On 18 October 2021 Real World (AS45437) joined the MANRS initiative to help improve network and routing security. Our engineering team are passionate about the security of the global internet, and this just reflects one part of our work in this space.
The MANRS (Mutually Agreed Norms for Routing Security) initiative is a collection of network operators, hardware vendors, industry bodies and cloud providers who recognise that creating a safe and secure global internet is a joint responsibility, and ultimately is good for the whole internet.
As part of being accepted into the MANRS community, network operators must implement certain security measures and develop and implement policies that ensure that their networks, their customer networks, and their network suppliers confirm to the current accepted standards for security and operation.
Within Real World’s network this is a multi-faceted approach.
Internally we’ve invested heavily in our network infrastructure and technology to help ensure that we have rolled out ROA and RPKI validation, and that our networks are designed and maintained to run securely. This ensures that our customers can have confidence in a secure, stable and available network. We also make extensive use of automation and standardisation to ensure that technology elements are consistently applied and rolled out to our customers. We monitor our networks and internet prefixes using technologies external validation technologies to help identify Route Hijacks and resolve traffic and transport challenges throughout the global internet community.
In addition to this, we uphold the four key pillars of the MANRS initiative.
Filtering – Real World “filters” our customer and network interconnects to help ensure that the “networks” our customers tell us about are networks they should be telling us about. We also “filter” our upstream and peering interconnects using a variety of techniques. We make extensive use of AS-SETs, IRR records and ROA Validation.
Anti-Spoofing – Real World uses filters on customer services to ensure that the traffic they send to the internet actually originates from them, helping to reduce the prevalence of “traffic spoofing”. This also reduces the effect of DDOS attacks and other amplification and replication attacks.
Co-ordination – through our work with APNIC, MANRS, PeeringDB and other services, we ensure that we are active and present in a range of communities.
Global Validation – we publish our routing data, keep our AS SET details up-to-date, publish information about our prefixes and ensure that our contact details and interactions are well documented and available.
We encourage all Australian and Global networks to do their part to ensure their networks are secure and compliant with these basic foundational principles, compliant with BCP38 principles, and implementing ROA and RPKI infrastructure to help ensure a secure, stable and secure internet.