Multiprotocol Label Switching (MPLS) security is not for the faint hearted. However, like most information technology, understanding basic principles and having a policy founded on sound principles allows an administrator to sleep at night knowing the networks are secure.  A policy for employing thoughtful and conservative essential practices and having quality assurance practices to ensure continuity of secure operations is one of those basic principles.  An antithetical principle is that when a criminal takes control of your systems, bad things are going to happen.

Our assessment of the tools and techniques described in OSINT (open source intelligence) is that MPLS network security can be compromised when the attacker compromises the network control infrastructure.  This was true years ago when I first learned MPLS was not just an abbreviation for a city in Minnesota.  If the attacker compromises a router, he can control the traffic passing through the router.  History tells us that when one controls traffic intersections, one controls the traffic going through the intersection.  Alexander knew this. Compromised network control infrastructure results in a myriad of bad outcomes, and new tools, techniques or presentations cannot change that principle significantly.

A new tool, technique or presentation does not extend an attacker’s capabilities.  The attacker’s best case is increased efficiency. A poorly-administered MPLS network is vulnerable to compromise.  But it was vulnerable the moment it became poorly-administered and new tools, techniques and presentations do not significantly alter that situation.

We have years of experience developing policies and procedures to create trustworthy MPLS networks.  Our MPLS networking teams understand the network infrastructure control principle and we devote talent, experience, time and equipment to assuring we trust our control infrastructure all the way to the hardware we provide onto our customer’s premises.

We devote talent, experience, time and equipment to assure ongoing trust in the traffic on our networks by monitoring network health on a global basis. We’re experts at it.

An aphorism frequently used among security professionals is, “trust but verify.” It should come as no surprise we devote some of our expertise to verifying the state of our control infrastructure.  We verify it frequently, routinely, one could even say constantly.  An attacker who manages to break into a facility and gain access to a portion of our control infrastructure will be detected within minutes of making an unauthorized configuration change whether the break-in is physical or electronic.  We verify traffic entering our networks before we trust it.  The Internet, we know is not a trustworthy network.  Our MPLS network on the other hand is verified as trustworthy.

This blog post is not going to detail our labeling policy and procedures, and it’s not going to detail our network assurance measures.  It’s not going to provide any information an attacker could use against us.  Before I’m accused of “security by obscurity,” I invite the readers attention to an understanding of ”Essential Elements of Friendly Information,” and “Operations Security.”  And SBO is still a layer, in this case one of many.

A word about objectivity is necessary.  Verizon Business, among our many products and services,  provides both security and MPLS solutions.  A presentation scheduled to be given at a conference yesterday was slated to include MPLS security, and we’ve been peppered with queries about who really owns the packets on MPLS networks.  Actually, this began when the same company that operates the conference published a news article about the presentation last week.  It is fair to wonder about whether the article contributed to paid attendance at the publisher’s conferences. We haven’t seen the presentation yet, so our observations are based on the news reports such as the one published last week. We recognize our sources’ objectivity is not assured. For the same reasons, my objectivity cannot be assured.  I rest at night knowing I’m objective, but you may not know that.  We work with our customers to assure they can sleep at night knowing our shared MPLS networks are secure.

Update 04/19/09: After reviewing the slides and the whitepaper from the presentation, we have no changes to this blog entry.

Tags: Information Security, InfoSec, MPLS, risk, security, verizon

This entry was posted on Friday, April 17th, 2009 at 11:09 pm and is filed under Analysis. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.