Actualités Actualités

The Internet Resilience Observatory in France publishes its report for 2013

Home > Observatory and resources > News > The Internet Resilience Observatory in France publishes its report for 2013
09/22/2014

The report by the Internet Resilience Observatory in France, written by the French National Agency for the Security of Information Systems (ANSSI) in conjunction with Afnic, provides an annual analysis of the state of the French Internet through an in-depth study of the Border Gateway (BGP) and Domain Name System (DNS) protocols. The two protocols are responsible for almost all of the queries transmitted over the Internet.

According to the findings of the study, the situation of the French Internet remains satisfactory. The 2013 study shows that a French Autonomous System (AS)[2] with two suppliers can contact the rest of the Internet in case of failure of any other AS. Regarding the DNS, the concentration of DNS hosts in France is very high, which is directly reflected in the results.

Based on these results, the Observatory encourages Internet stakeholders in France to adopt the best practices accepted for BGP and DNS and has made the following recommendations:

  • deploy IPv6 to anticipate future operational problems and facilitate the build-up in skills
  • evenly distribute the authoritative DNS servers to improve the robustness of the infrastructure,
  • deploy the DNSSEC secured protocol to fight against cache pollution attacks,
  • systematically declare route objects, and keep them up to date in order to facilitate the detection and filtering of illegitimate BGP announcements,
  • use RPKI (Resource Public Key Infrastructure) certification and declare ROAs (Route Origin Authorizations),
  • apply good BGP[3] practices in interconnections between operators.

ANSSI encourages Internet stakeholders to adopt these recommendations and fully implement them at the earliest.

Report 2013 - The Internet Resilience Observatory in France - ANSSI -Afnic

 


[1] The BGP (Border Gateway Protocol) is used to carry data using routing advertisements. The DNS (Domain Name System) provides the correspondence between a domain name and an IP address.

[2] An Autonomous System (AS) is a network or a set of computer networks integrated with the Internet and managed by a single entity (Internet access provider, host, business, or administration).

[3] Read: http://www.ssi.gouv.fr/IMG/pdf/guide_configuration_BGP.pdf (ANSSI 2013).


About ANSSI: For further information about ANSSI and its assignments, please visit: www.ssi.gouv.fr
Press contact: +33 (0)1 71 75 84 04 – communication [at] ssi.gouv.fr

About Afnic: For further information about AFNIC, please visit: www.afnic.fr
Press contact: +33 (0)1 39 30 83 25 – presse [at] afnic.fr