Belnet is currently working on implementing a Service Improvement Programme to improve the resilience of our network to cyber-attacks. Our Technical Director Dirk Haex explains why it is crucial that the entire Belnet community is engaged with this task.
Why was the Service Improvement Programme started, and what does it entail exactly?
'The improvement programme arose following the large-scale volumetric DDoS attack on our network in May last year. What’s important is that the programme goes beyond technical action points, and includes a series of improvements in processes and communication.
The implementation of this Service Improvement Programme will be tackled on a project-by-project basis, in accordance with the methods used at Belnet. A multidisciplinary team has been put together for this, consisting of project managers, network and security specialists, and account managers. Many of the adjustments and improvements have already been implemented.'
How is the Belnet community being involved?
'In the first place, we listened to feedback from our customers when drawing up the Service Improvement Programme. So not only did we list our own lessons learned, we also took the concerns of our community into account.
Our customers also have a crucial role to play in one of the last ongoing action points, by the way. Their engagement is essential so that we can all make the Belnet network even more secure. More specifically, it concerns a change in the way they use their point-to-point addresses.'
"The engagement of our customers is essential so that we can all make the Belnet network even more secure."
Dirk Haex, Technical Director, Belnet
What exactly does this change involve?
'I'm going to have to get a bit technical to explain this. The customer's router or firewall is connected to the Belnet network, and a very specific IP subnet is provided for each customer for the addressing. We call this point-to-point addressing. Parallel to this, the customer uses official IP addresses with which they can provide services to the outside world.
In practice, we've found that many customers use their assigned point-to-point IP address from this subnet as the source address for outgoing IP traffic, instead of using one or more of the IP addresses assigned to them. This is problematic, because it prevents our anti-DDoS systems from being optimally deployed during volumetric attacks.
For this reason, we're asking each customer to check their configuration and, if necessary, to only use their point-to-point addresses from now on for their intended purpose; to connect the customer's infrastructure to Belnet's.'
Why is their engagement so important?
'It's important that every organisation does what it has to do. This is the only way can we improve the protection of the entire Belnet community against attacks. These changes will also allow our technical teams to intervene more efficiently and faster in the event of attacks, enabling us to improve our services across the entire community.'
How can Belnet help its customers with this task?
'The technical contacts at each of our affiliated organisations will soon receive more information about this change by e-mail. We foresee an ample transition period, so that our customers have plenty of time to make the changes needed. Our Technical Advisors are of course also ready to help them with any questions or difficulties. Together, we're stronger, and in a better position to make the Belnet network even more secure.'