Internet Resiliency and Security in the APAC Region: APNIC Perspective
apnic
402 views
12 slides
Aug 15, 2024
Slide 1 of 12
1
2
3
4
5
6
7
8
9
10
11
12
About This Presentation
Shane Hermoso, Training Delivery Manager (Southeast Asia/ East Asia) at APNIC, participated in the panel discussion on 'Internet Resiliency and Security in the APAC Region: A Multi-stakeholder Approach' at APAC DNS Forum 2024 held from 23 to 24 July 2024.
Slide Content
1 v1.1
Internet Resiliency and Security
in the APAC Region:
APNIC Perspective
APAC DNS Forum 2024
July 2024
Internet Resiliency and Security
in the APAC Region:
APNIC Perspective
APAC DNS Forum 2024
July 2024
2 v1.1
Who is APNIC?
APNIC is the Regional Internet Registry (RIR)
for the Asia-Pacific region
Vision: A global, open, stable, and secure Internet
Mission: To provide essential services as a Regional Internet
Registry, and to support Internet development in the Asia Pacific
region
RegistryMembershipDevelopmentInformation &
Capability
Registry Management
RPKI
Reverse DNS
Policy Development
Member assistance
Membership Products
Training
Engagement
APNIC Conferences
Internet Infrastructure
Support
APNIC Foundation
APNIC blog & podcast
Information Products
Research and
measurement
Internal technical
infrastructure
Who is APNIC?
APNIC is the Regional Internet Registry (RIR)
for the Asia-Pacific region
Vision: A global, open, stable, and secure Internet
Mission: To provide essential services as a Regional Internet
Registry, and to support Internet development in the Asia Pacific
region
RegistryMembershipDevelopmentInformation &
Capability
Registry Management
RPKI
Reverse DNS
Policy Development
Member assistance
Membership Products
Training
Engagement
APNIC Conferences
Internet Infrastructure
Support
APNIC Foundation
APNIC blog & podcast
Information Products
Research and
measurement
Internal technical
infrastructure
3 v1.1
Internet infrastructure development
oIXP development
oRoot server deployments
oNetwork security with RPKI and DNSSEC
oGrowth continuity through IPv6
How we support Internet Resiliency and Security
Capacity building
oTraining and Technical Assistance
on Infrastructure topics
oTechnical/Security community
support including NOGs and CERTs
APNIC supports building and development of
IXP in the region through equipment/funding
support and technical assistance.
Supports deployment of M-root instances
Promotes IPv6 adoption through resource
delegation, training, and research
APNIC has conducted over1200 hours of training in the
first half of 2024
Supports IPv6 & RPKI/ROA/ROV Deployment
Supports establishment of NOGs (LANOG, TLNOG)
Supports many new and established CERTs in the region
Provides information, stats/measurements through
APNIC Labs
Internet infrastructure development
oIXP development
oRoot server deployments
oNetwork security with RPKI and DNSSEC
oGrowth continuity through IPv6
How we support Internet Resiliency and Security
Capacity building
oTraining and Technical Assistance
on Infrastructure topics
oTechnical/Security community
support including NOGs and CERTs
APNIC supports building and development of
IXP in the region through equipment/funding
support and technical assistance.
Supports deployment of M-root instances
Promotes IPv6 adoption through resource
delegation, training, and research
APNIC has conducted over1200 hours of training in the
first half of 2024
Supports IPv6 & RPKI/ROA/ROV Deployment
Supports establishment of NOGs (LANOG, TLNOG)
Supports many new and established CERTs in the region
Provides information, stats/measurements through
APNIC Labs
4 v1.1
•RPKI deployment has 2 phases
•ROA is just the beginning
oROAs only serve their purpose if routes are validating
Routing Security through RPKI
Phase 1: ROA (Signing origin)
Resource holders must create their
ROA objects, which gets published to
the RPKI repo
Phase 2: ROV (Validating origin)
Routers are validating route entries
against the RPKI cache
RPKI
robust security framework for
verifying the association
between resource holders
and their Internet number
resources
•RPKI deployment has 2 phases
•ROA is just the beginning
oROAs only serve their purpose if routes are validating
Routing Security through RPKI
Phase 1: ROA (Signing origin)
Resource holders must create their
ROA objects, which gets published to
the RPKI repo
Phase 2: ROV (Validating origin)
Routers are validating route entries
against the RPKI cache
RPKI
robust security framework for
verifying the association
between resource holders
and their Internet number
resources
5 v1.1
•Preventing route hijacking
oCan filter out hijacked routes
oEnsures traffic reaches its intended destination
•Improved trust and stability
oRPKI establishes a system of trust for routing information
oFosters a more stable and predictable routing environment,
minimising disruptions and ensuring reliable data flow.
RPKI supports Internet Security
•Preventing route hijacking
oCan filter out hijacked routes
oEnsures traffic reaches its intended destination
•Improved trust and stability
oRPKI establishes a system of trust for routing information
oFosters a more stable and predictable routing environment,
minimising disruptions and ensuring reliable data flow.
RPKI supports Internet Security
6 v1.1
Route Origin Validation (ROV) Filtering – APNIC Stats
https://stats.labs.apnic.net/rpki
APNIC supports RPKI and ROA
creation for Members
APNIC has supported
Mongolia, Laos and Cambodia
to reach over 90% ROA
coverage
Efforts to improve ROV filtering
at Internet Exchange Points
Route Origin Validation (ROV) Filtering – APNIC Stats
https://stats.labs.apnic.net/rpki
APNIC supports RPKI and ROA
creation for Members
APNIC has supported
Mongolia, Laos and Cambodia
to reach over 90% ROA
coverage
Efforts to improve ROV filtering
at Internet Exchange Points
7 v1.1
Many networks sign ROAs, but fewer perform ROV filtering
ROV Measurement – APNIC Stats
ROA Signed (Total IPv4 & IPv6)ROV filtering
Help us improve this!
Many networks sign ROAs, but fewer perform ROV filtering
ROV Measurement – APNIC Stats
ROA Signed (Total IPv4 & IPv6)ROV filtering
Help us improve this!
8 v1.1
•IPv6 allows the Internet to grow
oThe abundance of IPv6 addresses allows for a more extensive and
adaptable internet infrastructure
oPromoting resiliency by enabling the connection of more devices and
facilitating network growth.
Wider IPv6 adoption contributes to a more robust and dependable Internet
infrastructure!
IPv6 secures the future Internet growth
•IPv6 allows the Internet to grow
oThe abundance of IPv6 addresses allows for a more extensive and
adaptable internet infrastructure
oPromoting resiliency by enabling the connection of more devices and
facilitating network growth.
Wider IPv6 adoption contributes to a more robust and dependable Internet
infrastructure!
IPv6 secures the future Internet growth
9 v1.1
IPv6 Measurements – APNIC Stats
APNIC continues to promote
IPv6 adoption through Training
and deployment support
IPv6 worldwide adoption rate
is at ~38%
IPv6 adoption in Indonesia is at
~14%
IPv6 Measurements – APNIC Stats
APNIC continues to promote
IPv6 adoption through Training
and deployment support
IPv6 worldwide adoption rate
is at ~38%
IPv6 adoption in Indonesia is at
~14%
10 v1.1
•Capacity building and
training are
fundamental pillars for
building a more resilient
internet.
•Enhancing the technical
expertise of network
engineers is essential
•Empower local
community trainers
What about capacity building?
•Capacity building and
training are
fundamental pillars for
building a more resilient
internet.
•Enhancing the technical
expertise of network
engineers is essential
•Empower local
community trainers
What about capacity building?
11 v1.1
Community building
Network Operators’ Groups (NOGs) bring
together network operators engineers to
discuss matters related to operational issues
and promote technical advocacies
APNIC Foundation also continues to support
Internet development through ISIF grants
and projects like Switch!
Community building
Network Operators’ Groups (NOGs) bring
together network operators engineers to
discuss matters related to operational issues
and promote technical advocacies
APNIC Foundation also continues to support
Internet development through ISIF grants
and projects like Switch!
12 v1.1
Thank You!
END OF SESSIONThank You!
END OF SESSION
Thank You!
END OF SESSIONThank You!
END OF SESSION
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 402
- Slides 12
- Age 474 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views