Packet Design this week will unveil a product designed to alleviate the security and reliability issues associated with the Border Gateway Protocol (BGP), the routing protocol used by virtually all network routers for communication between service provider and large enterprise domains.\u00a0The company's BGP Scalable Transport (BST) protocol is intended to streamline communication of BGP routing information, thereby improving security and reliability, Packet Design says. BST works with, but requires no changes to, any router vendor's existing BGP implementation.\u00a0\u00a0Packet Design has applied for several patents on BST.BGP security and scalability is a major concern for service providers, enterprises and the federal government. Richard Clarke, Special Advisor to the President for Cyberspace Security,\u00a0says\u00a0the U.S. government should fund the IETF\u2019s work on Internet security and establish testbeds for resultant products.\u201cRight now, (BGP) doesn\u2019t use authentication or encryption,\u201d Clarke says. \u201cThat poses a potential vulnerability, which people have been aware of and talking about for years but no one has done anything to fix yet. So there are two problems, they\u2019re related, and we\u2019re interested in solutions that facilitate both of them.\u201d\u00a0Packet Design\u2019s solution, BST, augments BGP with a new transport mechanism alongside the one it currently uses, the Transport Control Protocol (TCP).\u00a0 As a point-to-point protocol, TCP sends data from one sender to one receiver.\u00a0 A connection must be kept open between every pair of routers, and many copies of the same information travel across the network simultaneously, rapidly eating up router resources, Packet Design asserts.Security is compromised, both because the routers lack the capacity to do resource-heavy authentication and encryption while managing such large numbers of connections, and because peering exposes routing services and leaves the network routers vulnerable to attacks, the company claims.\u00a0 Reliability suffers as well, because the failure of even one TCP connection leads to the exchange of large routing tables, causing large-scale ripple effects across the network, Packet Design says.The company's BGP transport alternative is BST, which transmits information using a technique known as "flooding." Instead of a message being sent from an originating router to every other router in the network, it is sent only to the first router's immediate "neighbor" routers, which in turn send it to their neighbors, and so on.\u00a0BST requires significantly fewer connections than TCP, so a network can scale to a much greater size with minimal concern for connection loss, security breaches, slow convergence times and configuration complexity, Packet Design claims.\u201cIt makes BGP more resilient and the management of BGP more secure,\u201d says John McConnell, president of McConnell Consulting. \u201cBST can also be used to move other metrics around, such as costs.\u201dOther analysts are less \u201csold\u201d on the actual technique, though encouraged by the attempt.\u201cIt\u2019s healthy that some one is taking a look at TCP and saying, \u2018Is this the right protocol for us to build our routing protocols on top,\u2019\u201d says Mark Seery of RHK. \u201cTheir suspicion about flooding being better than stateful sessions is probably accurate, although I wouldn\u2019t say it\u2019s a slam-dunk argument. Some technical due diligence does have to occur by the community. But the bottom line is I think it\u2019s a fresh approach and it could spur a lot of important ideas going forward.\u201dAnd McConnell sounds a familiar refrain regrading start-up companies: \u201cPacket Design\u2019s real challenge is to get attention of service providers.\u201dBST can be used between route processors in a single router, between routers in a point of presence (POP), between POPs in an autonomous network, or between autonomous networks.\n\n\u00a0Packet Design's BST reference implementation will be available in December.\u00a0 Pricing includes an initial license fee starting at $100,000 plus a per-device royalty dependent on volume.