2020 kept everyone busy in ways we could have never imagined before. We adjusted to ‘the new normal’, worked from home full time, homeschooled our children and learned how to run a business during lockdown, amongst many other things. The central theme here is online. Online as in everything – from family gatherings to job interviews – now takes place via the internet. Connecting people through virtual collaboration tools has become the norm. Put simply, in today’s world, the internet is more of a necessity than ever before.
On the other hand, major internet outages happen on a regular basis. By now, there probably isn’t a single service or cloud provider that hasn’t suffered from at least one outage. In many cases, these interruptions are caused by unintentional or malicious (BGP) routing issues.
At Juniper Networks, securely connecting people is in our DNA. It’s what we do on a daily basis and what our products are designed to enable and ensure. Because of this, routing security is – and has always been – high on our radar as one can conclude from the features that Junos supports. For example, RPKI Origin Validation has been supported since Junos OS Release 12.2.
In 2020, we put a lot of effort into routing security. For example, we optimized the RPKI Origin Validation code, solved bugs and brought the implementation in line with new requirements. We also implemented RFC8212 to mitigate the risk of a full BGP table leak and we developed the TCP Authentication Option to replace MD5 for BGP peering. Our experts participated in numerous forums, meetings and presentations to inform and educate customers and the community.
In order to keep the internet up and running safely, we remain committed to our work in routing security, especially as we enter 2021. At Juniper, we will continue to follow the work in IETF closely, participate in proposals and standards and implement routing security features where our customers need them most. Secure transport for RPKI, outbound maximum prefix limits for BGP and options for improved visibility in RPKI validation states are features we will look to support in the future.
Mutually Agreed Norms for Routing Security (MANRS)
But we won’t get there alone. Industry collaboration is key to routing security innovation. We’ll listen to and work with the community to carefully review their input and guidance. Together with our partners, we will push one another to stay on par with routing security features. And finally, Juniper will continue to support the Internet Society’s Mutually Agreed Norms for Routing Security (MANRS) initiative.
MANRS was established among the community in 2014 to improve security and resilience of the global routing system. Today, it has evolved into a broad operator supported platform stating the measurements, policies and mechanisms that network operators, internet exchange points and content delivery networks that cloud providers should implement in order to successfully deploy routing security. Customers, the community and the industry support MANRS and are compliant. Put simply, because it’s important to them, it’s also important to Juniper.
We believe the time has come for MANRS to extend its reach again, this time into the vendor space. Therefore, if MANRS were to initiate a MANRS for Vendors, Juniper would most likely embrace and support this initiative. In the end, the MANRS standards support a more stable and secure internet, ultimately benefiting our customers, partners and the industry.
Let’s Build a Better and Safer Internet together!
Forward-Looking Statements
This blog contains forward-looking statements within the meaning of applicable securities laws. All statements, other than statements of historical fact, could be deemed forward-looking statements. Statements in this blog concerning Juniper Networks’ business, prospects, future products and prospective benefits to customers are forward-looking statements that involve a number of uncertainties and risks. Actual results or events could differ materially from those anticipated in those forward-looking statements as a result of several factors, including, without limitation, delays in scheduled product availability, the company’s failure to accurately predict emerging technology trends, and other factors listed in our most recent report on Form 10-Q filed with the Securities and Exchange Commission. All statements made in this blog are made only as of the date of this blog. Juniper Networks undertakes no obligation to update the information in this blog in the event facts or circumstances subsequently change after the date of this blog.
