/.

Steven Wallace, “Internet2 Community Completes Network Routing Policy, Publishes Plan,” Internet2, September 28, 2020, https://internet2.edu/internet2-community-completes-network-routing-policy-publishes-plan/.

Steven Wallace, “Update on Resource Public Key Infrastructure Progress,” Internet2, May 27, 2020, https://www.internet2.org/blogs/detail/17736.

Team Cymru, “Press Release: Team Cymru First Cybersecurity Partner to Join MANRS to Improve Routing Security and Keep the Internet Safe,” May 28, 2020, https://www.prweb.com/releases/team_cymru_first_cybersecurity_partner_to_join_manrs_to_improve_routing_security_and_keep_the_internet_safe/prweb17153657.htm.

Tim Raphael, “DigitalOcean Joins MANRS Initiative to Combat Routing Security Threats,” DigitalOcean, December 17, 2020, https://www.digitalocean.com/blog/digitalocean-joins-manrs.

UbuntuNet Alliance, “NREN engineers hail MANRS training workshop,” September 1, 2020, https://ubuntunet.net/2020/09/nren-engineers-hail-manrs-training-workshop/.

Yong Kim, “Verisign Expands MANRS Relationship to Strengthen Global Routing Security,” Circle ID, June 25, 2020, http://www.circleid.com/posts/20200625-verisign-expands-manrs-relationship-for-global-routing-security/.


Endnotes

[1] https://manrs.org/isps/

[2] https://manrs.org/ixps/

[3] https://manrs.org/cdn-cloud-providers/

[4] MANRS actions are the compulsory and recommend actions that MANRS participants should be taking to improve the security and resilience of the Internet global routing system. There are defined actions for network operators, IXPs and CDN/cloud providers.

[5] Partner organisations do not operate a network but actively support MANRS goals – https://manrs.org/about/partners/

[6] https://manrs.org/resources/

[7] https://observatory.manrs.org/#/about

[8] https://manrs.org/resources/training/

[9] https://manrs.org/ambassadors-programme/fellows/

[10] https://manrs.org/about/advisory-group/

[11] https://manrs.org/2020/03/new-category-of-cdns-and-cloud-providers-join-manrs-to-improve-routing-security/

[12] https://manrs.org/2020/12/we-can-do-more-for-routing-security-say-participants-in-the-manrs-cdn-cloud-provider-programme/

[13] https://manrs.org/2020/12/working-with-csirts-to-improve-routing-security/

[14] https://manrs.org/2020/05/team-cymru-first-cybersecurity-partner-to-join-manrs/

[15] https://manrs.org/resources/training/tutorials/

[16] https://manrs.org/resources/training/workshops/

[17] https://manrs.org/2020/05/rwandan-engineers-complete-hands-on-manrs-training/

[18] https://ubuntunet.net/2020/09/nren-engineers-hail-manrs-training-workshop/

[19] https://manrs.org/2020/12/partnering-with-nsrc-on-manrs-routing-security-training/

[20] https://learn.nsrc.org/bgp

[21] https://manrs.org/isps/bcop/

[22] https://manrs.org/2020/03/working-with-apricot-to-improve-routing-security/

[23] https://asrenorg.net/?q=content/asren-joins-manrs-improve-routing-security

[24] https://www.internetsociety.org/blog/2020/08/partnering-with-euro-ix-on-infrastructure-development-routing-security-and-more/

[25] https://manrs.org/2020/12/partnering-with-global-cyber-alliance-on-open-standards-routing-security-and-more/

[26] https://academy.apnic.net/en/online-courses/

[27] https://manrs.org/2020/01/isps-should-strongly-consider-manrs-to-fight-cybercrime-wef-report/

[28] https://manrs.org/2020/10/major-anz-operators-at-risk-of-traffic-hijack-as-they-lag-on-rpki/

[29] The Indian Subcontinent, Asia, Middle East and North Africa are collectively known as the SAMENA region.

[30] https://www.samenacouncil.org/samena_trends/files/SAMENA_Trends_May_2020.pdf?v2

[31] https://www.cybera.ca/global-validation-on-the-networking-scale/

[32] https://www.prnewswire.com/news-releases/china-telecom-joins-manrs-301190973.html

[33] https://www.nexttv.com/news/china-telecom-touts-security

[34] https://londontribune.co.uk/how-do-you-like-them-apples-the-register/

[35] https://insidetowers.com/cell-tower-news-fcc-begins-process-of-ending-china-telecoms-u-s-operations/

[36] https://thecyberwire.com/newsletters/daily-briefing/9/238

[37] https://www.facebook.com/RoutingMANRS/

[38] https://twitter.com/RoutingMANRS

[39] https://www.youtube.com/channel/UC4v8wZysf5yA9HtoBBmDleg

[40] https://manrs.org/news/

[41] https://manrs.org/2020/04/not-just-another-bgp-hijack/

[42] https://manrs.org/2020/07/big-route-leak-shows-need-for-routing-security/

[43] For more testimonials, see https://manrs.org/about/testimonials/

[44] https://manrs.org/ambassadors-programme/

[45] https://manrs.org/ambassadors-programme/ambassadors/

[46] https://manrs.org/ambassadors-programme/fellows/

[47] https://www.internetsociety.org/chapters/

[48] https://www.internetsociety.org/sigs

[49] Angola, Bangladesh, Bhutan, Bolivia, Botswana, Brazil, Cameroon, Colombia, Italy, Jamaica, Kenya, Malaysia, Mexico, Nepal, Sudan, Uganda and Yemen.

[50] AONOG, BDNOG, BTNOG, CMNOG, EURO-IX, INNOG, ITNOG, LAC-IX, LACNOG, MEXNOG, SANOG, SOMNOG and UGNOG.

[51] https://observatory.manrs.org/#/about

[52] https://manrs.org/2020/02/manrs-observatory-new-release-new-features-new-users/

[53] https://manrs.org/2020/11/new-features-in-manrs-observatory-3-0-1/

[54] https://www.internetsociety.org/blog/2020/08/knowledge-sharing-and-meaningful-conversation-at-intercommunity-2020-securing-global-routing/

[55] https://nsrc.org/blog/rpki_deployathon

[56] https://manrs.org/tag/basics/

[57] https://twitter.com/RoutingMANRS/status/1281583061143113729

[58] https://rule11.tech/the-hedge-podcast-episode-42-andrei-robachevsky-and-manrs/

[59] https://manrs.org/join/