DigitalOcean has joined the Mutually Agreed Norms for Routing Security (MANRS) initiative for CDN and Cloud Providers to reduce common routing security threats. The initiative outlines actions network operators should take to improve resilience and security. MANRS, supported by the Internet Society, combats routing incidents, including route mis-originations and leaks, by bringing together a large group of industry stakeholders.
Routing security
DigitalOcean agrees to follow specific guidelines to increase its routing security by joining the initiate. With standardized controls and guidelines like MANRS, incidents can be prevented. The technical steps MANRS outlines for cloud service providers to follow are:
- Filtering: prevents the propagation of incorrect routing information. This technique provides assurance against configuration errors that can lead to “hijacking” traffic directed to other networks, resulting in widespread outages.
- Anti-spoofing: prevents traffic with spoofed source IP addresses, a practice that can help dramatically diminish the prevalence and impact of distributed denial of service (DDoS) attacks.
- Coordination: facilitates timely communication and coordination among peers, which is essential for incident mitigation and better assurance of the technical quality of relationships.
- Global validation: encourages network operators to publish routing data, which is essential for limiting the scope of routing incidents, making the global system more resilient.
Aftab Siddiqui, MANRS Project Lead and Senior Manager, Internet Technology, Internet Society, said,
“The MANRS initiative shows that when the internet community comes together to create a baseline of routing security for network operators around the world, it is possible to protect the core of the internet. We are delighted to welcome DigitalOcean, whose conformance with the MANRS actions brings us one step closer to enabling a safer internet for everyone.”