Table of Contents

Cisco CCDE v3 Training

71:39:25 Hours
226 Lectures


BGP Training

22:46:48 Hours
22 Lectures


Routing Protocols Design and Deployment Course

47:00:55 Hours
51 Lectures


Autonomous System Provider Authorization BGP Security

Autonomous System Provider Authorization - ASPA is a new approach for the Path Validation in BGP Information Security. Only Path Validation Standard in IETF is BGP SEC which is specified in RFC 8205. In this post, I won't explain BGPSEC, but basically it works based on encrypting the entire path and useful only if there is full adoption among the Autonomous Systems in Global Internet. Main problem though, since entire path is encrypted, resource requirements on the Routers quite significant with BGPSEC. There are two new approaches for Path Validation and both are in Draft state in IETF at the moment.

These are AS-Cones and ASPA which is the purpose of this post. I discussed ASPA (Autonomous System Provider Authorization) with the Author of the Draft, Alexander Azimov on how Internet can be made more secure with ASPA which is a new proposal. Securing Internet is Hard Challenge,Preventing Route Leaks, Hijacks, Malicious Activities are not trivial.Current approaches such as BGPSEC or SoBGP doesn't work. In this video, also, Origin Validation, Path Validation, SoBGP, BGPSEC, RPKI, ROA, RIR, LIR, Hijacks, Exact Prefix Hijacks, Sub Prefix Hijacks,Route Leaks and many other BGP Security features, techniques and protocols have been discussed.

It is over 2 hours but I think you will learn a lot about Inter-domain routing security. Sharing the video below!

Created by
Orhan Ergun

Orhan Ergun, CCIE/CCDE Trainer, Author of Many Networking Books, Network Design Advisor, and Cisco Champion 2019/2020/2021

He created OrhanErgun.Net 10 years ago and has been serving the IT industry with his renowned and awarded training.

Wrote many books, mostly on Network Design, joined many IETF RFCs, gave Public talks at many Forums, and mentored thousands of his students.  

Today, with his carefully selected instructors, OrhanErgun.Net is providing IT courses to tens of thousands of IT engineers. 

View profile