Designing a workflow to respond to BGP Incidents
What do you do when someone calls you and tells you your company is part of a BGP hijack? None of us want to be part of or contribute to route leaks, misconfigurat …
Talk Title | Designing a workflow to respond to BGP Incidents |
Speakers | Job Snijders, NTT |
Conference | NANOG77 |
Conf Tag | |
Location | Austin, TX |
Date | Oct 28 2019 - Oct 30 2019 |
URL | Talk Page |
Slides | Talk Slides |
Video | Talk Video |
What do you do when someone calls you and tells you your company is part of a BGP hijack? None of us want to be part of or contribute to route leaks, misconfigurations, or BGP hijacks; but what steps do you take to analyse the problem, how can you verify such a claim? After all, we do need to prevent taking down the wrong customer should the BGP hijack complained contain the wrong information. It is prudent for Network Operations Centers to respond to BGP incidents in a consistent and reliable manner; preferably without having to make up the process on the spot! In this presentation we’ll cover what incident response can look like in a NOC in terms of evidence collection and interpreting the available data.