BGP Security

Home / Routing

E-Learning Course

BGP Security

The Border Gateway Protocol (BGP) is vulnerable. Analyse the threats to BGP and learn about the recommended security measures to protect your network against accidental and malicious misconfigurations.

You will learn how to

  • Identify the fundamental security vulnerabilities of the Border Gateway Protocol
  • Identify the types and causes of BGP incidents and their impact on the Internet
  • Select appropriate safeguards to prevent accidental and malicious BGP routing incidents
  • Implement security measures to protect the BGP speaker and sessions
  • Choose the appropriate methods for implementing BGP filters
  • Define BGP filter recommendations based on routing relationships
  • Register your routing information and publish routing policies in the RIPE Database
  • Validate BGP announcements using RPKI information

The modules are interactive and consist of reading, practice, videos, guided exercises and questions.

The course is in English. You can take it independently, or in combination with the other RIPE NCC Academy courses and Webinars.

  • Advanced
  • 10 hours to complete
  • 6 modules
  • 6 lab activities
  • Online
  • English
  • Free
  • Gets you ready for the BGP Security Expert exam

Who is this course for?

You should take part in this training course if you:

  • Are a network engineer running BGP on your network
  • Need to understand the current security threats and how to mitigate them
  • Need to learn how to use the Internet Registry System
  • Need to learn how to use RPKI

This course doesn’t cover

  • Basic notions of the BGP protocol
  • How to operate a Local Internet Registry (LIR)

Skills you will gain

  • Understand security risks in Internet routing
  • Secure your network against routing threats
  • Apply the core concepts of RPKI

Pre-Requisites

  • Understanding the IP protocol
  • Experience in running an IPv6 network

Course Overview

Expand All

Unit 1 - The Need for BGP Security

Review how BGP works for inter-AS communication.

Unit 2 - Analysing BGP Threats and Attacks

Review some of the fundamental vulnerabilities of the Border Gateway Protocol and analyse various types of BGP incidents, their causes, and the impacts they can have on your network.

Unit 3 - BGP Security Measures

Review what security measures are available to prevent BGP incidents.

Get more in depth on the methods for protecting the BGP speaker and sessions.

Secure your BGP sessions using two techniques: MD5 and GTSM.

Identify the purpose of BGP filters, what kind of filters you can make, what to filter based on your network relationships and how to use data sources to generate your filters automatically.

Review what the IRR is, how to register your information into the database and how the database can be used to improve routing security.

Discover more about RPKI, how it works and how it is used to improve routing security.

BGP Security Exam

The content of this course aligns with the BGP Security exam.

After finishing this course, you will be ready to take the exam and become RIPE NCC certified.

Take the exam

Live sessions

Need support?

Throughout the course, you can ask questions or send your comments about the course to our Learning and Development team. You just need to click the "Contact trainer" link in the navigation bar on the left.

This course was created by the RIPE NCC and it is facilitated by the RIPE NCC Learning & Development Department.

Self enrolment (Student)
Self enrolment (Student)