IGF 2017 WS #214
How can we limit the negative impact of Carrier Grade NAT technologies and boost IPv6 adoption?

Short Title
Mitigating CGNs drawbacks and boosting IPv6 adoption
Proposer's Name: Mr. Gregory Mounier

Proposer's Organization: EUROPOL - European Cybercrime Centre

Co-Proposer's Name: Mr. Richard Leaning

Co-Proposer's Organization: RIPE NCC


Mr Gregory MOUNIER, Government, EUROPOL Mr Richard LEANING, International Organisation, RIPE NCC

Additional Speakers

Alice Munyua- Kenya ICT Action Network (KICTANet) - Alice has extensive experience in multi-stakeholder ICT policy development and internet governance at national, regional and international levels. She is the founder of the Kenya ICT Action Network (KICTANet) an interdependent multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. She chaired the 2011 Internet Governance Forum (IGF) held in Nairobi and convened the East Africa Internet Governance Forum (EA-IGF) and the Kenya IGF for five years. She served on the board of the Communications Commission of Kenya for six years, chaired the board of directors of the Kenya Network Information Centre (KeNIC) and was vice chair of the Internet Corporation for Assigned Names and Numbers (ICANN) Governmental Advisory Committee (GAC) for two years. She is a member of the Internet Society Board of Trustees.

Ms Munyua is the advisor to the African Union Commission (AUC) dot Africa initiative and serves as one of the representatives of the AUC on the GAC. She Co-chairs the GAC Public Safety and Under-served regions working groups and leads the GAC capacity development initiative.


Zorz Jan: ISOC - Operational Engagement Programme Manager. Jan Žorž started his professional career in RS-232/VAX VMS world in 1992 and continued through Novell and Windows environments all the way to Solaris and other UNIX derivatives that today represent the native environment for the majority of his projects. Jan is the Internet Society's Operational Engagement Programme Manager. He works on operational initiatives to ease the deployment of IPv6 and other technologies. He is also working to help the industry document best-current operational practices and to improve operator feedback to the IETF.
Jan is one of the pioneers of SiOL, the Slovenian national ISP, and has been involved in the organization from the beginning. Among other activities, he began experimenting in 1997 with Internet streaming multimedia content. Based on these experiments, he successfully accomplished projects such as "Dhaulagiri '99 Live" (an Internet multimedia transmission of Tomaz Humar's solo climb of the south wall of Dhaulagiri (called Death Zone in the Himalayas), "Ski Everest Live 2000" (an Internet live-video transmission and monitoring of extreme skiing from the summit of Mt. Everest by Davo Karnicar) and other similar projects. Together with two other members of the team "Dhaulagiri '99 Live", Jan received a media award/statue "Victor" for special achievement.
For the last seven years, Jan has been working as a consultant in the IT field, specializing in IPv6. He co-founded the Go6 institute (not-for-profit), a Slovenian IPv6 initiative whose main objective is to raise IPv6 awareness in Slovenia and alert the community to the fact that we are approaching extensive changes on the Internet.
Due to the success of Go6 Institute, Slovenia is currently leading the EU as the country most prepared for IPv6 (according to the RIPE NCC's IPv6 RIPEness study). Jan has been invited to present around the world on his work, the model of the Go6 platform, IPv6 awareness raising and deployment at the national level. These speaking engagements have included conferences such as RIPE Meetings, Google IPv6 Implementors Conference 2010, Internet Governance Forum meetings, OECD meeting, World IPv6 Congresses (Paris and London), as well as national forums in Germany, Greece, Norway, Macedonia, Oman, Brazil and many others.
Jan is also primary co-author of a very successful procurement (specification) paper, published as official RIPE Best Current Practice document RIPE-501, titled "Requirements For IPv6 in ICT Equipment". This document is translated into more than 10 languages and is used around the world by enterprises and governments when requesting IPv6 features in ICT equipment purchases. RIPE-501 was recently replaced by RIPE-554, also co-authored by Merike Kaeo, Sander Steffann and Jan Žorž.
Jan is based in Škofja Loka, Slovenia (EU).


Andy De Petter Head of Cyber Security Intelligence & Incident Response .

Andy De Petter has been working over 18 years for the Proximus Group, primarily in the domain of Cyber Security. Initially he was part of the small engineering team for Belgacom Skynet, at the time the largest Internet Service Provider in Belgium. Back then, the team was responsible for end-to-end coverage of the services being provided – from web hosting services, dns, radius, e-mail up to the physical infrastructure in the data center. In 2003, the ISP activities were fully absorbed by the Belgacom Group, where a lot of new services had to be developed and integrated. Because of his extended knowledge on Internet protocols, Andy was designated lead architect for the creation of a cloud-based mail security solution for Enterprise customers – a service which is still running today.

In 2009, Andy became the head of Corporate Network & Security – where he was responsible for the perimeter security infrastructure of the entire Proximus Group. During the years in this position, he came in contact with various technologies in major environments – where his passion for Cyber Security only kept growing. It was also in 2009 that he created a Cyber Security Incident Response Team within Proximus, in order to structurally respond to cyber security incidents.

That initiative has kept growing over the last years – and Andy was involved intensively in forensic analysis of APT incidents, data breaches, incident response and threat intelligence. Since early 2014, these activities have been further formalized, where Andy is now leading the Cyber Defense Center, Intelligence and Incident Response teams.

Since 2008, Andy is also chairing European working groups around Cyber Security – covering both Information Security as emergency response team initiatives. As the head of the CSIRT at Proximus Group, he is also actively participating in working groups with industry, government and law enforcement agencies. Andy is certified ISO/IEC 27001 Lead Implementer, CISSP, CISM, GCFE, GCFA, C|HFI and SABSA Chartered Architect.


Craig Ng: Craig is the General Counsel of APNIC – the Asia Pacific Network Information Centre. As the General Counsel, Craig has overall responsibility for all legal matters at APNIC. Craig is a member of the executive leadership team at APNIC. He advises APNIC on its legal obligations, and to ensure that its corporate governance practices meet the standards expected by its members and its stakeholder community. At APNIC, Craig leads its program of collaboration and cooperation with the law enforcement community. Prior to joining APNIC, Craig was a senior partner at a national Australian law firm, a role he held for over 13 years. His legal practice at that time focused on representing various Government bodies in technology-related matters, as well as clients in the ICT sector.

Richard Leaning is an External Relations consultant for the RIPE NCC. This role involves engaging the broad range of RIPE NCC stakeholders with particular responsibility for the RIPE NCC's development to enhance its capacity to engage strategically with governments, law enforcement agencies (LEA) and inter-governmental organisations on behalf of its membership and community. He is a member of numerous working groups with an international exposure with LEA and public safety organisations, building alliances, establishing long-term relationships and better cooperation.

Richard joined the RIPE NCC in 2015 after a 30-year career in law enforcement, having worked for the National Cyber Crime Unit (NCA) in the UK and also at the European Cybercrime Centre (Europol) based in The Hague. He has extensive expertise and experience related to Internet governance, cyber security stakeholders and Internet communications relevant to cybercrime.

Gregory Mounier works for the European Cybercrime Centre (EC3) at EUROPOL, where he leads the Outreach & Support team. He is responsible for EC3's strategic engagement with the private sector with a view to support EC3's operational teams in combatting cybercrime. He also leads EUROPOL's policy engagement on Internet Governance.



Speakers will provide different views on the impact of CGN on the IPv6 transition. They will explore different alternatives solutions, from different perspectives: from that of a Regional Internet Registry (APNIC), from a large ISP (Proximus),  from ICT representative from Kenya (KICTANet), the perspective of the technical community (Jan Zorz ISOC), the regulator (Belgian Regulator BIPT) and from the law enforcement community (Europol).

To kick start the discussion, the case example of Belgium will be presented. In this country the telecom regulator concluded a voluntary agreement with the 4 biggest ISPs in 2012 for them to limit the use of CGN. This led to the unintended positive consequence that major Belgium-based ISPs have made strategic business decision to transition quickly to IPv6. As a result, today Belgium has the highest IPv6 adoption rate in the world.