RtBrick Becomes First to Secure Peering for Disaggregated ISP Networks

Daniel Hollis

Edited by Rabeeca Lee Armstrong

PHOTO BY PIXABAY ON PEXELS

RtBrick has taken a major step in securing peering for disaggregated ISP networks, making it the first to introduce critical security measures in this space. By adding features like BGP Flowspec, RPKI, and TCP-AO, RtBrick enhances network protection against threats like DDoS attacks and route hijacking.

This move strengthens internet peering security, ensuring ISPs can operate more securely while benefiting from the flexibility of disaggregated networking.

BGP Flowspec

BGP Flowspec enhances security in disaggregated ISP networks by enabling real-time traffic filtering. It helps ISPs mitigate threats like DDoS attacks by defining rules based on IP addresses, protocols, and port numbers.

If internet exchange (IX) and transit providers adopt it, BGP Flowspec could become a crucial tool for ISPs in defending against DDoS attacks, providing a much-needed security layer for peering networks. Check out the post below:

DDoS protection for ISPs – BGP FlowSPEC might become the cure if IX and transit providers start supporting it @EliyahHavemann
#EPF14 pic.twitter.com/seLAd1bK9e
— Truica Virgil (@virgil_T) September 18, 2019

This allows operators to block malicious traffic while keeping legitimate data flowing smoothly. By integrating BGP Flowspec, RtBrick strengthens peering security, ensuring stable and efficient connections for ISPs operating in disaggregated environments, reducing risks, and improving overall network resilience.

Resource Public Key Infrastructure (RPKI)

Resource Public Key Infrastructure (RPKI) enhances peering security by preventing IP prefix hijacking. It verifies the authenticity of IP address holders, ensuring only authorized networks announce specific routes.

Using cryptographic trust, RPKI improves data integrity and access control in routing protocols.

By integrating RPKI, RtBrick secures peering in disaggregated ISP networks, reducing risks and enhancing routing reliability. This framework helps ISPs validate routing data, ensuring stable, secure, and efficient network operations in modern, flexible infrastructures.

To understand more about RPKI, watch the following video:

What is #RPKI and how does it work? Watch to learn the basics, then visit https://t.co/vLtSF5eTak for more info on ARIN's Resource Public Key Infrastructure services and register at https://t.co/74I5GjmKNe for our free RPKI webinar happening in 1 week on 31 July!#RoutingSecurity pic.twitter.com/6vkIqgyvkG
— ARIN (@TeamARIN) July 24, 2024

Mutually Agreed Norms for Routing Security (MANRS)

MANRS enhances peering security by establishing best practices for ISPs, ensuring safer and more reliable routing in disaggregated networks. It promotes route filtering, anti-spoofing, and RPKI adoption, reducing risks like route hijacking.

RtBrick’s security advancements align with MANRS principles, strengthening peering connections.

The MANRS Implementation Guide is available to help deploy the required actions for network operators, making it easier for ISPs to adopt secure routing measures and improve the resilience of disaggregated ISP networks.

See the post below for the guide:

Mutually Agreed Norms for #Routing #Security implementation Guide is available to help deploy the #MANRS required actions for network operators. https://t.co/iVHMJuJLQL pic.twitter.com/jiXjlxHhvb
— Flavio Luciani (@flavioluciani81) April 26, 2022