Deploy360 23 January 2013

ENISA Report On Secure Routing And Network Resiliency

By Dan YorkDirector, Internet Technology

What is the state of our routing infrastructure and what can be done to make it more secure and resilient?

In July 2010, the European Network and Information Security Agency (ENISA) published a report on this topic called:

It begins with a paragraph that I think will resonate with most of us:

Reliable communications networks and services are now critical for public welfare and economic stability. Intentional attacks on the Internet, disruptions due to physical phenomena, software and hardware failures, and human mistakes all affect the proper functioning of public communications networks. Such disruptions reveal the increased dependence of our society on these networks and their services. A vital part of reliable communication networks is the routing infrastructure.

The report goes on at great length to report on the result of a survey of network operators within the European Union about the use of – or plans to use – secure routing technologies within their networks.  The report is quite useful in the background that it first provides around routing security concerns and some of the proposed solutions.  It then goes into a detailed analysis of the survey results.

While the data is now close to three years old (the interviews were in March/April 2010), many of the points are quite similar to more recent analyses.  A key point I noticed was this:

Overall, the lack of available knowledge and skills in routing security is recognised as a major barrier hindering further improvements in routing security, as became clear both from the online survey and the interviews.

Addressing this point by helping promote more awareness and education around routing security / resiliency is a primary aspect of our new Routing section here on Deploy360!

Overall the report makes for good reading if you are looking to understand more about the topic or “routing resiliency / security.”  There has been a good bit of progress made within some of the working groups mentioned since the time of the report, but the report still provides a solid foundation and background.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...

Improving Technical Security 13 March 2019

IPv6 Security for IPv4 Engineers

It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a...