+31 (0)20 7009813    


At 2Hip we take securing our own and customer networks very serious. We have next-generation firewalls in place which we use to deliver our own services and can be used by our customers.

We make sure BGP routing-updates in our network are validated using the RPKI-framework, which we can offer as-a-service to our customers too.

Next to delivering security measures as-a-service we can also aid in implementing these in your own network. We have years of experience in implementing, day to day management and monitoring of mainly firewall-solutions from vendors like Fortinet, Juniper and Cisco.

2Hip Firewall

2Hip Firewall is a managed firewall solution based on Fortinet hardware. On this platform we offer VDOM’s to our customers, which can be fully managed by our customers or requested as-a-service where 2Hip takes care of the setup, day to day management and monitoring.

2Hip Firewall allows our customers to securely connect offices, cloud services (like AWS, Azure, Google Cloud Platform etc.) and remote sites/users together and enable a variety of firewall-features. These range from applying standard firewall-policies to more advanced features like Web Filtering, Load Balancing, IDS/IPS and Application Control. 

Connectivity to our firewall-platform can be arranged via one of our partners Dataweb, Horizon Telecom and i4Networks, or via private NNI’s. If needed 2Hip can offer internet-connectivity.

Route Validation

2Hip likes to contribute to a better and safer internet and therefore makes use of the RPKI-framework to validate and secure BGP routing-updates. Therefore, we have implemented route-validators on our infrastructure which we can offer as-a-service to our customers too.

Route-validation is used to check that announced prefixes on the internet actually belong to the organisation that is announcing them. Organisations need to create ROAs (Route Origin Authorisations) which link their AS-number and prefix(es) together. A BGP-router uses a route-validator to check whether a routing-update is:

Valid: covered by a ROA

Invalid: prefix is announced by an unauthorised AS or is more specific than allowed


Unknown: not covered by a ROA

The goal of route-validation is to prevent the deliberate and/or accidental mis-origination of a prefix causing network outages. More information of the exact working of RPKI can be found at RIPE.

Our validators are available for our customers, to participate in this project please feel free to contact us.