Strengthen your Network Security with APNIC Products and Tools

Overview

Course Overview

This webinar introduces participants to APNIC products, tools, and routing security services, with a focus on strengthening the security and visibility of Internet routing. The session provides a guided, practical overview of current routing security mechanisms including IRR route objects, AS‑SETs, and RPKI ROAs, as well as an introduction to upcoming improvements such as RPKI ASPAs.
Participants will also learn how to use APNIC DASH to visualise the status of their BGP routing, identify misconfigurations or security risks, receive alerts about suspicious activity, and assess their network’s alignment with Internet security best practices.
This session is designed to help operators better understand the tools available to them and apply routing security techniques directly within their own networks.

Course Outline

This course will cover the following topics:

Introduction to APNIC products and tools
Routing Security – Current and future mechanisms
Learn how to use APNIC DASH

Course Materials

Slides: Strengthen your Network Security with APNIC Products and Tools Download

BGPWatch Part 2

Overview

Course Overview

BGPWatch is a BGP routing monitoring system; the platform is now live at https://bgpwatch.cgtf.net/ and provides functions in four aspects: Anomaly Detection (including prefix hijacking, path hijacking, route leaking detection, source IP address spoofing detection, and bogon IP announcement detection), AS Dashboard (summary information for AS, RIR, and ROA registrations), Routing (forward routing, reverse routing, bidirectional routing paths, and jitter monitoring), and Subscribe (alerts for prefix changes, peer changes, routing path changes, and anomaly events, as well as weekly reports).

Here is the first part of this webinar series: BGPWatch Part 1

Notes

We sincerely thank all guest speakers to support and collaborate to this webinar.

Changqing An, Associate Professor, Tsinghua University
Linmei Zu, Product Manager, Tsinghua University
Zidong Pei, Senior Software Engineer, Tsinghua University
Md. Ariful Islam, General Manager (Network & Infrastructure), Bangladesh Research and Education Network (BdREN)
Shamim Ahmed, Manager (Core Network), Bangladesh Research and Education Network (BdREN)

Course Outline

This training mainly focuses on the practical operation and practice of BGPWATCH, which is divided into 4 parts:
1. Anomaly Detection: Including prefix hijacking, path hijacking, route leaking detection, source IP address spoofing detection, and bogon IP announcement detection
2. AS Dashboard: Providing summary information for AS (Autonomous System), RIR (Regional Internet Registry), and ROA (Route Origin Authorization) registrations
3. Routing: Covering forward routing, reverse routing, bidirectional routing paths, and jitter monitoring
4. Subscribe: Offering alerts for prefix changes, peer changes, routing path changes, and anomaly events, as well as weekly reports

For each part, 4 components will be arranged.
1. Usage Method: Introduction to functions
2. Daily Usage: Primarily for the daily monitoring of your network
3. Case Examples: How to use the system for debugging when network failures occur
4. Practice Exercises

Course Materials

Slides: BGPWatch Part 1 and Part 2 Download

BGPWatch Part 1

Overview

Course Overview

Here is the second part of this webinar series: BGPWatch Part 2

Notes

We sincerely thank all guest speakers to support and collaborate to this webinar.

Changqing An, Associate Professor, Tsinghua University
Linmei Zu, Product Manager, Tsinghua University
Zidong Pei, Senior Software Engineer, Tsinghua University
Md. Ariful Islam, General Manager (Network & Infrastructure), Bangladesh Research and Education Network (BdREN)
Shamim Ahmed, Manager (Core Network), Bangladesh Research and Education Network (BdREN)

Course Outline

Course Materials

Slides: BGPWatch Part 1 and Part 2 Download

Lakht E Hassnain

Lakht E Hassnain is a seasoned network and security professional with over 15 years of experience in ISP and telecom environments. Specializing in IP routing, BGP, RPKI, DNS, IPv6, DNSSEC, IX operations, and CDN deployment, Lakht currently oversees the internet gateway infrastructure and IP resources for a major mobile operator in Pakistan. As an active member of the Internet Society Pakistan, Lakht is passionate about sharing knowledge and building technical capacity within the community.

Lakht volunteers as a community trainer and shares his knowledge.

BGP Routing Analysis with BGPWatch

Overview

Course Overview

BGPWatch offers an extensive overview of BGP routing and analysis. It highlights incidents related to route hijacking, identifies victims and attackers, and presents hijack statistics, routing paths, and various other features.

Moreover, the platform ensures rapid response times and issues event alerts via email. It evaluates the severity of events and offers event replay capabilities, all aimed at effectively aiding network operators.

Additionally, BGPWatch provides a range of tools for network monitoring, including a dashboard showcasing essential AS information, displaying forward, reverse, and bi-directional routing paths, and supporting subscriptions.

Course Outline

This course will cover the following topics:

BGP route hijack detection
BGP route diagnosis
BGP route monitoring

Course Materials

Slides: BGP Routing Analysis with BGPWatch Download

Md Abdullah Al Naser

Naser is a professional IP network enthusiast with extensive experience working in large ISPs, telecoms, and enterprise network infrastructures. He specializes in planning and designing complex network solutions for both service providers and corporate networks, with expertise in advanced routing protocols such as OSPF, IS-IS, and BGP, as well as IPv6 and MPLS. Alongside his profession, Naser is also involved in technical writing and providing technical training within his capacity.

Rahul Makhija

Rahul Makhija is a seasoned IP network professional. He has been in the ISP industry since 2007. He is a BGP enthusiast and an IPv6 evangelist. Rahul is currently the CTO at Esto Group of Companies (AS135817). He actively participates in various community engagements. Rahul has been contributing to various program committees such as INNOG, SANOG and APNIC conferences. Over the years, he has mentored many network engineers, helping them gain new skill sets and adopt industry’s best practices.

Rahul shares his knowledge and experience as a volunteer community trainer for APNIC.

Jethro Tambeana

Jethro worked as a Network Engineer for over 17 years. He began his carrier with the local ISP Telecom Vanuatu Ltd as Network Administrator and later joined OGCIO to work as Network Manager for the Vanuatu eGov Network. He also was part of the initial setup and operation of the local IXP, Vanuatu Internet Exchange, and still provides technical support to the IXP to this day. Jethro now works as a network consultant and shares his knowledge as a community trainer for APNIC.

Md. Rafeeun Noby Babir

Md. Rafeeun Noby Babir is an accomplished professional in the field of Telecommunications and Information Technology. With an extensive experience in the network industry in Bangladesh, Babir has made significant contributions in Gateway Operations, specializing in International Internet Gateway (IIG), International Terrestrial Cable (ITC), National Internet Exchange (NIX) as well as Nationwide Internet Service Provider (ISP).

Babir’s expertise extends towards Network Servers and Security along with Routing and Switching. He possesses in-depth knowledge of BGP core networks. Along with a degree in ECE from KUET, he also holds certifications from industry-leading organizations like Cisco (CCNP, Specialist), Juniper (JNCIA), Huawei (HCIA), Red Hat (RHCE, RHCSA) and demonstrates his commitment to professional excellence.

Babir shares his knowledge as a volunteer community trainer for APNIC.

Shaila Sharmin

Shaila Sharmin has more than 10 years of working experience in ISP, Bank and WiMAX Network Architecture. She is a seasoned Operations Engineer and Management professional in the field of IP Core and System Security, and possesses extensive hands-on experience in Core and Enterprise Routing and Switching Technologies with major vendors. Shaila has in depth knowledge of cybersecurity and privacy principles, cyber threats types and vulnerabilities, security risks assessment and emerging technologies.

Shaila was educated in Bangladesh completing a Master’s Degree in Computer Science with a Bachelor’s Degree in Computer science and engineering. Furthermore, she has some vendor certifications (e.g. CISM, CCNP, NSE4 etc.) at her credit. Shaila actively speaks and volunteers at bdNOG, APNIC events.

Areas of Interests: SDN, IPv6, Routing and Switching, MPLS, BGP, Network and Information Security and Internetworking, Internet Governance and technical Policy.

Shaila shares his knowledge as a volunteer community trainer for APNIC.