& cplSiteName &

Cloud Providers: Beware DDoS Domino Effect

Tom Bienkowski

In this day and age, almost every organization is using the Internet as a platform for business as they realize the benefit of outsourcing online operations such as websites, storage, e-commerce, email, and domain name system (DNS). It makes sense because it allows them to focus more on the core business. It also brings about lower costs and requires fewer internal resources. As such, cloud and hosting providers are experiencing significant growth as they meet this market demand. But with this increase in growth comes a proportional increase in risk.

With the proliferation of cyber threat and "hacktivist" movements, any organization can be the target of a cyber attack, specifically distributed denial-of-service (DDoS) attacks. These days, they are occurring daily because of botnet-for-hire services that charge as little as $2 an hour. However, hosting providers incur a higher risk of being the targets of DDoS attacks than other businesses operating online. Why? They aggregate the risk of all their customers.

The Wikipedia definition of the "domino effect" is a chain reaction that occurs when a small change causes a similar change nearby, which then causes another similar change, and so on in linear sequence. The term is used as an analogy to a falling row of dominoes.

A DDoS attack on one hosting customer can potentially take down the entire operation because they all share the same network infrastructure. In the same way cloud hosting providers pool resources such as bandwidth and storage for their customers, they also pool the aggregated risk of all their customers.

Due to the multi-tenancy nature of cloud-based data centers, a volumetric DDoS attack against one tenant can lead to a domino effect of service outages. Imagine that an attack is launched against one tenant. If the massive amount of malicious traffic bombarding this one tenant can cause the cloud data center to go down or clog up the shared resources, the entire data center can be taken offline or severely slowed. If a company's data center is down because of a DDoS attack, its customers will lose revenue, and the hosting provider will lose revenue and credibility which impacts the viability of the business. This type of outage can be devastating to the reputation and finances of all involved. To make matters worse, the aftershock continues long after the attack has been mitigated.

Because of this looming threat, cloud hosting providers need to proactively defend themselves to ensure service remains available to all of their customers in the event of an attack.

How to avoid becoming the bullseye
The good news is that the risks associated with DDoS attacks can be mitigated. If you don't want to be a victim of the DDoS domino effect, consider four simple strategies that any hosting provider can implement to protect service availability for their customers and themselves:

  • Subscribe to "clean pipes" service from all upstream service providers. Clean pipes will ensure that large-scale DDoS attacks are detected and mitigated in the cloud before they have an impact on the cloud data center, and before customers suffer an outage.
  • Implement an on-premise DDoS mitigation solution. It will enable hosting providers to detect and eliminate stealthy, application-layer DDoS attacks. These attacks target specific applications such as log-in forms and downloads. Due to their narrow focus, they do not require a large amount of traffic, making them very difficult to detect.
  • Monitor traffic inside and outside the cloud data center. Monitoring traffic patterns and protocols is essential to detecting network misuse. Certain systems should be communicating with each other while others should not. When those that should not communicate with each other are communicating, it could mean trouble.
  • Offer additional anti-DDoS service to customers. Operators of cloud data centers can generate additional revenue by offering highly valued DDoS mitigation services to customers. For example, customers who subscribe to the service will have malicious traffic directed against them mitigated. Customers who do not subscribe to the service will simply have their traffic blackholed. This type of service can be a true differentiator in the highly competitive hosting space. The difference between winning and losing business is more and more frequently coming down to valued-added services like managed backup, email and DDoS mitigation.

By taking these precautions, hosting providers can increase their reliability and service availability while generating more revenue by offering valued DDoS protection services to their customers.

— Tom Bienkowski, Director of Product Marketing, Arbor Networks.

(1)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
User Rank: Light Sabre
7/7/2014 | 4:45:13 PM
With so many different tenants on a cloud provider's plate, it would seem problematic to be able to stop an all-out DDoS. But technology is improving, and it is clear that providers have no choice but to have procedures in place to prevent the so-called domino effect.

Here's hoping that they work, because major cloud outages are always widely reported and gives the technology a bad rap, fair or unfair. 
Educational Resources
sponsor supplied content
Educational Resources Archive
More Blogs from Column
5G could ride the traditional wireless hype cycle, or – quite possibly – break the chain, suggests Nokia's North American CTO.
NFV feels like it's going nowhere fast, suggests Napatech's Dan Joe Barry.
The NG-PON2 standard is the key to the future of ultra-broadband, believes Calix's Alan DiCicco.
Amazing new 5G innovations are coming below 6GHz -- it's not just about mmWave.
5G is about more than just faster mobile broadband, notes Tom Sawanobori, SVP and chief technology officer at the CTIA.
Light Reading’s Upskill U is a FREE, interactive, online educational resource that delivers must-have education on themes that relate to the overall business transformation taking place in the communications industry.
Wednesday, October 26, 1:00PM EDT
Security: Tackling DDoS
Gary Sockrider, Principal Security Technologist, Arbor Networks
Friday, October 28, 1:00PM EDT
Security: The Plusses and Minuses of Open Source Software
Nick Feamster, Acting Director, Center for Information Technology Policy, Princeton University
Wednesday, November 16, 1:00PM EST
SDN 101
John Isch, Practice Director, Network & Voice, Orange Business Services
Friday, November 18, 1:00PM EST
SDN & Open Source
Christopher W. Rice, Senior Vice President of AT&T Labs, Domain 2.0 Architecture and Design
in association with:
From The Founder
Light Reading today starts a new voyage as part of a larger Enterprise.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
LRTV Custom TV
Next-Generation Technology Beyond DOCSIS 3.1

10|20|16   |     |   (0) comments

At SCTE 2016, Huawei's Liu Jianhua speaks with Alan Breznick for an exclusive interview.
LRTV Custom TV
Hybrid Video Solutions to Change TV, Change Future

10|20|16   |     |   (0) comments

At SCTE 2016, Huawei's Ian Locke speaks with Alan Breznick for an exclusive interview.
LRTV Custom TV
Huawei Future-Oriented Giga Coax Network

10|20|16   |     |   (0) comments

At SCTE 2016, Huawei's Allen Wang speaks with Alan Breznick for an exclusive interview.
LRTV Custom TV
Huawei at SCTE 2016

10|20|16   |     |   (0) comments

Join Alan Breznick of Light Reading and take a sneak peek at the Huawei booth at SCTE 2016.
LRTV Custom TV
Assuring Network Quality in a Rapidly Changing Environment

10|20|16   |     |   (0) comments

As the rate of change and complexity increases in agile networks, the importance of introducing DevOps methodologies for integrating active test and assurance solutions throughout the full service lifecycle becomes critical to ensure that customers are experiencing the service quality they demand. The industry landscape is changing, and software-based test and ...
Telecom Innovators Video Showcase
A10 Networks on Service Providers' Industry Needs

10|20|16   |     |   (0) comments

Light Reading's Steve Saunders hears how A10 enables service providers to accelerate, secure and optimize their application delivery to drive down costs, enhance service availability, and better respond to customer requirements, so they can improve customer satisfaction, monetize their network, and grow revenues.
LRTV Custom TV
New NFV Use Cases for Cable TV

10|19|16   |     |   (0) comments

A large number of NFV use cases are focused on the enterprise domain, looking at virtualization of customer-premises equipment (CPE). To date, there has been little focus on the use cases and business case for virtualization of the video content delivery networks required to deliver unicast and streaming video to consumers. Amdocs commissioned Analysys Mason to ...
Women in Comms Introduction Videos
Meet the Future Workforce: New Faces, Expectations & Motivations

10|19|16   |   5:33   |   (1) comment

Millennials and their younger peers, Gen Z, expect more out of their network and more out of their work. Intel's Lynn Comp shares how the industry can prepare for this new generation of workers.
LRTV Custom TV
ZTE Global Services User Congress 2016 Highlights

10|19|16   |     |   (0) comments

ZTE held its 2nd Global Service User Conference in Dusseldorf on October 13-14. Representatives from network operators, leading industry analysts and ZTE senior expertsattended the event, exploring the best practice in managed services and the vision to transform network operations into the operations center of the future (OpCF) in the software-defined networking ...
LRTV Custom TV
Cliff Grossner on Cloud & Network Synergy From Carrier Service

10|18|16   |     |   (0) comments

Local carriers offer the collaborated cloud and network service that benefits from their understanding of the regulations operating in different vertical markets.
In this interview, Cliff Grossner from IHS Technology talks about how this advanced service can support business agility and flexibility.
LRTV Custom TV
VeEX: Live from SCTE Cable-Tec Expo 2016

10|17|16   |     |   (0) comments

Cyrille Morelle, VeEX's President and CEO, talks with Light Reading's Alan Breznick live from the SCTE Cable-Tec Expo 2016. They discuss DOCSIS 3.1 technology, deployments and early lessons learned. New products on display include the CX350s-D3.1, CX380s-D3.1, CX310, AT2500-3G, FX150 OTDR and MTT WiFI Air Expert.
LRTV Custom TV
Smith Micro's Carrier-Grade WiFi Component

10|17|16   |     |   (0) comments

Join Carol Wilson of Light Reading as she interviews the CTO of Smith Micro, Dave Sperling.
Upcoming Live Events
November 3, 2016, The Montcalm Marble Arch, London
November 30, 2016, The Westin Times Square, New York City
December 1, 2016, The Westin Times Square, New York, NY
December 6-8, 2016, The Westin Excelsior, Rome
May 16-17, 2017, Austin Convention Center, Austin, TX
All Upcoming Live Events
Hot Topics
Verizon Wants More Data on Yahoo Breach
Alan Breznick, Cable/Video Practice Leader, Light Reading, 10/20/2016
Attacks Have Major Internet Sites on the Ropes
Brian Santo, Senior editor, Test & Measurement / Components, Light Reading, 10/21/2016
WiCipedia: Grace Hopper Promotes Diversity, Girl Scouts Code & How to Thrive
Eryn Leavens, Special Features & Copy Editor, 10/21/2016
US Issues Total Flight Ban on Samsung Note 7
Dan Jones, Mobile Editor, 10/15/2016
Oh Snap! Qualcomm Unveils X50, Its First 5G Modem
Dan Jones, Mobile Editor, 10/17/2016
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
Join us for an in-depth interview between Steve Saunders of Light Reading and Alexis Black Bjorlin of Intel as they discuss the release of the company's Silicon Photonics platform, its performance, long-term prospects, customer expectations and much more.
There's no question that, come 2020, 5G technology will turn the world's conception of what mobile networking is on its head. Within the world of 5G development, Dr. ...
Animals with Phones
Live Digital Audio

A vital part of increasing the number of women in comms is transforming the ways companies can support and empower women. While progressive company policies that support both men and women in achieving work-life balance are a step in the right direction, creating a company culture that supports those policies can at times be more challenging.

During this show, we'll talk to Lynn Comp, Senior Director of Industry and Sales Enabling (ISE) in the Network Platforms Group at Intel, about why those challenges exist and how companies can overcome them. She'll provide insight into how Intel has worked to create a culture that supports work-life balance, and provide steps and guidance for other companies wishing to do the same. We will also leave plenty of time to get your questions answered live on the air.