Qrator.Radar from Qrator Labs is a platform analyzing routing information and networking connectivity changes in real-time. Internet monitoring system Qrator.Radar makes it possible to detect networking anomalies that could significantly affect the accessibility and quality of the services on a level of global routing.
The crucial role in networks reachability and normal functioning on international and national levels is reserved to the Border Gateway Protocol. It makes possible the information exchange about IP address availability between networks of internet service providers (autonomous systems), allowing to choose a route that traffic will follow until it reaches the destination. However, each ISP selects the route from all the alternatives on its own. Since within the specifications for Border Gateway Protocol, there is no limitation in what the operator could do with the traffic. There is no authentication or verification of incoming routes to networks, preventing traffic management issues between ISPs (routing incidents).
With the help of Qrator.Radar it is possible to monitor changes in the connectivity and security incidents for both ingress and egress traffic, such as:
- Route Leaks — redirection or concentration of traffic within an intermediary network that should, under normal circumstances, be present in the route. Smaller operators could incidentally redirect onto themselves traffic flows from the backbone networks or entire continents. Consequences of a route leak include increased latency, traffic loss and substantial degradation of connection quality. As a result of such leak both transit operators and service end-users suffer.
- Hijacks — illegitimate network prefixes announcement into BGP, allowing to hijack the traffic. Malfunctor, with the help of phishing sites, could attain the traffic of a target, analyze it and search for passwords, financial and personal data.
- Bogons — announcement of prefixes and autonomous system numbers into BGP reserved for other purposes and not supposed to be in the routing tables. Such an event outcome varies from the local network becoming available to an outside user to the entire network's unavailability.
You can read the detailed description for each type of BGP incidents in the FAQ section.
It is almost impossible to detect network incidents from inside a customer's network. Usually, ISPs monitor only their traffic and cannot observe the routes between other ISPs globally. For these purposes of global traffic monitoring and anomaly detection, one needs a specialized tool that works at a level of interdomain routing.
Qrator.Radar is one of the largest BGP collectors in the world (counting the number of sessions and routing tables). Hundreds of ISPs worldwide provide Qrator Labs with data on all the available within routing tables networks.
You can also establish a BGP session with our collector and get more accurate information about the BGP incidents with the help of an automated feed and on our website. You can find the instructions for setting up a BGP session here.
Qrator Labs' in-house developed algorithms process received information and searches for any anomalies that could lead to the incidents. The essential part of this is supported by a mathematical model defining the relationship between autonomous systems.
Qrator.Radar detects thousands of routing incidents globally every day.
Information regarding the events connected to an anomalous change in the routing data is available to the customer in real-time. We usually use syslog, email, and the API to deliver notifications and integrate with customer services, other options also possible. Opportunity to get notices on BGP anomalies in real-time allows immediate reaction on the incident, mitigating possible adverse outcomes for business and ensuring better networking overall.