Local service provider, Saicom has become one of only five ISPs in South Africa to become MANRS compliant.
The Internet’s routing information is exchanged between network operators (also known as autonomous systems or AS) using a routing protocol initially designed in the 1980s. The BGP routing protocol is to a large degree a robust reliable protocol; however, it is often the poor implementation of this protocol by network operators which leads to outages and security breaches worldwide. Not a day goes by without incidents affecting the Internet routing system.
Mutually Agreed Norms for Routing Security (MANRS) is a global initiative supported by the Internet Society that aims to reduce some of the most common routing threats associated.
Greg de Chasteauneuf, chief technology officer for Saicom, says: “Our commitment to providing world class services and solutions includes finding ways to comply with the global standards. This certification adds a layer of routing security and stability to our solutions set.”
As part of the compliance to MANRS standards, Saicom has implemented filtering, co-ordination and global validation measures that will not only prevent the propagation of incorrect routing information; facilitate global operational communication and co-ordination between network operators, but also facilitate validation of routing information on a global scale.
“Even accidental routing errors, can have far-reaching impact,” adds de Chasteauneuf. “Like in June this year, when a small company in Northern Pennsylvania became the preferred path for one of the world’s largest network operators Verizon (AS701). This is like routing an eight lane highway of cars down a small dirt road in Zeerust. The Internet came to a grinding halt.”
While this example was accidental in nature, of more serious concern is that of sovereign nations who are intentionally hijacking parts of the Internet for surveillance purposes, and have been suspected of doing so, for several years.
The implementation of the MANRS Actions is geared towards improving both routing security and operational efficiency among network operators and Internet Exchange Points (IXPs) and send a security-forward approach, and value added service to clients.
By looking for MANRS-compliant infrastructure partners, enterprises get increased security and service reliability, at the same time, eliminating common outages and/ or attacks.
De Chasteaueuf concludes: “It is no longer a case of if, but when route safety will be compromised and it occurs almost daily. Route hijacking, route leaks, IP address spoofing, and other harmful activities can lead to DDoS attacks, traffic inspection, lost revenue, reputational damage, and more. These incidents are global in scale, with one operator’s routing problems cascading to impact others.
“By working alongside MANRS and its partners and affiliates, we believe we are a step closer to curbing the severity of the attacks and giving our clients another layer of defence.”