Back to the list

The Internet Resilience Observatory in France Publishes its Report for 2014

December 14, 2015

2014 Report of the Internet Resilience Observatory in France: progress in the adoption of best practices, and new challenges identified.

For the fourth year running, the report of the Internet Resilience Observatory in France, written by the French National Agency for the Security of Information Systems (ANSSI) in conjunction with Afnic, analyzes the resilience of the French Internet by studying two protocols, BGP and DNS.

More data analyzed for better understanding

Since its first publication in 2012, the amount of information managed for the analysis of the report has tripled, now taking into account all of the public BGP data. The Observatory now is able to detect prefix hijacking and traffic redirects in real time. In addition, this year the Observatory has adopted a new indicator on email.

Highlights of the 2014 report

  • Cryptographic protection of the DNS and BGP protocols has significantly evolved. On the one hand, DNSSEC, the DNS security protocol, is continuing to gain ground thanks to the promotional efforts of Afnic and the involvement of a growing number of its registrars in signing zones. On the other, the number of French operators that have deployed the Resource Public Key Infrastructure [PB1] has doubled.
  • There has been an increase in the malicious use of BGP as a vector for traffic diversion.
  • There has been an increase in the concentration of IPv6 interconnections and a low proportion of new IPv6 deployments as perceived through the DNS.
  • The new indicator based on the DNS and characterizing resilience of messaging services shows too low a number of mail relays.

 

Once again this year, the Observatory has reiterated its encouragement to Internet players to appropriate BGP and DNS best practices and draws their attention to the following recommendations:

  • monitor prefix advertisements, and be prepared to react in case of hijacking; diversify the number of SMTP and DNS servers in order to improve the robustness of the infrastructure;
  • diversifier le nombre de serveurs SMTP et DNS afin d’améliorer la robustesse de l’infrastructure ;
  • apply best practices to limit the effects of failures and operational errors;
  • pursue the deployments of IPv6, DNSSEC, and RPKI to develop skills and to anticipate possible operational problems.

 

Download the report "Resilience of the French Internet in 2014" (PDF 1,2 Mb)



Lire cette ressource en français Top of the page

About AFNIC

Afnic (the French acronym for "Association Française pour le Nommage Internet en Coopération" i.e. the French Network Information Centre), is a non-profit association. For 20 years, we have been the registry for the management of Internet addresses under the .fr TLD suffix. We also manage the French overseas TLDs for .re (Reunion Island), .pm (St. Pierre and Miquelon), .tf (French Southern and Antarctic Territories), .wf (Wallis and Futuna), and .yt (Mayotte). In addition to the more than 3.2 million domain names they represent, we are also the back-end registry for 14 companies as well as local and regional authorities that have chosen to have their own TLD suffix including .paris, .bzh, .alsace, .corsica, .mma, .ovh, .leclerc and .sncf. We actively support the digital transformation of small and mid-size businesses in France with our system Réussir en .fr (www.reussir-en.fr) and offer a free online presence support package ranging from diagnostic tools to on-site training throughout France. As an association, we federate a community of more than one hundred members with varied profiles but all of whom are stakeholders on the web: registrars, companies, federations, users, institutions, etc. Our role is part of a broader assignment involving the common good, which consists in helping to make the Internet more secure, stable and open to innovation each day, in which the French Internet community plays a leading role. In addition, we pay 90% of the profits from the management of the .fr TLD to our Afnic Foundation for Digital Solidarity (www.fondation-afnic.fr) which each year finances some thirty projects designed to reduce the digital divide throughout France.