Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.

Avenue4 LLCRead Message Promoted Post

Home / Industry

Is Your TLD Threat Mitigation Strategy up to Scratch?

When it comes to operating a TLD, ensuring your namespace is free of malicious activity should be a particular area of focus if you would like to maintain your reputation as a trusted destination online. Equally, this is a topic of increasing importance for ICANN who continue to drive TLDs to provide safer and safer namespaces.

There has been much discussion of the security requirements laid out in the ICANN Registry Agreement — and in particular, the security obligations outlined in Specification 11 that includes a requirement that TLD operators "periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats", as well as maintaining "statistical reports on the number of security threats identified and the actions taken as a result of the periodic security checks...and [providing] them to ICANN upon request."

This key specification within the Registry Agreement framework aims to prevent new TLDs from being misused for abusive activity such as phishing, malware, and botnets, and to create provisions to supply reports on such activity when requested.

For many TLD operators — particularly .brand TLDs for whom the world of domain names and ICANN is foreign territory — attempting to minimise malicious activity in their namespace without outside help can be a full-time task in itself. At Neustar, we recognised this challenge among our own TLDs and developed a Registry Threat Mitigation Service (RTMS) that is already in use for the .co, .biz, .nyc and .neustar TLDs, as well as many of our client's TLDs.

Rightside Registry, backend provider to many of the world's most recognized TLDs such as .news, .rocks and .ninja is one such Registry Operator who recently signed with Neustar to use the RTMS platform. In evaluating the market for similar services, Rightside recognised the importance of choosing a robust system that minimises their operational workload and continually evolves.

Alan Woods, Compliance Manager at Rightside Registry, explained why they chose Neustar's RTMS.

"Rightside has been a leader in promoting safe namespaces and has been actively working to improve our ability to protect our TLDs from abusive behavior," said Mr. Woods. "Neustar's RTMS provides a robust platform that integrates into our day-to-day workflows."

The interpretation of Specification 11 has raised some questions, leading to ICANN's current work on a clarification document. In addition to this the Public Safety Working Group (PSWG) and representatives from registries and registrars have been working to develop a security framework for TLD operators to provide non-binding, best practice guidelines.

Some Registries have not yet made arrangements for dealing with malicious activity in their namespaces. This is an example of another operational aspect of being a Registry Operator that can consume vast amounts of time and effort and still leave you vulnerable if you try to take it on yourself. Whichever way you choose to address it, if you haven't been actively maintaining a clean and safe namespace and compiling records, now would be a good time to review your options.

Written by Corey Grant, Senior Advisor, Professional Services at Neustar.

Neustar

About Neustar – Every day, the world generates roughly 2.5 quadrillion bits of data. Neustar isolates certain elements and analyzes, simplifies and edits them to make precise and valuable decisions that drive results. Visit Page

SHARE THIS POST

If you are pressed for time ...

... this is for you. More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

Vinton Cerf, Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

Mobile Internet

Sponsored byAfilias

DNS Security

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC

Cybersecurity

Sponsored byVerisign

Promoted Post

Buying or Selling IPv4 Addresses?

Watch this video to discover how ACCELR/8, a transformative trading platform developed by industry veterans Marc Lindsey and Janine Goodman, enables organizations to buy or sell IPv4 blocks as small as /20s.