^ Top

NANOG Meeting Presentation Abstract

ISP Security BOF III
Meeting: NANOG26
Date / Time: 2002-10-28 9:00pm - 10:30pm
Room: Composers Hall
Presenters: Moderators:
Barry Raveendran Greene, Cisco Systems.

Merike Kaeo, merike.com

Merike Kaeo has been in the networking industry for over 14 years. She is a member of the IEEE and is currently the co-chair of the IETF IPPM (IP Performance Metrics) working group. Merike worked at the National Institutes of Health in Bethesda, MD from 1988 to 1993, designing and implementing the original FDDI backbone for the NIH campus using Cisco routers. From 1993 to 2000, Merike was employed by Cisco, where she initially worked primarily on technical issues relating to router performance, network routing protocols, network design, and network security. She was a lead member of Cisco\'s security initiative and has been a panel member in security-related issues at Interop and The Internet Security Conference (TISC). Merike is currently an independent consultant in the areas of network security, optical networks, high-speed routing and QoS-related performance measurements. Merike authored \'Designing Network Security\' in May 1999. She received her BSEE degree from Rutgers University in 1987 and completed her MSEE degree from George Washington University in May 1998.
Abstract: Security incidents are a daily event for Internet Service Providers. Attacks on an ISP\'s customers, attacks from an ISP\'s customer, and attacks on the ISP\'s infrastructure are now one of many \"security\" NOC tickets through out the day. This increase in the volume and intensity of attacks has forced ISP\'s to spend constrained resources to mitigate the effects of these attacks on their operations and services. This investment has helped minimize the effects of the attacks, but it has not helped stop them at the source. Stopping attacks at their source requires rapid and effective inter-ISP cooperation.

The spirit of inter-ISP cooperation exists in the ISP Security ranks, but the problem is that ISP Security Teams from one ISP cannot find their colleagues amongst their peers.

This ISP Security BOF models itself on the NANOG Peering BOFs, focusing on building the human Internet of ISP Security Engineers. We solicit ISP Security/NOC Teams (before the meeting), asking them to characterize their security tools and policies in general ways (\"always help customers under attack\" or \"will trace the attack to the source\" or \"will work with law enforcement\" or \"black hole violators\" or \"implement common tools\" etc.).

From the answers, we will select a set of ISP Security Engineers to present a 5-to-10-minute description of their network, security tools, policies, how they would like to interact with other ISP Security Teams, and the identification/mitigation problems ISPs have had with existing technology/techniques. This presentation puts a face with the e-mail address at the ISP\'s Security/NOC Team.

At the end of the BOF, representatives will have time to speak with ISP Security Engineers at ISPs with which they seek to deepen their interaction and cooperation. The expectation is that these interactions will lead to an effective, Internet-wide security incidence response --- plugging the attacks at their source and perhaps apprehending the perpetrators (using law enforcement to put a dent in the problem).
Files: None.
Sponsors: None.

Back to NANOG26 agenda.

NANOG26 Abstracts

 

^ Back to Top