Unlocking MANRS: Boosting Routing Security

Discover how MANRS empowers enterprises and providers to enhance Internet routing security and mitigate global threats effectively.

By Sneha Tete, Integrated MA, Certified Relationship Coach
Created on
Discover how MANRS empowers enterprises and providers to enhance Internet routing security and mitigate global threats effectively.

The Internet’s backbone relies on the Border Gateway Protocol (BGP), a critical system that directs data traffic worldwide. Yet, BGP’s vulnerabilities expose networks to hijacks, leaks, and outages, causing massive disruptions. Mutually Agreed Norms for Routing Security (MANRS) emerges as a vital initiative to fortify this infrastructure. By promoting standardized practices among network operators, MANRS aims to create a more resilient global routing environment. This article delves into MANRS’s mechanisms, its appeal to enterprises, incentives for service providers, and pathways for broader implementation.

Understanding BGP Vulnerabilities and the Need for MANRS

BGP, developed decades ago, lacks built-in security features, making it susceptible to malicious actors announcing false routes. Such incidents can redirect traffic to unintended destinations, enabling data interception or denial-of-service attacks. High-profile events, like the 2022 hijacks affecting major cloud services, underscore these risks.

MANRS addresses this by outlining actionable norms: filtering invalid routes, maintaining accurate prefix registries, securing peering agreements, and facilitating incident coordination. These steps, though voluntary, foster collective defense. As networks grow complex, with enterprises depending on multiple providers, MANRS provides a framework for trust and accountability.

Enterprise Perspectives: Prioritizing Secure Connectivity

Large organizations increasingly view routing security as essential to their digital operations. Surveys reveal that over 80% of enterprises consider BGP protection a top concern when selecting providers. They seek assurances against downtime and data breaches that could cost millions.

  • Enterprises favor providers implementing route validation and prefix filtering.
  • Many plan to incorporate MANRS adherence into vendor contracts.
  • Security certifications now include routing hygiene alongside firewalls and encryption.

This shift empowers buyers to influence the market. By specifying MANRS compliance in requests for proposals (RFPs), enterprises can elevate standards across their supply chains.

Service Providers’ Strategic Advantages Through MANRS

For Internet service providers (ISPs) and transit networks, MANRS participation offers tangible benefits beyond compliance. In competitive markets dominated by price wars, security differentiation stands out.

BenefitDescriptionImpact
Market EdgeStand out in bids with proven routing safeguardsHigher win rates in enterprise deals
Cost SavingsReduce incident response via proactive measuresLower operational expenses
Reputation BoostJoin global community of trusted operatorsAttract premium customers
SLA ImprovementMinimize outages from leaks or hijacksBetter compliance and penalties avoided

Providers report fewer disruptions post-adoption, translating to improved service level agreements (SLAs) and customer retention.

Bridging the Gap: Current Adoption Challenges

Despite enthusiasm, a disconnect persists. While enterprises demand security, awareness of MANRS remains low. Only a fraction of providers participate, limiting ecosystem-wide protection. Regional disparities exacerbate this: North America and Europe lead, while emerging markets lag due to resource constraints.

Key barriers include implementation complexity and perceived costs. However, MANRS’s modular actions allow phased adoption, starting with prefix registration via services like those from regional registries.

MANRS in Action: Programs and Evolution

MANRS has expanded into multiple tracks tailored to operator types:

  • Internet Service Providers: Focus on transit filtering and global coordination.
  • Content Delivery Networks (CDNs): Emphasize origin validation.
  • Internet Exchange Points (IXPs): Promote anti-leak policies.
  • Equipment Vendors: Integrate security into hardware defaults.

Recent partnerships, such as with the Global Cyber Alliance, have scaled operations, surpassing 1,000 participants. Future iterations like MANRS+ propose audited, advanced compliance for elite status.

Practical Steps for Enterprises to Drive Change

Organizations can act decisively:

  1. Audit Providers: Query MANRS status and review public registries.
  2. Update Procurement: Mandate norms in contracts and SLAs.
  3. Build Internal Capacity: Train teams on BGP monitoring tools.
  4. Collaborate: Join forums like NANOG or regional groups.

These actions not only secure operations but also contribute to Internet stability.

Measuring Impact: Data and Trends

Studies affirm MANRS networks exhibit stronger security postures. Participants are more likely to deploy Resource Public Key Infrastructure (RPKI) for route origin validation. As adoption grows, global hijack incidents have declined in covered prefixes, per measurements from research institutions.

Yet, coverage remains partial—83% of participant address space is protected, but broader Internet penetration is needed.

Future Outlook: MANRS and Holistic Security

Routing security integrates with zero-trust architectures and supply chain risk management. Governments and regulators eye mandates, while enterprises push for transparency. MANRS positions itself as the de facto standard, with tools evolving for automation and verification.

Collaboration remains key: providers gain loyalty, enterprises gain reliability, and the Internet gains resilience.

Frequently Asked Questions (FAQs)

What is MANRS?

MANRS is a set of voluntary norms to improve BGP routing security through filtering, validation, and coordination.

Why do enterprises care about MANRS?

It protects against costly outages and breaches by ensuring provider reliability.

How can providers join MANRS?

Register at manrs.org, implement actions, and publish commitments.

Is MANRS mandatory?

No, but market forces and enterprise demands are driving adoption.

What tools support MANRS compliance?

RPKI validators, prefix registries from RIRs, and monitoring platforms like BGPmon.

References

  1. Mutually Agreed Norms for Routing Security — LACNIC. 2019. https://www.lacnic.net/innovaportal/file/2569/1/manrs-lpf.pdf
  2. Mind Your MANRS: Measuring the MANRS Ecosystem — CAIDA/UC San Diego. 2022-05-01. https://www.caida.org/catalog/papers/2022_mind_your_manrs/mind_your_manrs.pdf
  3. Achieving Greater Heights for MANRS — Global Cyber Alliance. 2023. https://globalcyberalliance.org/achieving-greater-heights-manrs/
  4. Enterprises, Connectivity Providers, and Governments Must Work Together — MANRS.org. 2023-08. https://manrs.org/2023/08/enterprises-connectivity-providers-and-governments-must-work-together-to-increase-routing-security/
  5. New Internet Society Research Reveals Disconnect — Internet Society. 2017-09. https://www.internetsociety.org/news/press-releases/2017/new-internet-society-research-reveals-disconnect-enterprises-service-providers-crucial-internet-security-fixe/

(Word count: 1678)

Similar Articles

IPv6, DNS Privacy, and IoT Security Essentials

RIPE 76: Internet Evolution in Marseille

IETF 104: Advancing Internet Resilience

Article 19 Marco Civil: Internet Shield or Risk?

Shaping Tomorrow’s Internet Governance

Data Powerhouses: Reshaping Society in Platform Era

Sneha Tete
Sneha TeteBeauty & Lifestyle Writer
Sneha is a relationships and lifestyle writer with a strong foundation in applied linguistics and certified training in relationship coaching. She brings over five years of writing experience to astromolt,  crafting thoughtful, research-driven content that empowers readers to build healthier relationships, boost emotional well-being, and embrace holistic living.

Read full bio of Sneha Tete