MANRS: Why Critical Mass for Internet Routing Security Matters More than Ever

The Internet was built to trade messages, exchange files and gain remote access. As a result, the early design was focused on solving the technical challenges of moving information quickly and reliably. But few could predict how popular and essential the Internet would become. How society uses the Internet continues to evolve quickly and its global footprint continues to expand rapidly. This, however, has also resulted in a fragmented approach to how we protect it.

As the cost of Internet has become much more affordable, businesses have recognized the opportunity to share information, offer products and services, and complete financial transactions with other businesses and consumers. The Internet is a critical backbone for digital transformation in all industries. The pandemic accelerated the rollout of new products and services leveraging the Internet and its dependence on the Internet will only grow. This shift continues to make the Internet an attractive target for cybercriminals looking for financial gain – we’ve all seen how Internet outages lead to lost revenue, lost customers, and the detriment it can have on brand reputations.

Furthermore, with more bartering and collaboration on the dark web, more organized activities by political groups and terrorist groups, threats are becoming more sophisticated, and we are faced with nation-state attacks and harm to critical infrastructure including water and power grids.

It would have taken enormous foresight to anticipate the current state of the Internet. However, attempts to improve Internet routing security over the years have largely failed due to a lack of collective support and collaboration. Now we’re at an inflection point where critical mass is needed.

The Internet Society established Mutually Agreed Norms for Routing Security (MANRS) to change this. There’s been significant progress to collaboratively define a set of best practices. To accelerate this effort, MANRS established the Equipment Vendor Program earlier this year that further defines technology requirements that align with best practices. Now there’s more collaboration between telecom network operators, the vendor community, and innovators.

Arrcus has deep networking expertise with a strong routing pedigree. Founder and CTO Keyur Patel is a world-renowned expert in Border Gateway Protocol (BGP). He was a Distinguished Engineer at Cisco, currently serves as a IETF co-chair for the Secured Interdomain Routing Operations (SIDROPS) working group, and holds more than 50 patents in the areas spanning Interdomain Routing and Security, Fast Re-Route Technologies, Network Service Chaining, Layer 2 protocols, IPv6, TCP, VPNs, and Routing Virtualization technologies like Optimal Route Reflection.

Co-founder Derek Yeung is an expert in switching and routing technology. He has built world-class routing platforms and has implemented all major routing protocols which have been deployed in Fortune 500 enterprises and major service providers. Derek was a Principal Engineer at Cisco. Derek has authored multiple IETF RFCs in YANG and OSPF, including the OSPF traffic engineering solution. He has designed and implemented all aspects of routing functionalities, including infrastructure components, programmatic API, network virtualization, data model, and both IS-IS and BGP from scratch.

Additionally, Arrcus, with our Arrcus Connected Edge (ACE) platform has delivered a simple network architecture designed for open integration and scalability that is secure, seamless, and delivers the best performance. This is why leading telecom network operations have chosen to work with Arrcus.

We are excited to share that Arrcus has been invited to join the MANRS community to collaborate on developing best practices to secure routing and improve Internet resiliency. We believe our experience in collaboration with Internet experts, innovators, networking equipment vendors, service providers will allow us to greatly improve Internet routing security.

Collectively, we believe this effort to define best practices and set technology requirements will eliminate the guesswork in implementing security and minimizing vulnerabilities. But we also recognize there’s much work to be done and hope that you will join us in making the Internet a safer place for everyone.