TLD-OPS Update DR/BCP Workshop Update ccNSO Meeting October 24, - - PowerPoint PPT Presentation

tld ops update dr bcp workshop update ccnso meeting
SMART_READER_LITE
LIVE PREVIEW

TLD-OPS Update DR/BCP Workshop Update ccNSO Meeting October 24, - - PowerPoint PPT Presentation

Mar 23, 2023 394 likes •593 views

TLD-OPS Update DR/BCP Workshop Update ccNSO Meeting October 24, 2018 ICANN63, Barcelona Jacques Latour, .ca (Chair) Rgis Mass, .fr (Vice Chair) TLD-OPS introduction Global technical incident response community for and by ccTLDs ,

slide-1
SLIDE 1

October 24, 2018 ICANN63, Barcelona

Jacques Latour, .ca (Chair) Régis Massé, .fr (Vice Chair)

TLD-OPS Update DR/BCP Workshop Update ccNSO Meeting

slide-2
SLIDE 2

TLD-OPS Standing Committee

TLD-OPS introduction

  • Global technical incident response community for and by ccTLDs,
  • pen to all ccTLDs (ASCII and IDN)
  • Brings together 380+ people who are responsible for the
  • perational security and stability of 201 different ccTLDs
  • Goal: enable ccTLD operators to collaboratively detect and mitigate

incidents that may affect the operational security and stability of ccTLD services and of the wider Internet

  • Further extends members’ existing incident response structures,

processes, and tools and does not replace them

  • Guidance by TLD-OPS Standing Committee

– ccTLD reps and Liaisons (SSAC, IANA, ICANN’s security team)

slide-3
SLIDE 3

TLD-OPS Standing Committee

Contact Repository Email

“John Doe, #1, .nl, +31 123456789” john.doe@nic.nl, john@oarc.net “Jane Doe, #1, .vn, +84 123456789” jane.doe@nic.vn, jane@oarc.net

slide-4
SLIDE 4

TLD-OPS Standing Committee

Security Alerts and Workshops

  • Disaster Recovery Workshop @ ICANN63

– Leave with more questions than answers – Share information, experience, real or hypothetical – Collecting the collective experience / Share best practices Description (example) Month 12 Alert: Malware use DNS to steal personal info Feb-18 11 Two DDoS attacks on a registry’s name servers Mar-17 10 Registry front-end compromize due to 0-day vulnerability Mar-17 9 Queries on latency problems with DNS anycast operator Dec-16 8 Security warning regarding large volumes of Cutwail Traffic Nov-16 7 Alert: several members reporting large DNS traffic spikes Nov-16 6 Security warning for a ccTLD that was hacked Aug-16 …

slide-5
SLIDE 5

TLD-OPS Standing Committee

It’s time to join the TLD-OPS community

Easy

Just send an email to join

Secure

Identified and trusted contacts

Helpful

Community help in case of an incident

slide-6
SLIDE 6

TLD-OPS Standing Committee

TLD-OPS Operations Since ICANN62

  • Security alerts

– One notification

  • Membership updates – Objective met 

– Added 6 new ccTLD to the list

  • .pe

Peru

  • .gu

Guam

  • .mx

Mexico

  • .sv

San Salvadore/El Salvador

  • .mr

Mauritania

  • .ci

Cote d'Ivoire

– 5 TLD-OPS contact changes/updates

  • Active standing committee outreach to missing members

– Remote participation to the APTLD 74 Meeting (Tashkent, Uzbekistan)

slide-7
SLIDE 7

TLD-OPS Standing Committee

slide-8
SLIDE 8

TLD-OPS Standing Committee

TLD-OPS all over the world

24 (+3 / 57 %) 5 (100 %) 65 (100 %) 27 (+2 / 53 %) 51 (+1 / 62 %) ASCII 172 (+6 / 70%) & IDN: 29 (63 %) Total: 201 (+6 / 69 %)

slide-9
SLIDE 9

TLD-OPS Standing Committee

Objectives for ICANN63

  • Host a DR/BCP workshop
  • Increase membership by 3 to 198 (ICANN62/63)

– We added 6 new members, now at 201

  • Objectives for ICANN64

– First DR/BCP draft playbook delivery – Increase membership by 3 to 204

slide-10
SLIDE 10

TLD-OPS Standing Committee

Workshop action plan

ICANN 62 – TechDay Presentation ICANN 62 - ccNSO Presentation ICANN 63 Workshop ICANN 64 – Draft playbook delivery ? We are here

slide-11
SLIDE 11

TLD-OPS Standing Committee

Disaster Recovery Workshop Updates

  • Workshop: ~ 52 registered attendees
  • Agenda:

13:30 - 13:45 - Introductions - ‘be prepared’ 13:45 - 14:15 - Disaster Recovery / Business Continuity 14:15 - 15:15 - Workshop breakout #1 - Scope: Registry & DNS

45 min: Group 1: Detection, Analysis / Group 2: Activation, Action Plan/Communications 15 min: Summary / present outcome: Group 1: Brett, Regis, Fred Group 2: Abibu, Jacques, Erwin

15:30 - 16:30 - Workshop breakout #2 - Scope: Corporate IT & People

45 min: Group 2: Detection, Analysis / Group 1: Activation, Action Plan/Communications 15 min: Summary / present outcome:

16:30 - 17:00 – Conclusion & Summary / Summarise final outcome / Develop message to ccNSO

slide-12
SLIDE 12

TLD-OPS Standing Committee

Workshop Flip Charts

slide-13
SLIDE 13

TLD-OPS Standing Committee

Initial Workshop Summary

  • At the beginning half of ccTLD present felt they were prepared to

handle a disaster

  • At the end of the session only a few raised their hands confidently
  • There’s a need to develop a playbook with the basic concepts of

DR/BCP (Disaster Recovery and Business Continuity) and Business Impact Assessment (BIA) processes

  • There’s a need to develop ccTLD specific action plan procedures

specific to the registry and DNS operations

  • We need to compile all the notes and start development of the

playbook

slide-14
SLIDE 14

TLD-OPS Standing Committee

We Have Volunteers 

slide-15
SLIDE 15

TLD-OPS Standing Committee

Raise your hand if the workshop was worth your time

slide-16
SLIDE 16

TLD-OPS Standing Committee

TLD-OPS Standing Committee

Jacques Latour

.ca / Chair

Frederico Neves

.br / Member

Erwin Lansing

.dk / Member

Ali Hadji Mmadi

.km / Member

Abibu Ntahigiye

.tz / Member

Brett Carr

.uk / Member

Régis Massé

.fr / Vice Chair

Warren Kumari

SSAC Liaison

John Crain

SSR Liaison

Kim Davis

IANA Liaison

Kimberly Carlson

ICANN Staff

slide-17
SLIDE 17

TLD-OPS Standing Committee

Ressources & Contacts

Jacques Latour Standing Committee Chair +1.613.291.1619 jacques.latour@cira.ca Régis Massé Standing Committee Vice Chair +1.6.83.12.43.49 regis.masse@afnic.fr

http://ccnso.icann.org/resources/tld-ops-secure-communication.htm

slide-18
SLIDE 18

Thank you!