Internet2 Security Services

Routing Security

Sharing the responsibility

As critical academic and business functions move to the cloud, routing security becomes a key component of an organization’s IT infrastructure. Internet2 participates in Mutually Agreed Norms for Routing Security (MANRS), a global initiative, supported by the Internet Society, that provides crucial fixes to reduce the most common routing threats.

Generic image of a global network map

Filtering

MANRS says: The network operator defines a clear routing policy and implements a system that ensures correctness of their own announcements and announcements from their customers to adjacent networks. The network operator applies due diligence when checking the correctness of its customer’s announcements, specifically that the customer legitimately holds the ASN and the address space it announces.

Document icon

Coordination

MANRS says: The network operator maintains globally accessible up-to-date contact information. Publicly accessible and up-to-date contact information is essential to promoting communication and collaboration between network operators

Joker card

Anti-Spoofing

MANRS says: The network operator implements a system that enables source address validation and implements anti-spoofing filtering to prevent packets with incorrect source IP address from entering and leaving the network.

IP source address spoofing, in simple terms, means the host pretends to be some other host. This can be exploited in various ways, most notably to execute Denial of Service (DoS) reflection-amplification attacks that cause a reflector host to send traffic to the spoofed address.

Network connection illustration

Global Validation

MANRS says: The network operator is able to communicate to their adjacent networks which announcements are correct and has a publicly documented routing policy. The routing information should be made available on a global scale to facilitate validation. Since the extent of the internet is global, information should be made public and published in a well known place using a common format.

We want to hear from you.

Contact us for more information.