It's roundup time again, with ISOC working to protect the routing infrastructure, and announcements from Big Switch, F5, and Juniper.
The Internet Society this week decided its MANRS initiative needs extra legs, and has recruited Internet exchanges to test the trusted routing process.
As The Register's networking desk explained in 2016, MANRS (Mutually Agreed Norms for Routing Security) isn't a technology, but rather, a process designed to maintain the stability of the Internet's routing infrastructure.
Two characteristics of Internet routing make it fragile: its foundation protocol, BGP (the Border Gateway Protocol), is ancient; and the exchange of route data assumes everybody knows and trusts each other.
MANRS is an attempt to codify the business process part of route exchanges – it defines baselines to protect route announcements, handle DDoS vulnerabilities and response coordination, and network information publication.
ISOC is now hoping to expand MANRS beyond its original focus on network operators, and has recruited a multi-national band of Internet exchanges (IXPs) to also support the initiative.
The ten IXP participants in the project are Asteroid (International), CABASE (Argentina), CRIX (Costa Rica), DE-CIX (Germany), INEX (Ireland), MSK-IX (Russia), Netnod (Sweden), RINEX (Rwanda), TorIX (Canada), and YYCIX (Canada).
To cater for the exchange providers, ISOC has created an IXP membership class, with “a set of security actions to address the unique needs and concerns of IXPs”.
Participating IXPs have agreed to implement the first two items on the action list below, and at least one of the remaining items:
- Facilitate prevention of propagation of incorrect routing information;
- Promote MANRS in the IXP’s membership;
- Protect the peering platform;
- Facilitate global operational communication and coordination between network operators;
- Provide monitoring and debugging tools to members.
Juniper's Contrail gets even more cloudy
Juniper Networks' Contrail Enterprise Multicloud got an expansion this week, so it can manage multivendor physical and virtual workloads on any cloud.
The Gin Palace describes this as “multidomain orchestration”which, combined with Contrail's analytics, pulls workload management and monitoring into a single command centre, integrating “overlay and underlay management” on the same platform covering bare metal servers, virtual machines and container environments, and network devices.
For data centre operations, Juniper's QFX Series switches can now be bundled with Contrail Enterprise Multicloud.
Even more multicloud, from F5
F5 Networks is also on the multicloud bandwagon, announcing the Big-IP Cloud Edition which will be available at the end of May.
Big-IP CE is a per-app virtual Application Delivery Controller (ADC) that combines application services with the company's Big-IQ analytics. It includes a self-service catalogue of application services (covering provisioning, configuration, and upgrade), and provides per-app visibility and analytics.
The company also turned in its Q2 financials this week: revenue of US$533.3 million for the quarter was up 2.9 per cent year-on-year from Q2 2017, and GAPP net income was $109.6 million, up 17.7 per cent from $93.1 million in Q2 2017.
Big Switch adds monitoring nodes
Big Switch Networks added extra recording and monitoring to its capabilities: the Big Mon Recorder Node (packet recording, querying and replay); and the Big Mon Analytics Node for monitoring, discovering and troubleshooting network, application, and security events.
The two offerings cover traditional data centres and cloud environments, and offer single-click replay of user and application conversations. ®