DigitalOcean Joins MANRS Initiative to Combat Routing Security Threats

Posted 2020-12-17  in News
blog header

Today we are pleased to announce that DigitalOcean has joined the Mutually Agreed Norms for Routing Security (MANRS) initiative for CDN and Cloud Providers to reduce common routing security threats. The initiative, supported by the Internet Society, outlines actions network operators should take to improve the resilience and security of routing infrastructure.

The continued improvement of core internet security and stability is not only critical for our customers, but it is essential for our internet network peers and the community at large. In the first three days of December alone, the number of routing incidents — including route misoriginations and leaks — in the world surpassed 700. MANRS works to combat this prominent issue by bringing together a large group of industry stakeholders, which now includes DigitalOcean. By joining the initiative, we agree to follow specific guidelines to increase our routing security to ultimately help make the internet safer for both businesses and consumers.

Since the very beginning, cooperation has been at the heart of how the internet has operated. Whole new protocols, enhancements to existing protocols and the development of common standards continue to improve the network of networks. The passion and energy of thousands of engineers across the globe is focused on making incremental improvements to key infrastructure so that the Internet continues to enable new and exciting technological advancements. Many of these experts voluntarily work on these issues because they understand the deep technical complexities and the risks they pose to internet security and availability. 

Routing security threats have the potential to be detrimental to a business’s bottom line. However, with standardized controls and guidelines like MANRS, incidents can not only be reduced, but prevented. As more companies and cloud service providers adopt these controls, the fewer incidents and less damage there will be.

The technical steps MANRS outlines for cloud service providers to follow are:

  • Filtering: prevents the propagation of incorrect routing information. This technique provides assurance against configuration errors that can lead to “hijacking” traffic directed to other networks, resulting in widespread outages.
  • Anti-spoofing: prevents traffic with spoofed source IP addresses, a practice that can help dramatically diminish the prevalence and impact of distributed denial of service (DDoS) attacks.
  • Coordination: facilitates timely communication and coordination among peers, which is essential for incident mitigation and better assurance of the technical quality of relationships.
  • Global validation: encourages network operators to publish routing data, which is essential for limiting the scope of routing incidents, making the global system more resilient.

"The MANRS initiative shows that when the internet community comes together to create a baseline of routing security for network operators around the world, it is possible to protect the core of the internet," said Aftab Siddiqui, MANRS Project Lead and Senior Manager, Internet Technology, Internet Society. "We are delighted to welcome DigitalOcean, whose conformance with the MANRS actions brings us one step closer to enabling a safer internet for everyone."

“DigitalOcean has long understood the deep value of strong communities, and by joining MANRS our team is taking a necessary step in helping to build a better internet,” said Chris Higgins, VP Infrastructure. “We will be working with our peers to bring these benefits to even more networks.”