Mutually Agreed Norms for Routing Security (MANRS)

It provides stability to core Internet operations and instills trust in its use. However, routing incidents can seriously affect the flow of Internet traffic, causing incidents such as outages, route leaks, and hijacks. In 2014, a small group of concerned and dedicated experts recognized the need for the international operator community to work together to improve the security and resilience of the Internet’s global routing system. With the support of the Internet Society, Mutually Agreed Norms for Routing Security, or MANRS, was born.

MANRS asks network operators to commit to four simple but concrete actions that address filtering, anti-spoofing, coordination with other operators, and global validation. These four actions provide baseline global security requirements and can be used as a reference point for efforts to enhance the security and stability of the Internet.

MANRS is a true community-driven initiative — it was created by members of the network operator community, for the network operator community. The Internet Society has been proud to support this important work since its beginning, providing hosting for the initiative’s website, managing email lists, and promoting membership.

In 2018, an IXP Programme was launched to broaden support for MANRS, calling on IXPs around the world to work together to implement crucial fixes that can eliminate the most common threats to the Internet’s routing system. In 2019, more than 20 IXPs joined MANRS, from Sweden to Taiwan, Argentina, and Rwanda to Canada.

We also launched the MANRS Observatory in 2019, a vital tool to bring increased transparency to routing operations, and to shed light on trends in routing security globally, regionally, and for individual networks. MANRS participants can view the performance of two thirds of the individual networks worldwide — more than 64,000 — and receive detailed monthly incident reports on their networks. As the number of MANRS members increases and the Observatory evolves, policymakers, security experts, network operators, and other interested parties will be able to better understand the state of routing security and resilience, and make improvements based on evidence.

The global routing and security community has expressed growing interest in MANRS. Even members of the non-technical community recognized the importance of MANRS, including the World Economic Forum (WEF). In its Cybercrime Prevention: Principles for Internet Service Providers report, WEF called on Internet Service Providers to “strongly consider joining the MANRS project and implementing MANRS requirements.”

Most importantly, 2019 saw tremendous growth in the number of network operators and IXPs joining the MANRS movement. With a 113 per cent increase in membership, MANRS had 311 members by the end of the year, up from 146 in 2018.

While the Internet Society will continue to provide administrative support to the MANRS initiative, the network operators community is taking an increased ownership role. With the establishment of an Advisory Committee in 2019, a roadmap is in place to transition the initiative to a fully-owned and -governed community effort.