Light Reading
Aggregating customer traffic in a multi-tenant setting can also aggregate the risk of DDoS attacks

Cloud Providers: Beware DDoS Domino Effect

Tom Bienkowski
7/7/2014
50%
50%

In this day and age, almost every organization is using the Internet as a platform for business as they realize the benefit of outsourcing online operations such as websites, storage, e-commerce, email, and domain name system (DNS). It makes sense because it allows them to focus more on the core business. It also brings about lower costs and requires fewer internal resources. As such, cloud and hosting providers are experiencing significant growth as they meet this market demand. But with this increase in growth comes a proportional increase in risk.

With the proliferation of cyber threat and "hacktivist" movements, any organization can be the target of a cyber attack, specifically distributed denial-of-service (DDoS) attacks. These days, they are occurring daily because of botnet-for-hire services that charge as little as $2 an hour. However, hosting providers incur a higher risk of being the targets of DDoS attacks than other businesses operating online. Why? They aggregate the risk of all their customers.

The Wikipedia definition of the "domino effect" is a chain reaction that occurs when a small change causes a similar change nearby, which then causes another similar change, and so on in linear sequence. The term is used as an analogy to a falling row of dominoes.

A DDoS attack on one hosting customer can potentially take down the entire operation because they all share the same network infrastructure. In the same way cloud hosting providers pool resources such as bandwidth and storage for their customers, they also pool the aggregated risk of all their customers.

Due to the multi-tenancy nature of cloud-based data centers, a volumetric DDoS attack against one tenant can lead to a domino effect of service outages. Imagine that an attack is launched against one tenant. If the massive amount of malicious traffic bombarding this one tenant can cause the cloud data center to go down or clog up the shared resources, the entire data center can be taken offline or severely slowed. If a company's data center is down because of a DDoS attack, its customers will lose revenue, and the hosting provider will lose revenue and credibility which impacts the viability of the business. This type of outage can be devastating to the reputation and finances of all involved. To make matters worse, the aftershock continues long after the attack has been mitigated.

Because of this looming threat, cloud hosting providers need to proactively defend themselves to ensure service remains available to all of their customers in the event of an attack.

How to avoid becoming the bullseye
The good news is that the risks associated with DDoS attacks can be mitigated. If you don't want to be a victim of the DDoS domino effect, consider four simple strategies that any hosting provider can implement to protect service availability for their customers and themselves:

  • Subscribe to "clean pipes" service from all upstream service providers. Clean pipes will ensure that large-scale DDoS attacks are detected and mitigated in the cloud before they have an impact on the cloud data center, and before customers suffer an outage.
  • Implement an on-premise DDoS mitigation solution. It will enable hosting providers to detect and eliminate stealthy, application-layer DDoS attacks. These attacks target specific applications such as log-in forms and downloads. Due to their narrow focus, they do not require a large amount of traffic, making them very difficult to detect.
  • Monitor traffic inside and outside the cloud data center. Monitoring traffic patterns and protocols is essential to detecting network misuse. Certain systems should be communicating with each other while others should not. When those that should not communicate with each other are communicating, it could mean trouble.
  • Offer additional anti-DDoS service to customers. Operators of cloud data centers can generate additional revenue by offering highly valued DDoS mitigation services to customers. For example, customers who subscribe to the service will have malicious traffic directed against them mitigated. Customers who do not subscribe to the service will simply have their traffic blackholed. This type of service can be a true differentiator in the highly competitive hosting space. The difference between winning and losing business is more and more frequently coming down to valued-added services like managed backup, email and DDoS mitigation.

By taking these precautions, hosting providers can increase their reliability and service availability while generating more revenue by offering valued DDoS protection services to their customers.

Tom Bienkowski, Director of Product Marketing, Arbor Networks.

(1)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View
danielcawrey
50%
50%
danielcawrey,
User Rank: Light Sabre
7/7/2014 | 4:45:13 PM
Tenants
With so many different tenants on a cloud provider's plate, it would seem problematic to be able to stop an all-out DDoS. But technology is improving, and it is clear that providers have no choice but to have procedures in place to prevent the so-called domino effect.

Here's hoping that they work, because major cloud outages are always widely reported and gives the technology a bad rap, fair or unfair. 
More Blogs from Column
Operators should leverage their network, QoS, billing and big data to compete against OTT players with both consumer and enterprise offers.
Is it smarter to centralize network intelligence for LTE-Advanced and 5G, or continue the Flat-IP 4G trend of pushing intelligence to the edge?
Is your network built on 'The Old IP,' or are you part of 'The New IP' revolution?
Carriers are being left out of purchases made on mobile phones, but they have the opportunity to get back in the value chain for both physical and virtual buys.
The Internet of Things (IoT) will provide a major challenge for network operators, but SDN and NFV can help.
Flash Poll
LRTV Huawei Video Resource Center
Sales Director of INIT on Plug & Play Switch Devices

9|19|14   |   3:21   |   (0) comments


INIT Italy uses both the Huawei S5700 and S7700 series switches for the campus LAN environment. Sales Director Andrea Curti says their company chose these Huawei devices over others because of their performance, flexible scalability and plug-and-play features.
LRTV Huawei Video Resource Center
Saudi Arabia Upgrades Vocational Training System

9|19|14   |   3:31   |   (0) comments


The Technical and Vocational Training Corporation (TVTC) has 100,000 students, 150 government-owned institutions and oversees 1000 private institutes. The CIO of TVTC explains that Huawei devices have allowed them to manage multiple datacenters using just one software program, scientifically tracking the progress of students and teachers, saving them millions.
LRTV Huawei Video Resource Center
Huawei's Media Solutions Are Here to Stay

9|19|14   |   4:35   |   (0) comments


The current media revolution requires rapid upgrades in technology. New formats (HD, 3D, 4K etc.) and the subsequent explosion of file sizes demand sophisticated network and storage architecture. Social media and the multiple distribution channels require a robust asset management system. Gartner analyst Venecia Liu speaks about the current technological trends in ...
LRTV Huawei Video Resource Center
Microgenesis on Huawei's Switches

9|19|14   |   3:57   |   (0) comments


Microgenesis is a solutions and system integrator company in the Philippines whose areas of expertise include data centers, networking and security products. In this video, Executive Director Jeffrey Choa talks to us about his customers needs and they benefit from using Huawei switches.
LRTV Huawei Video Resource Center
Network Solutions Help the Philippines Jump Ahead

9|17|14   |   2:59   |   (0) comments


In the past, the Philippines has under-invested in technology. Now, the CEO of Softshell talks about how Huawei products help the Philippines jump ahead as the economy improves.
LRTV Huawei Video Resource Center
VCS Observation for Safer Cities in the Netherlands

9|17|14   |   5:20   |   (0) comments


Holland's VCS Observation has been operating for 22 years. Its main goal is to get cities safer. CEO Wim van Deijzen tells us some of the challenges his company faces and how Huawei is helping to overcome these challenges.
LRTV Huawei Video Resource Center
A Conversation With Serbia's Ministry of Interior

9|17|14   |   4:38   |   (0) comments


At HCC 2014, the Assistant Minister of the Ministry of Interior of the Republic of Serbia talks to us about his projects and corporation with Huawei. Solutions like Safe City and E-Government and services like cloud computing are just some of the areas his department is interested in.
LRTV Huawei Video Resource Center
IHS Analyst Discusses eLTE at CCW 2014

9|10|14   |   7:09   |   (0) comments


Thomas Lynch, associate director of critical communications at IHS Technology, talks about broadband in critical communications.
LRTV Huawei Video Resource Center
TCAA on Huawei eLTE: A Broadband Solution for Mission-Critical Communications

9|10|14   |   2:29   |   (0) comments


At CCW2014 in Singapore, the TCCA's Phil Kidner talks about the importance of broadband data for critical communications.
LRTV Custom TV
Spotlight on Cisco: SDN for Optical Networks

9|8|14   |   9:27   |   (0) comments


Cisco's Greg Nehib talks OpenFlow and more on the 'Software-Defined Networking for Optical Networks' panel at the Big Telecom Event in June 2014.
LRTV Custom TV
Cisco's Evolved Programmable Network (EPN)

9|8|14   |   4:05   |   (0) comments


A look at the various demos Cisco showed at Light Reading's Big Telecom Event highlighting Cisco's EPN innovation and how SDN and NFV technologies are enabling a variety of new services.
LRTV Huawei Video Resource Center
The Future of Ultra-Broadband, With Kevin Kelly (UBBF2014)

9|5|14   |   1:13   |   (1) comment


If you think the technological changes we've seen up to now are astounding, just wait until you see what the future has in store. Discuss upcoming breakthroughs with Kevin Kelly, Founding Executive Editor of Wired Magazine, at the Huawei Ultra-Broadband Forum on September 24.
Upcoming Live Events!!
September 23, 2014, Denver, CO
October 29, 2014, New York City
November 6, 2014, Santa Clara
November 11, 2014, Atlanta, GA
December 2, 2014, New York City
December 3, 2014, New York City
December 9-10, 2014, Reykjavik, Iceland
June 9-10, 2015, Chicago, IL
Infographics
A survey conducted by Vasona Networks suggests that 72% of mobile users expect good performance all the time, and they'll blame the network operator when it's not up to par.
Today's Cartoon
Vacation Special Caption Competition Click Here
Latest Comment
Hot Topics
AT&T: We'll Bundle Fixed Wireless & DirecTV
Mari Silbey, Independent Technology Editor, 9/15/2014
New NFV Forum Focused on Interoperability
Carol Wilson, Editor-at-large, 9/16/2014
NFV & The Data Center: Top 10 Takeaways
Sarah Reedy, Senior Editor, 9/18/2014
Photos: Qualcomm Takes Over San Francisco
Sarah Reedy, Senior Editor, 9/19/2014
Pics: LR's Women in Telecom Breakfast
Sarah Reedy, Senior Editor, 9/16/2014
Like Us on Facebook
Twitter Feed