Category: About Deploy360

Feb 28

Meet The Deploy360 Team At IETF 89 Next Week

DO Team 2013Will you be at IETF 89 next week in London?  If so, please feel free to say hello to one of our team members there.  We’ll all be there: myself (Dan York), Chris Grundemann, Megan Kruse and Jan Žorž.

You can expect to find at least one of us in any of the sessions that relate to IPv6, DNSSEC or securing BGP.  Specifically, some of the sessions we’ll be at can be found in these posts:

We’re always interested in talking to people about the work we do here and also how we can help you get these technologies more rapidly deployed.  Got a question for us?  Find us at the IETF sessions and let us know.

You can also send an email to us at “deploy360@isoc.org” if you’d like to set up a time to meet.

See you in London!

Jan 29

Introducing A New Deploy360 Topic: Securing BGP

BGPHow can we help network operators ensure that their usage of the Border Gateway Protocol (BGP) is as secure as possible?  How can we help enterprises who operate their own routing infrastructure make sure that they are keeping their own networks secure?  How can we help network operators at all levels make sure they are doing their part to keep the Internet’s routing infrastructure as secure and resilient as possible?

A year ago we launched the “Routing” topic on Deploy360 to explore these kind of questions.  We’ve written many articles about routing resiliency and featured panels about improving routing resiliency/security at our ION conferences, such as a recent session at ION Toronto.

However, as we went around speaking with people about the need to make the Internet’s routing infrastructure more resilient and secure,  one extremely important bit of feedback we received from people was that our topic here on Deploy360 of “Routing” was far too broad.  It wasn’t as specific as our areas on IPv6 and DNSSEC, and that provided multiple challenges both in terms of creating a logical flow of providing deployment information and also in finding resources and/or people to create new materials.

We’ve listened to all that feedback and are changing how we address the overall routing resiliency topic.  Instead of one massive topic, we’re going to be breaking the area down into several smaller topics that we will be rolling out over the course of 2014.

Today we’re pleased to announce the first new topic area, Securing BGP, where we will be focusing on the tools, services and technologies that can help make BGP routing more secure.  We’ll be talking about not only basic “good hygiene” for routing but also specific tools that can help secure BGP such as prefix filtering, ACLs, RPKI, BGPSEC and much more.  We have created a set of initial pages related to the topic which will be populating with more content over the weeks and months ahead:

Perhaps more importantly we have outlined a content roadmap for the resources related to securing BGP that we want to add to the site and are now actively looking for resources that are out there now that we can point to – or identifying authors who can write some of the resources that don’t yet exist. Naturally we’ll be adding blog posts related to securing BGP to our Deploy360 blog – and you can expect sessions related to securing BGP to appear at our future ION conferences.

How You Can Help

We need your help!  In order to provide the best possible resources to help network operators secure their use of BGP, we need to hear from you!  We need your feedback to help us know that we are helping you make your network more secure.  A few specific requests:

1. Read through our pages and content roadmap - Please take a look through our “Securing BPG” set of pages, and also please take a look at our content roadmap for BGP.  Are the current resources listed helpful?  Is the way we have structured the information helpful?  Will the resources we list on our roadmap help you make your routers more secure?

2. Send us suggestions – If you know of a report, whitepaper, tutorial, video, case study, site or other resource we should consider adding to the site, please let us know. We have a list of many resources that we are considering, but we are always looking for more.

3. Volunteer – If you are very interested in this topic and would like to actively help us on an ongoing basis, please fill out our volunteer form and we’ll get you connected to what we are doing.

4. Help us spread the word – As we publish resources and blog posts relating to securing BGP, please help us spread those links through social networks so that more people can learn about the topic.

Jan 29

Introducing A New Deploy360 Topic: Securing BGP

BGPHow can we help network operators ensure that their usage of the Border Gateway Protocol (BGP) is as secure as possible?  How can we help enterprises who operate their own routing infrastructure make sure that they are keeping their own networks secure?  How can we help network operators at all levels make sure they are doing their part to keep the Internet’s routing infrastructure as secure and resilient as possible?

A year ago we launched the “Routing” topic on Deploy360 to explore these kind of questions.  We’ve written many articles about routing resiliency and featured panels about improving routing resiliency/security at our ION conferences, such as a recent session at ION Toronto.

However, as we went around speaking with people about the need to make the Internet’s routing infrastructure more resilient and secure,  one extremely important bit of feedback we received from people was that our topic here on Deploy360 of “Routing” was far too broad.  It wasn’t as specific as our areas on IPv6 and DNSSEC, and that provided multiple challenges both in terms of creating a logical flow of providing deployment information and also in finding resources and/or people to create new materials.

We’ve listened to all that feedback and are changing how we address the overall routing resiliency topic.  Instead of one massive topic, we’re going to be breaking the area down into several smaller topics that we will be rolling out over the course of 2014.

Today we’re pleased to announce the first new topic area, Securing BGP, where we will be focusing on the tools, services and technologies that can help make BGP routing more secure.  We’ll be talking about not only basic “good hygiene” for routing but also specific tools that can help secure BGP such as prefix filtering, ACLs, RPKI, BGPSEC and much more.  We have created a set of initial pages related to the topic which will be populating with more content over the weeks and months ahead:

Perhaps more importantly we have outlined a content roadmap for the resources related to securing BGP that we want to add to the site and are now actively looking for resources that are out there now that we can point to – or identifying authors who can write some of the resources that don’t yet exist. Naturally we’ll be adding blog posts related to securing BGP to our Deploy360 blog – and you can expect sessions related to securing BGP to appear at our future ION conferences.

How You Can Help

We need your help!  In order to provide the best possible resources to help network operators secure their use of BGP, we need to hear from you!  We need your feedback to help us know that we are helping you make your network more secure.  A few specific requests:

1. Read through our pages and content roadmap – Please take a look through our “Securing BPG” set of pages, and also please take a look at our content roadmap for BGP.  Are the current resources listed helpful?  Is the way we have structured the information helpful?  Will the resources we list on our roadmap help you make your routers more secure?

2. Send us suggestions – If you know of a report, whitepaper, tutorial, video, case study, site or other resource we should consider adding to the site, please let us know. We have a list of many resources that we are considering, but we are always looking for more.

3. Volunteer – If you are very interested in this topic and would like to actively help us on an ongoing basis, please fill out our volunteer form and we’ll get you connected to what we are doing.

4. Help us spread the word – As we publish resources and blog posts relating to securing BGP, please help us spread those links through social networks so that more people can learn about the topic.

The post Introducing A New Deploy360 Topic: Securing BGP appeared first on Internet Society.

Jan 08

Quick Admin Update: Minor changes to Deploy360 website, sharing

Checking under the hood and kicking the tiresJust a quick update… in our constant effort to to make this site work as smoothly as possible for visitors and also to help as many people as possible  find our content, I spent some time “under the hood” today making some upgrades and doing a number of other tweaks.

You shouldn’t see anything really different about the site, but if you do see anything that acts strange, please let us know.  I’ve gone through a sample of our pages and posts, but there’s a chance I may have missed something.

The major change you will see is the “Share This:” bar of buttons at the bottom of this post.  I switched from the plugin we were using before to Automattic’s “Jetpack” plugin for WordPress and like the behavior much better. I also added LinkedIn as a sharing choice to make it easier for people to share out content out to LinkedIn.  Any feedback on the sharing experience would be welcome, either as comments here or via email/form.

Another reason for the update today was that the Jetpack plugin lets us also automatically publish our new posts out to the Deploy360 Google+ Page, in addition to our Twitter account and Facebook page. We’ve found a good amount of interest in our information within Google+ and continue to gave great conversations there. Our previous process automatically posted to Twitter and Facebook but was a manual process for Google+ that was a bit cumbersome. We like that this change puts Google+ on the same level as the others as a content distribution channel.

We also updated the awesome EditFlow editorial calendar we use for planning the content we’re sharing on the site and made a number of other minor tweaks and changes.

All in all a shiny new back-end of the Deploy360 site for 2014!  We’re looking forward to using these capabilities to deliver even more information to you in 2014… please do let us know how we can help you!

Image credit: wsdot on Flickr (I figured a photo of a snow plow was appropriate given the current weather conditions where I live in New Hampshire, USA).

Dec 23

Follow Deploy360 On SoundCloud To Hear Our Audio Updates And Event Recordings

soundcloudAre you following Deploy360 on SoundCloud?  We’re posting there occasional audio updates about our activities as well as the audio recordings from our ION conferences and other events we attend.  You can find our profile there at:

http://soundcloud.com/deploy360/

Our SoundCloud account is enable for podcasting and so there is also an RSS feed to which you can subscribe using whatever podcast client you prefer.

You can see an example of the types of event recordings we’re doing in our ION Krakow “set” on SoundCloud.  The cool thing is that you can start the set playing and basically listen through the entire ION Krakow event.  It’s a great way to listen to what you missed if you weren’t able to attend or listen live.

In the new year I plan to get the audio recordings up there for ION Toronto as well as some of the recent ICANN DNSSEC Workshops.  Plus, we’ll continue to provide audio updates from time to time to let people know what is going on with our activities within the Deploy360 Programme.

We’d love to have you follow us there and comment on and share our audio recordings.  While you’re there on SoundCloud, perhaps you might also be interested in following the Internet Society SoundCloud account where we share some of the other audio content created at various Internet Society events.

The great thing about SoundCloud is it makes it extremely easy to create, upload and find audio recordings.  The only down side from our perspective is that it is not yet available over IPv6. :-(   If anyone knows of a similar service for audio hosting and sharing that does work over IPv6, we’d love to hear about it.  We haven’t found one yet.

Nov 04

Meet The Deploy360 Team At IETF 88 In Vancouver This Week

IETF LogoThe 88th meeting of the Internet Engineering Task Force (IETF) takes place this week in Vancouver, BC, and Megan Kruse and myself (Dan York) will be there participating in Working Group sessions, recording some video interviews, helping with the live video stream of the IETF 88 Technical Plenary and the ISOC@IETF panel on IPv6 and just generally meeting with people about how we accelerate the deployment of IPv6, DNSSEC and routing technologies!

If you’d like to meet with us at IETF 88, the best bet is to probably send an email to:

deploy360@isoc.org

as that gets to both of us and the rest of the team.  As to where you can find us at IETF 88, you can expect to find Megan and I in most of the sessions related to IPv6, DNSSEC or routing resiliency/security.  Here are some of the prime ones where one or both of us will be:

You can also expect us to be in other sessions where IPv6 or DNS or routing security are mentioned.  We’re around and we’d definitely be interested in meeting with people while here.  Please do drop us an email message or find us in person.

Jul 16

Helping Expand DNSSEC Deployment By Working With Shinkuro And Parsons/SPARTA

When we began what would become the Deploy360 Programme about 18 months ago, we were concerned about how our activity regarding promoting DNSSEC deployment would be seen by other groups already active in the space.  For instance we were very aware that there was the DNSSEC Deployment Initiative, funded by the U.S. Department of Homeland Security (DHS), that had been very active for a good number of years.  The program had spawned a whole series of DNSSEC-related tools, a blog, the dnssec-deployment mailing list and other activities.  How could we best complement this existing work?  And would we be seen as a helpful new addition to the overall work?  Or would we be seen as a competitor to be distrusted?

Steve Crocker and Dan YorkWe were concerned and tried to step carefully as we began.  To our delight what we found was a very welcoming community that was very appreciative of the energy and platform that we were bringing to the effort. Over the past year in particular we have worked very closely with both Steve Crocker and his team at Shinkuro, Inc,. and Russ Mundy and his tools-focused team at a company originally called SPARTA and now part of a larger company, Parsons.  We’ve been working now with them on a variety of projects, including the monthly “DNSSEC Coordination Calls” that bring together people from across the community and industry interested in promoting and advancing the deployment of DNSSEC (and anyone is welcome to join the dnssec-coord mailing list).

And so it is with great pleasure that we can announce a formal Memorandum of Understanding (MoU) between the Internet Society, Shinkuro, and Parsons related to our combined efforts.  The MoU document, now posted to our site, explains the history and roles of each entity and reaffirms our joint commitment to doing all we can to work with the rest of the larger DNS community to bring about the full deployment of DNSSEC around the world.

Steve Crocker and I had a chance to jointly talk about this MoU and our combined effort at the Internet Society Advisory Council meeting held in Beijing in April. The photo accompanying this post shows us holding the signed MoU.  Russ Mundy was also there earlier in the week for the DNSSEC Workshop that we are all involved with that take place at ICANN meetings.

The signing of this MoU is an endorsement of the work we are already doing together – and a commitment by all three of us to work together to use the open multi-stakeholder process to involve even more people and organizations and to help the broader world understand how DNSSEC can significantly upgrade the security of the Internet.

We’re looking forward to continuing and expanding our work with Shinkuro and Parsons – and all of you!  Please join us… you can join the dnssec-coord mailing list, join into the DNSSEC communities on social networks or email, follow us on social networks, come to one of our ION conferences or the DNSSEC workshops at ICANN meetings… or just keep following us here on the site!

Let’s get to work and help get DNSSEC deployed everywhere!

Apr 24

Video – Interview with Jan Zorz at PLNOG

Our team member Jan Zorz was in Poland recently to attend the PLNOG meeting, he was interviewed about what he is doing with the Internet Society.  You can now watch and hear Jan talking about how he is seeking to engage with more network operators around best current operational practices:

Feb 15

Ending A Time Of Quiet And Returning To Action

Internet Society Deploy360 ProgrammeAs you’ve perhaps noticed, it’s been basically two weeks since we last posted anything to the Deploy360 site and I thought I’d just take a moment to explain the quiet time. On the afternoon of February 1, 2013, we had a short outage of the site and while it was only offline for a brief period, the experience highlighted a couple of weaknesses we had in our setup both in terms of technology and process. We took some time to analyze the issues and to make some changes, and I’m pleased to report that the site is now running on a new server in a different architecture and we’ve made a number of other changes as well behind the scenes.

As we were working through this analysis and change, we deliberately wanted to not attract large numbers of visitors to the site and so we put a pause on publishing new content.  While we still have a few more changes we may be making in the weeks ahead, we’re ready to get back in action and so you’ll start seeing new posts and resources coming out from us starting today!

Jan 01

Happy New Year!

Happy New Year! After a fantastic 2012 we’re looking forward to bringing you even more real-world deployment information this year about IPv6, DNSSEC and now our latest topic of Routing Resiliency / Security.

The question is… what will you do in 2013?

Will you deploy IPv6 in your network?  Will you sign your domains with DNSSEC?  Or deploy DNSSEC-validating resolvers in your network?  Will you look at ways to make your routing infrastructure more resilient?

The second question is… how can we help you?

What can we do to help you deploy IPv6 or DNSSEC?  How can we help you better secure your routing?

Please let us know… we want to help you makeyour networks stronger, more flexible and more secure… and in doing so make the open Internet just that much better!