NTT deploys RPKI Origin Validation for internet security

NTT deploys RPKI Origin Validation for internet security

26 March 2020 | Natalie Bannerman

Cover

NTT has deployed RPKI-based BGP Origin Validation on its Tier-1 Global IP Network.

Origin Validation is a procedure which authenticates adverts coming from an expected Autonomous System Number (ASN), using Route Origin Authorizations (ROAs) published in the Resource Public Key Infrastructure (RPKI).

Using RPKI technology improves business availability and reduces the impact of misconfigurations or malicious attacks in global Internet routing systems.

“We encourage customers, partners and other players in the industry to adopt similar routing policies,” said Job Snijders, IP development engineer at the Global IP Network of NTT Ltd.

“A combined effort of this magnitude will result in collective benefits and have a positive impact on the Internet ecosystem in general.”

RPKI is deployed along with Peerlock, a mechanism designed to increase the Internet’s routing security. It protects the Global IP Network’s BGP neighbours with an additional layer of AS_PATH filtering to prevent route leaks and path spoofing.

The combination of both RPKI and Peerlock results in very secure routing decisions, ‘some of the most advanced in the industry’, says the company.

The solution comes after a multiyear project, comprised of outreach, education, collaboration with industry partners, and the creation of open source software.

In February, NTT has established NTT Myanmar, a subsidiary company based in Yangon, Myanmar.

TT spent $5 million in capital investment and NTT Myanmar has already been granted a B2B wholesale licence from the country’s Ministry of Commerce to offer ICT solutions and managed services to enterprise clients in the region.

The news comes after the company announced plans to build a new subsea cable called MIST, connecting Singapore, Myanmar and India, specifically Mumbai and Chennai.