& cplSiteName &

Cloud Providers: Beware DDoS Domino Effect

Tom Bienkowski
7/7/2014
50%
50%

In this day and age, almost every organization is using the Internet as a platform for business as they realize the benefit of outsourcing online operations such as websites, storage, e-commerce, email, and domain name system (DNS). It makes sense because it allows them to focus more on the core business. It also brings about lower costs and requires fewer internal resources. As such, cloud and hosting providers are experiencing significant growth as they meet this market demand. But with this increase in growth comes a proportional increase in risk.

With the proliferation of cyber threat and "hacktivist" movements, any organization can be the target of a cyber attack, specifically distributed denial-of-service (DDoS) attacks. These days, they are occurring daily because of botnet-for-hire services that charge as little as $2 an hour. However, hosting providers incur a higher risk of being the targets of DDoS attacks than other businesses operating online. Why? They aggregate the risk of all their customers.

The Wikipedia definition of the "domino effect" is a chain reaction that occurs when a small change causes a similar change nearby, which then causes another similar change, and so on in linear sequence. The term is used as an analogy to a falling row of dominoes.

A DDoS attack on one hosting customer can potentially take down the entire operation because they all share the same network infrastructure. In the same way cloud hosting providers pool resources such as bandwidth and storage for their customers, they also pool the aggregated risk of all their customers.

Due to the multi-tenancy nature of cloud-based data centers, a volumetric DDoS attack against one tenant can lead to a domino effect of service outages. Imagine that an attack is launched against one tenant. If the massive amount of malicious traffic bombarding this one tenant can cause the cloud data center to go down or clog up the shared resources, the entire data center can be taken offline or severely slowed. If a company's data center is down because of a DDoS attack, its customers will lose revenue, and the hosting provider will lose revenue and credibility which impacts the viability of the business. This type of outage can be devastating to the reputation and finances of all involved. To make matters worse, the aftershock continues long after the attack has been mitigated.

Because of this looming threat, cloud hosting providers need to proactively defend themselves to ensure service remains available to all of their customers in the event of an attack.

How to avoid becoming the bullseye
The good news is that the risks associated with DDoS attacks can be mitigated. If you don't want to be a victim of the DDoS domino effect, consider four simple strategies that any hosting provider can implement to protect service availability for their customers and themselves:

  • Subscribe to "clean pipes" service from all upstream service providers. Clean pipes will ensure that large-scale DDoS attacks are detected and mitigated in the cloud before they have an impact on the cloud data center, and before customers suffer an outage.
  • Implement an on-premise DDoS mitigation solution. It will enable hosting providers to detect and eliminate stealthy, application-layer DDoS attacks. These attacks target specific applications such as log-in forms and downloads. Due to their narrow focus, they do not require a large amount of traffic, making them very difficult to detect.
  • Monitor traffic inside and outside the cloud data center. Monitoring traffic patterns and protocols is essential to detecting network misuse. Certain systems should be communicating with each other while others should not. When those that should not communicate with each other are communicating, it could mean trouble.
  • Offer additional anti-DDoS service to customers. Operators of cloud data centers can generate additional revenue by offering highly valued DDoS mitigation services to customers. For example, customers who subscribe to the service will have malicious traffic directed against them mitigated. Customers who do not subscribe to the service will simply have their traffic blackholed. This type of service can be a true differentiator in the highly competitive hosting space. The difference between winning and losing business is more and more frequently coming down to valued-added services like managed backup, email and DDoS mitigation.

By taking these precautions, hosting providers can increase their reliability and service availability while generating more revenue by offering valued DDoS protection services to their customers.

— Tom Bienkowski, Director of Product Marketing, Arbor Networks.

(1)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
danielcawrey
50%
50%
danielcawrey,
User Rank: Light Sabre
7/7/2014 | 4:45:13 PM
Tenants
With so many different tenants on a cloud provider's plate, it would seem problematic to be able to stop an all-out DDoS. But technology is improving, and it is clear that providers have no choice but to have procedures in place to prevent the so-called domino effect.

Here's hoping that they work, because major cloud outages are always widely reported and gives the technology a bad rap, fair or unfair. 
Educational Resources
sponsor supplied content
Educational Resources Archive
More Blogs from Column
IEEE's Nita Patel outlines the specific overlapping and critical elements that you must possess to successfully and simultaneously be a leader, mentor and mentee.
As companies virtualize, too many fail to bring anywhere near the same rigor to monitoring their cloud services that they'd applied to their physical networks -- and that's playing with fire.
How cable operators can use advanced customer-aware data analytics to improve the customer experience, reduce service disruptions and cut both tuck rolls and call center costs.
Spectrum sharing is becoming a bigger issue as the 5G radio specification evolves.
Addressing current and future app demands while laying the foundation for mobile's next big network transition.
From The Founder
Cisco's Conrad Clemson, recently promoted to head up the company's Service Provider Apps & Platforms developments, talks to Light Reading's Founder and CEO Steve Saunders about how he's bringing cloud video, mobile and virtualization together to empower network operators.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
LRTV Interviews
Heavy Reading: The Web-Scale View

1|18|17   |     |   (0) comments


At Light Reading's 2020 Vision Executive Summit in Rome, Heavy Reading's former chief analyst Patrick Donegan shared insight from the recent web-scale operators report, which featured research on how web-scale operators view the market, the best web-scale companies to ...
LRTV Custom TV
Cisco's Cloud Scale Networking: Automation, Virtualization & Simplification

1|18|17   |     |   (1) comment


Cisco's Sanjeev Mervana outlines the latest innovations in networking technology at CES 2017 in Las Vegas.
LRTV Custom TV
ADVA Talks Innovation & the Future of Networking

1|17|17   |     |   (0) comments


Ray Le Maistre and Christoph Glingener, CTO of ADVA Optical Networking, discuss the current state of the industry, cooperation and collaboration, open innovation and the future of networking.
LRTV Custom TV
Cisco's Infinite Video Platform

1|17|17   |     |   (0) comments


Cisco's Infinite Video Platform allows service providers to deliver broadcast-quality video over IP networks. Infinite video supports many devices, from 4K TVs to tablets to game consoles. Join Cisco's Rajeev Raman for a brief tour and live demo.
LRTV Interviews
Masergy: Ability to Adapt Key for NFV

1|16|17   |   6:40   |   (0) comments


Speaking at Light Reading's 2020 Vision in Rome, Masergy's VP, Global Technology, Ray Watson, said agility is key to providing the mix and match NFV-based services that are driving business for the managed service provider today.
LRTV Interviews
Equinix: The Data Explosion

1|13|17   |   4:16   |   (0) comments


At Light Reading's 2020 Vision in Rome, Eric Schwartz, president of EMEA, Equinix, talked about how Equinix is helping its customers manage the influx of data today, and how it's preparing for a future filled with millions of connected IoT devices.
LRTV Interviews
Heavy Reading: The Changing Data Center Landscape

1|12|17   |   6:05   |   (1) comment


At Light Reading's 2020 Vision event in Rome, Heavy Reading's Senior Analyst Roz Roseboro talks about how virtualization is impacting data center evolution and how that evolution is affecting the relationship between service providers, data center operators and public cloud providers.
LRTV Interviews
Boingo: Prepping for Millions of Devices

1|12|17   |   5:07   |   (1) comment


At Light Reading's 2020 Vision in Rome, Boingo's CTO Derek Peterson discusses how wireless operators will address the needs of low-bandwidth and high-bandwidth apps at the same time, the need for more MHz, the impact of IoT and more.
LRTV Interviews
Comcast Shows Off Gig Gateway at CES

1|11|17   |     |   (1) comment


With its largest presence at CES in years, Comcast took the wraps off its long-awaited gigabit gateway and a new platform for managing the home WiFi network. Light Reading Senior Editor Mari Silbey sat down with EVP Chris Satchell to discuss the latest Comcast advance, and met with VP of Product Strategy and Development Andrea Peiro to walk through a demo of the ...
LRTV Interviews
Colt: End-to-End Key for 2017

1|10|17   |   6:21   |   (0) comments


At Light Reading's 2020 Vision Executive Summit in Rome, Nico Fischbach of Colt said having a multi-carrier, end-to-end service proposition is going to be key for 2017 -- and SD-WAN is instrumental in making it happen.
From the Founder
Cisco's Clemson on Mobile Cloud Video

1|9|17   |     |   (1) comment


Cisco's Conrad Clemson, recently promoted to head up the company's Service Provider Apps & Platforms developments, talks to Light Reading's Founder and CEO Steve Saunders about how he's bringing cloud video, mobile and virtualization together to empower network operators. "If you think about where we're going… whether it's a mobile application, or a video ...
LRTV Custom TV
VMware Telco NFV Solutions – Preparing for 5G & IOT

1|9|17   |     |   (0) comments


Shekar Ayyar, EVP & Corporate Strategy/General Manager of Telco for VMware, discusses VMware's Telco NFV solutions role and foundation for the Imminent Arrival of 5G & IOT.
Upcoming Live Events
March 21-22, 2017, The Curtis Hotel, Denver, CO
May 15-17, 2017, Austin Convention Center, Austin, TX
All Upcoming Live Events
Infographics
With the mobile ecosystem becoming increasingly vulnerable to security threats, AdaptiveMobile has laid out some of the key considerations for the wireless community.
Hot Topics
A Women in Comms Glossary
Sarah Thomas, Director, Women in Comms, 1/18/2017
Is Cable One Beefing Up for Slaughter?
Alan Breznick, Cable/Video Practice Leader, Light Reading, 1/20/2017
Google Security Lessons for IT
Curtis Franklin, Security Editor, 1/18/2017
Nokia CTO: 2017 Is the Year 5G Gets in the Field
Dan Jones, Mobile Editor, 1/19/2017
TV's Paradox: No HDR Without 4K
Mari Silbey, Senior Editor, Cable/Video, 1/17/2017
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
Light Reading founder and CEO Steve Saunders chats with Sportlogiq CEO Craig Buntin about sports data analysis.
Eyal Waldman, CEO of Mellanox Technologies, speaks to Steve Saunders, CEO of Light Reading, for an exclusive interview about the 100 GB cable challenge, cybersecurity and much more.
Animals with Phones
Live Digital Audio

Playing it safe can only get you so far. Sometimes the biggest bets have the biggest payouts, and that is true in your career as well. For this radio show, Caroline Chan, general manager of the 5G Infrastructure Division of the Network Platform Group at Intel, will share her own personal story of how she successfully took big bets to build a successful career, as well as offer advice on how you can do the same. We’ll cover everything from how to overcome fear and manage risk, how to be prepared for where technology is going in the future and how to structure your career in a way to ensure you keep progressing. Chan, a seasoned telecom veteran and effective risk taker herself, will also leave plenty of time to answer all your questions live on the air.