The Mutually Agreed Norms for Routing Security (MANRS) initiative on Tuesday announced the availability of a free tool designed to help network operators identify potential issues and improve routing security.
MANRS, a community-driven project supported by the Internet Society, aims to improve internet security and safety for consumers and businesses by requiring members to implement measures meant to enhance the security and resiliency of the routing infrastructure. This includes filtering to prevent propagation of incorrect routing information, anti-spoofing measures to block traffic with spoofed source IPs, coordination and communication between network operators, and global validation for routing information.
Routing-related incidents can have serious consequences. The Internet Society last year reported seeing over 12,000 outages and attacks — this includes spoofing, hijacking and leaks — that resulted in stolen data, revenue loss, and damage to reputation. One of these incidents, caused by a Nigerian ISP, resulted in global Google traffic being routed through Russia, China and Nigeria.
The new online tool released on Tuesday, named MANRS Observatory, helps network operators determine their MANRS compliance level. The tool passively collects data on routing incidents from a number of sources and displays them in a dashboard in an effort to help operators identify problematic areas. The tool allows users to filter incidents based on date, region, country, ASN and pre-defined groups.
“One of the advantages of the MANRS Observatory is that it adds an element of accountability,” said Andrei Robachevsky, Senior Technology Program Manager at the Internet Society. “MANRS is seeing steady adoption, but we need more networks to implement the actions and more customers to demand routing security best practices. The more network operators applying MANRS actions, the fewer incidents happening, the less damage done. Our hope is that the MANRS Observatory will help drive greater participation.”
MANRS currently has over 230 members, including 201 internet service providers (ISPs) and 34 internet exchange points (IXPs). The list includes regional ISPs, Tier-1 carrier networks, universities, cloud providers, and tech giants such as Microsoft and Google.
The MANRS Observatory tool can be used for free by anyone but MANRS members have some advantages.
“Anyone can use the MANRS Observatory, but MANRS participants will have a more in-depth picture as well as reports and other benefits. For full access to the MANRS Observatory, ISPs and IXPs should commit to improving Internet security and join the MANRS initiative. They can do so here,” Robachevsky told SecurityWeek.