Content Delivery Networks (CDNs) and cloud providers exchange traffic with thousands of other networks so data can flow efficiently around the world, which puts them in a unique position to help to secure the global Internet. 

The MANRS CDN and Cloud Provider Program outlines concrete actions they can take to amplify the positive effect they have on routing security, and the routing hygiene of networks they peer with.

Participation helps by requiring egress routing controls so networks can prevent incidents from happening. Leveraging peering power can have significant positive spillover effect on the routing hygiene of networks they peer with.

Actions

  1. Filtering. Ensure correctness of your announcements and your non-transit peers by implementing explicit (whitelist) filtering with prefix granularity
  2. Anti-spoofing. Implement anti-spoofing controls to prevent packets with illegitimate source IP addresses from leaving the network (egress filters)
  3. Coordination. Maintain globally accessible, up-to-date contact information in common routing databases
  4. Global Validation. Publicly document ASNs and prefixes that are intended to be advertised to external parties (IRR and/or RPKI)
  5. Promotion. Actively encourage MANRS adoption among peers.
  6. Tools. Provide monitoring and debugging tools to peering partners

Read the full CDN and Cloud Program document.