observatory of internet resilience in france
play

Observatory of Internet Resilience in France Franois Contat ANSSI - PowerPoint PPT Presentation

Nov 16, 2022 •107 likes •289 views

Observatory of Internet Resilience in France Franois Contat ANSSI Agence nationale de la scurit des systmes d'information http://www.ssi.gouv.fr/en RIPE 68 - May 12 th , 2014 ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 1/14

  1. Observatory of Internet Resilience in France François Contat ANSSI Agence nationale de la sécurité des systèmes d'information http://www.ssi.gouv.fr/en RIPE 68 - May 12 th , 2014 ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 1/14

  2. ANSSI and Observatory . Created on July 7th 2009, the ANSSI is the national cyberdefence agency. Main missions are: In 2011, The Observatory of Internet resilience in France is created. Publications: http://www.ssi.gouv.fr/en/ ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 2/14 • Prevention • Defence of information systems Internet resilience is one of its priority. • Two reports of Internet status in France • BGP BCP

  3. BGP Best Current Operational Practices

  4. Why? Motivations ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 4/14 • BGP BCPs present in multiple documents • No single reference document • No adjustment depending on BGP interconnection type: • Transit • Peering • Customer

  5. Who? ANSSI Operators ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 5/14 • Pierre Lorinquer (main author) • Observatory Team (G. Valadon, M. Feuillet, F. Contat) • Association Kazar • France-IX • Jaguar Network • Neo Telecoms • Orange • RENATER • SFR

  6. How? First step: internal work Second step: collaborative work Third step: publication ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 6/14 • Classify BGP interconnections and define AS relationships • Draft a first recommendations list • Propose the recommendations list • Debate the importance of each recommendation • Implement Operators comments • Publish on October 1 st , 2013

  7. BGP Best Current Operational Practices Document

  8. Structure Definitions Recommendations levels Recommendations ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 8/14 • Interconnection types • As relationships • Description • Examples

  9. Definitions Interconnection types AS relationships ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 9/14 • Direct interconnection • IXP Peering • IXP Route-server • Multihop • Transit / Customer (leaf) • Transit / Small transit • Peering

  10. Definitions Interconnection types AS relationships ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 9/14 • Direct interconnection • IXP Peering • IXP Route-server • Multihop • Transit / Customer (leaf) • Transit / Small transit • Peering

  11. Definitions Interconnection types AS relationships Internet Exchange Point ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 9/14 • Direct interconnection • IXP Peering • IXP Route-server • Multihop • Transit / Customer (leaf) • Transit / Small transit • Peering

  12. Definitions Interconnection types AS relationships transit AS « small transit » AS ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 9/14 • Direct interconnection • IXP Peering • IXP Route-server • Multihop • Transit / Customer (leaf) • Transit / Small transit • Peering

  13. Recommendations AS relationship dependant General recommendations ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 10/14 • TCP-Authentication • AS-PATH filtering • Prefixes filtering (route objects) • Max-prefix • Private AS removing • Martians filtering • Bogons filtering • Default route filtering • Log • Graceful restart

  14. Recommendation example Systematic ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp Peering Customer side: - Transit side: Transit Transit / small Customer side: - « leaf » AS. filtering for Transit side: BCP name Customer (leaf) Transit / peer allocated to filtering Prefixes Remarks level Recommendation AS relationship 11/14

  15. Recommendation implementation Routers configurations ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 5.3 OpenBGPD (OpenBSD) 11.4R3.7 Junos (Juniper) 15.2(4)S IOS (Cisco) 10.0r5 SR-OS (Alcatel-Lucent) Version Operating system 12/14 • Each recommendation has configuration sample • Configuration examples for: • Cisco, Juniper made by ANSSI • Alcatel and openBGPd configuration given by Operators

  16. Conclusion How did it work? The next report ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 13/14 • Got feedbacks from French nog members • Minors errors hilighted by readers after publication • Translate the document in English • Propose new recommendations (ex: GTSM) • Propose route object/ROA declaration • Review old and new recommendations with operators • Keep or remove • Change recommendation level • Update configuration examples (IOS XE/XR, etc.) • …

  17. Questions? ANSSI - http://www.ssi.gouv.fr/bonnes-pratiques-bgp 14/14

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

French Internet Resilience Observatory Franois Contat, Guillaume Valadon Agence nationale de la

French Internet Resilience Observatory Franois Contat, Guillaume Valadon Agence nationale de la

French Internet Resilience Observatory Franois Contat, Guillaume Valadon Agence nationale de la scurit des systmes d'information http://www.ssi.gouv.fr/en RIPE 67 - October 15 th , 2013 ANSSI - http://www.ssi.gouv.fr/observatoire 1/31

1.04k views • 45 slides
What The Observatory Tool is and how it can be useful for YOU The Global Internet

What The Observatory Tool is and how it can be useful for YOU The Global Internet

TECHNICAL DEVELOPMENT OF THE ONLINE PLATFORM FOR THE GLOBAL INTERNET POLICY OBSERVATORY SMART 2014/0026 What The Observatory Tool is and how it can be useful for YOU The

547 views • 20 slides
the real-time Internet routing observatory Alessandro Improta alessandro.improta@iit.cnr.it Our

the real-time Internet routing observatory Alessandro Improta alessandro.improta@iit.cnr.it Our

the real-time Internet routing observatory Alessandro Improta alessandro.improta@iit.cnr.it Our research focus: the Internet AS-level ecosystem Why is it important? To identify Internet topological properties and drawbacks To build realistic

452 views • 23 slides
High Redshift (proto)Clusters Observatory of Paris 5-7 October 2016 Observatory of Paris

High Redshift (proto)Clusters Observatory of Paris 5-7 October 2016 Observatory of Paris

High Redshift (proto)Clusters Observatory of Paris 5-7 October 2016 Observatory of Paris International Center for Scientific workshops (CIAS) CEA/IRFU Internet, coffee breaks etc Internet Co ff ee breaks USB key - Talk pdf

667 views • 18 slides
the real-time Internet routing observatory Alessandro Improta alessandro.improta@iit.cnr.it Our

the real-time Internet routing observatory Alessandro Improta alessandro.improta@iit.cnr.it Our

the real-time Internet routing observatory Alessandro Improta alessandro.improta@iit.cnr.it Our research interest: the Internet AS-level ecosystem Why is it important? To identify Internet topological properties and drawbacks To build

371 views • 22 slides
the real-time Internet routing observatory Pietro G. Giardina Enrico Gregori Alessandro

the real-time Internet routing observatory Pietro G. Giardina Enrico Gregori Alessandro

the real-time Internet routing observatory Pietro G. Giardina Enrico Gregori Alessandro Improta Luciano Lenzini Alessandro Pischedda Lorenzo Rossi Luca Sani Internet Everyone knows the role of the Internet in our society, but

402 views • 22 slides
Regional Space Observatory (France) Earth Observation Technologies for Crop Monitoring: A

Regional Space Observatory (France) Earth Observation Technologies for Crop Monitoring: A

Regional Space Observatory (France) Earth Observation Technologies for Crop Monitoring: A Workshop to Promote Collaborations among GEOGLAM/JECAM/Asia-RiCE 2018 Taichung City, Taiwan 17-20 September, 2018 The Spatial Regional Observatory (OSR)

675 views • 19 slides
the real-time Internet routing observatory Luca Sani 1 / 24 Our research topic: discovering the

the real-time Internet routing observatory Luca Sani 1 / 24 Our research topic: discovering the

the real-time Internet routing observatory Luca Sani 1 / 24 Our research topic: discovering the Internet structure Everyone knows the role of the Internet in our society, but since its commercialization in 1995, no one knows its complete

424 views • 29 slides
the real-time Internet routing observatory Alessandro Improta alessandro.improta@iit.cnr.it

the real-time Internet routing observatory Alessandro Improta alessandro.improta@iit.cnr.it

the real-time Internet routing observatory Alessandro Improta alessandro.improta@iit.cnr.it Unveiling the Internet structure with BGP data BGP route collectors BGP data collected up to date has been unvaluable to reveal the Internet

230 views • 22 slides
Resilience via Measurement Mike Lloyd, CTO Presentation at 9 th Workshop on Internet Economics

Resilience via Measurement Mike Lloyd, CTO Presentation at 9 th Workshop on Internet Economics

Resilience via Measurement Mike Lloyd, CTO Presentation at 9 th Workshop on Internet Economics Problem to Address: Lack of Digital Resilience Breaches are all too common Marriott is just the latest 500 million customers affected

462 views • 12 slides
the real-time Internet routing observatory Luca Sani luca.sani@iit.cnr.it RIPE NCC SEE 6, Budva,

the real-time Internet routing observatory Luca Sani luca.sani@iit.cnr.it RIPE NCC SEE 6, Budva,

the real-time Internet routing observatory Luca Sani luca.sani@iit.cnr.it RIPE NCC SEE 6, Budva, 12-13 June 2017 Our research interest: the Internet AS-level ecosystem Why is it important? To identify Internet topological properties and

695 views • 20 slides
HELIO, a Heliospheric virtual observatory J. Aboudarham, LESIA, Paris Observatory, VO-PDC,

HELIO, a Heliospheric virtual observatory J. Aboudarham, LESIA, Paris Observatory, VO-PDC,

http://www.helio-vo.eu HELIO, a Heliospheric virtual observatory J. Aboudarham, LESIA, Paris Observatory, VO-PDC, France R.D. Bentley, MSSL/UCL, UK A. Csillaghy, FHNW, Switzerland Great range of data Radio imaging Detail Flux, count rate,

145 views • 11 slides
Censored Planet Observatory Measuring Internet censorship globally, continuously, and remotely

Censored Planet Observatory Measuring Internet censorship globally, continuously, and remotely

Censored Planet Observatory Measuring Internet censorship globally, continuously, and remotely Internet Measurement Village 2020 Ram Sundara Raman June 26, 2020 Measuring Censorship is a Complex Problem! Internet censorship practices are

644 views • 52 slides
Data Interconnection Market Evolution in France Samih Souissi Open Internet Unit France-IX

Data Interconnection Market Evolution in France Samih Souissi Open Internet Unit France-IX

Data Interconnection Market Evolution in France Samih Souissi Open Internet Unit France-IX General Assemblee 20 September 2018 1. State of Internet in France Report Overview Agenda 2. Data interconnection market in France 2 State of

750 views • 15 slides
Isolario: the real-time Internet routing observatory Alessandro Improta Luca Sani

Isolario: the real-time Internet routing observatory Alessandro Improta Luca Sani

Isolario: the real-time Internet routing observatory Alessandro Improta Luca Sani alessandro.improta@iit.cnr.it luca.sani@iit.cnr.it 1/40 What we aim to do Research field Internet inter-domain measurement and analysis Why? - 1969 -

571 views • 40 slides
Very-High-Energy Gamma-Ray Astronomy with the ALTO observatory

Very-High-Energy Gamma-Ray Astronomy with the ALTO observatory

Very-High-Energy Gamma-Ray Astronomy with the ALTO observatory http://alto-gamma-ray-observatory.org Yvonne Becherini, Satyendra Thoudam* - Linnaeus University (Sweden) Michael Punch - APC Laboratory, Paris (France), IN2P3/CNRS & Linnaeus

384 views • 15 slides
Update on the Mitigation of 1,3-Dichloropropene and Pilot Studies M in h P h am Ju n e 1 , 2

Update on the Mitigation of 1,3-Dichloropropene and Pilot Studies M in h P h am Ju n e 1 , 2

Update on the Mitigation of 1,3-Dichloropropene and Pilot Studies M in h P h am Ju n e 1 , 2 0 2 0 S h af ter A B 6 1 7 Commu n it y S teerin g Committee M eet in g Presentation Outline o Background o Mitigation Approach o Mitigation

328 views • 16 slides
Where next? Elizabeth Stockdale Slido: #B457 Biological Chemical Physical Slido: #B457 Food

Where next? Elizabeth Stockdale Slido: #B457 Biological Chemical Physical Slido: #B457 Food

Where is is soil research in in 2018? Where next? Elizabeth Stockdale Slido: #B457 Biological Chemical Physical Slido: #B457 Food web interactions Earthworms Protozoa Bacteria Bacterial feeding nematodes Plant Predatory residues

461 views • 25 slides
IAgrE and the ES-KTN Welcome you to the Oxford Farming Conference 2013 Agricultural Engineering

IAgrE and the ES-KTN Welcome you to the Oxford Farming Conference 2013 Agricultural Engineering

IAgrE and the ES-KTN Welcome you to the Oxford Farming Conference 2013 Agricultural Engineering offers solutions Mark Kibblewhite President-Elect, IAgrE Roger Lane-Nott CB Director General, AEA Anne Miller Sustainable Land Management and

138 views • 13 slides
CSE: MGRO OTC: MGROF FRA: 0C0 Providing Natural, Science-Based Biological Solutions for High

CSE: MGRO OTC: MGROF FRA: 0C0 Providing Natural, Science-Based Biological Solutions for High

CSE: MGRO OTC: MGROF FRA: 0C0 Providing Natural, Science-Based Biological Solutions for High Value Crops Corporate Presentation July 2020 April 2018 Disclaimer The views expressed herein contain information derived from publicly available

295 views • 14 slides
Presentation at the Confronting the Challenges of Africanising Curriculum in Media

Presentation at the Confronting the Challenges of Africanising Curriculum in Media

Presentation at the Confronting the Challenges of Africanising Curriculum in Media Disciplines workshop at Wits University, South Africa. [3-4 July 2017] De-Westernising Journalism curricula in South African universities: Where are we? By

498 views • 22 slides
On Distributed Ledger Technologies (Blockchain) Ecosystem and Decentralization 3-6

On Distributed Ledger Technologies (Blockchain) Ecosystem and Decentralization 3-6

ITU Asia-Pacific Centre of Excellence Training On Distributed Ledger Technologies (Blockchain) Ecosystem and Decentralization 3-6 September 2018, Bangkok, Thailand Dr. Jean-Marc Seigneur, jean-marc.seigneur@reputaction.com Dr. Jean-Marc

1.38k views • 114 slides
Katy Amateur Radio Society Introduction to Automatic Packet Reporting System ( APRS) Michael

Katy Amateur Radio Society Introduction to Automatic Packet Reporting System ( APRS) Michael

Katy Amateur Radio Society Introduction to Automatic Packet Reporting System ( APRS) Michael Deaver KG5JBJ-9 KARS APRS History In 1982, Bob Bruninga (WB4APR), a senior research engineer at the United States Naval Academy,

444 views • 30 slides
AUTHENTIC ENGAGEMENT: THE ROLE OF THE RELATIONSHIPS AT THE HEART OF EFFECTIVE PRACTICE Tim Moore

AUTHENTIC ENGAGEMENT: THE ROLE OF THE RELATIONSHIPS AT THE HEART OF EFFECTIVE PRACTICE Tim Moore

AUTHENTIC ENGAGEMENT: THE ROLE OF THE RELATIONSHIPS AT THE HEART OF EFFECTIVE PRACTICE Tim Moore Enhanced MCH Workforce Professional Development Day Melbourne, 4 th April 2019 WHY ENGAGE WITH PARENTS Professionals may seek to engage parents

1k views • 60 slides

More recommend