Light Reading

Cloud Providers: Beware DDoS Domino Effect

Tom Bienkowski
7/7/2014
50%
50%

In this day and age, almost every organization is using the Internet as a platform for business as they realize the benefit of outsourcing online operations such as websites, storage, e-commerce, email, and domain name system (DNS). It makes sense because it allows them to focus more on the core business. It also brings about lower costs and requires fewer internal resources. As such, cloud and hosting providers are experiencing significant growth as they meet this market demand. But with this increase in growth comes a proportional increase in risk.

With the proliferation of cyber threat and "hacktivist" movements, any organization can be the target of a cyber attack, specifically distributed denial-of-service (DDoS) attacks. These days, they are occurring daily because of botnet-for-hire services that charge as little as $2 an hour. However, hosting providers incur a higher risk of being the targets of DDoS attacks than other businesses operating online. Why? They aggregate the risk of all their customers.

The Wikipedia definition of the "domino effect" is a chain reaction that occurs when a small change causes a similar change nearby, which then causes another similar change, and so on in linear sequence. The term is used as an analogy to a falling row of dominoes.

A DDoS attack on one hosting customer can potentially take down the entire operation because they all share the same network infrastructure. In the same way cloud hosting providers pool resources such as bandwidth and storage for their customers, they also pool the aggregated risk of all their customers.

Due to the multi-tenancy nature of cloud-based data centers, a volumetric DDoS attack against one tenant can lead to a domino effect of service outages. Imagine that an attack is launched against one tenant. If the massive amount of malicious traffic bombarding this one tenant can cause the cloud data center to go down or clog up the shared resources, the entire data center can be taken offline or severely slowed. If a company's data center is down because of a DDoS attack, its customers will lose revenue, and the hosting provider will lose revenue and credibility which impacts the viability of the business. This type of outage can be devastating to the reputation and finances of all involved. To make matters worse, the aftershock continues long after the attack has been mitigated.

Because of this looming threat, cloud hosting providers need to proactively defend themselves to ensure service remains available to all of their customers in the event of an attack.

How to avoid becoming the bullseye
The good news is that the risks associated with DDoS attacks can be mitigated. If you don't want to be a victim of the DDoS domino effect, consider four simple strategies that any hosting provider can implement to protect service availability for their customers and themselves:

  • Subscribe to "clean pipes" service from all upstream service providers. Clean pipes will ensure that large-scale DDoS attacks are detected and mitigated in the cloud before they have an impact on the cloud data center, and before customers suffer an outage.
  • Implement an on-premise DDoS mitigation solution. It will enable hosting providers to detect and eliminate stealthy, application-layer DDoS attacks. These attacks target specific applications such as log-in forms and downloads. Due to their narrow focus, they do not require a large amount of traffic, making them very difficult to detect.
  • Monitor traffic inside and outside the cloud data center. Monitoring traffic patterns and protocols is essential to detecting network misuse. Certain systems should be communicating with each other while others should not. When those that should not communicate with each other are communicating, it could mean trouble.
  • Offer additional anti-DDoS service to customers. Operators of cloud data centers can generate additional revenue by offering highly valued DDoS mitigation services to customers. For example, customers who subscribe to the service will have malicious traffic directed against them mitigated. Customers who do not subscribe to the service will simply have their traffic blackholed. This type of service can be a true differentiator in the highly competitive hosting space. The difference between winning and losing business is more and more frequently coming down to valued-added services like managed backup, email and DDoS mitigation.

By taking these precautions, hosting providers can increase their reliability and service availability while generating more revenue by offering valued DDoS protection services to their customers.

— Tom Bienkowski, Director of Product Marketing, Arbor Networks.

(1)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View
danielcawrey
50%
50%
danielcawrey,
User Rank: Light Sabre
7/7/2014 | 4:45:13 PM
Tenants
With so many different tenants on a cloud provider's plate, it would seem problematic to be able to stop an all-out DDoS. But technology is improving, and it is clear that providers have no choice but to have procedures in place to prevent the so-called domino effect.

Here's hoping that they work, because major cloud outages are always widely reported and gives the technology a bad rap, fair or unfair. 
More Blogs from Column
Wi-Fi Alliance members have created Wi-Fi Aware technology to bring local experiences to life -- without requiring access to the Internet or GPS.
Bamboozled by the flood of abbreviations and acronyms that SDN and NFV have inspired? Here's a guide to some of the key standards bodies whose initials you will need to know.
Networks of the future will rely on "white box" switches and servers rather than proprietary hardware and that's going to alter the shape of the communications industry. Who says so? John Chambers.
There are a number of key questions to consider before any SDN migration plans are put into action.
Bigger. And Better. But definitely bigger.
Flash Poll
From The Founder
Networks of the future will rely on "white box" switches and servers rather than proprietary hardware and that's going to alter the shape of the communications industry. Who says so? John Chambers.
LRTV Huawei Video Resource Center
Huawei Intros Smart Device for eLTE

3|30|15   |   05:25   |   (0) comments


Huawei has developed a secure, location-aware multimedia smartphone for its eLTE trunked radio solution, says Huawei's Norman Frisch.
LRTV Huawei Video Resource Center
Win Video, Win All

3|30|15   |   06:44   |   (0) comments


Video is going to be the next main source of revenue for operators. Operators have big opportunities and advantages to monetize video services. Globally, Huawei has helped more than 70 operators achieve over 30 million video subscribers. Watch this video for more.
LRTV Custom TV
The Benefits of HyperScale Clouds for NFV

3|27|15   |   01:50   |   (0) comments


Hyperscale cloud has been developed by the Internet giants to support the creation and delivery of software-based services at blistering speeds, and at the lowest possible cost. The original ETSI NFV vision was to adopt hyperscale cloud architecture and practices. This vision has become somewhat obscured along the way, due to misunderstandings about the hyperscale ...
LRTV Huawei Video Resource Center
eLTE Rapid Meets the Need for Speed

3|26|15   |   4:45   |   (0) comments


Designed especially for emergency and dedicated ad hoc local mobile communications coverage, Huawei's eLTE Rapid solution can deliver trunked voice, video and data coverage for multiple users over a 6km range and be set up in just 15 minutes, explains Huawei's Norman Frisch.
LRTV Huawei Video Resource Center
On Videos: Challenges & Opportunities

3|26|15   |   5:56   |   (0) comments


Most everything is now connected. And along with 4K and 4G technologies, everyone could be creating and broadcasting video contents. Users are expecting better video experience with any screen, anywhere and anytime. Operators will meet new challenges, but also see some big opportunities.
LRTV Custom TV
JDSU: Delivering Dynamic Networks for a Personalized Experience

3|26|15   |   5:59   |   (0) comments


Light Reading speaks to JDSU at Mobile World Congress 2015 about new solutions in the areas of HetNets, VoLTE, backhaul, virtualization, big data analytics, and real-time intelligence.
LRTV Custom TV
Smarter Service Chaining & New Ways to Benefit From Qosmos Technology

3|25|15   |   03:11   |   (0) comments


David Le Goff, director of strategic and product marketing at Qosmos, explains how the company has added application awareness to subscriber information to make service chaining more efficient and reduce costs for networking and infrastructure. In addition, Qosmos technology, which has been delivered as C libraries, is now also available as a virtual machine, ...
Between the CEOs
Qosmos CEO: The Changing Face of DPI

3|24|15   |   13:53   |   (0) comments


LR CEO and Founder Steve Saunders sits down with the head of Qosmos to talk about the changing state of the art in deep packet inspection technology, including its role in SDN and NFV architectures. Also, how the comms market is becoming more like the automotive industry.
LRTV Huawei Video Resource Center
FC Schalke Scores With Its Agile Stadium

3|24|15   |   6:23   |   (0) comments


Top German soccer club FC Schalke 04 has deployed a new, agile WiFi network from Huawei in its Veltins-Arena stadium and is reaping the benefits in terms of customer satisfaction and business opportunities, explains marketing chief Alexander Jobst.
LRTV Huawei Video Resource Center
Huawei’s Insights on Mobile Video

3|24|15   |   7:51   |   (0) comments


More people than ever are now watching videos on smartphones. Seventy percent of mobile traffic will be video traffic until 2018. In this video, Huawei's exports give their insights on mobile video in terms of business model, network planning and 4G network construction.
LRTV Documentaries
The Rise of Industry 4.0

3|24|15   |   02:26   |   (9) comments


Are you ready for the fourth industrial revolution? It's a big deal for influential operators such as Deutsche Telekom.
LRTV Huawei Video Resource Center
Getting Connected With eLTE

3|23|15   |   06:04   |   (0) comments


Trunked radio communications have entered the 4G LTE world, and with Huawei's eLTE solution, can now deliver a full range of data and video services as well as push-to-talk voice, explains Huawei's Norman Frisch.
Upcoming Live Events
April 14, 2015, The Westin Times Square, New York City, NY
May 5, 2015, Hyatt McCormick Place, Chicago, IL
May 6, 2015, Georgia World Congress, Atlanta, GA
May 12, 2015, Grand Hyatt, Denver, CO
May 13-14, 2015, The Westin Peachtree, Atlanta, GA
June 8, 2015, Chicago, IL
June 9-10, 2015, Chicago, IL
June 9, 2015, Chicago, IL
June 10, 2015, Chicago, IL
September 29-30, 2015, The Westin Grand Müchen, Munich, Germany
All Upcoming Live Events
Hot Topics
AT&T Woos SMBs With Small-Scale WiFi
Sarah Thomas, Editorial Operations Director, 3/26/2015
Just Don't Say IBM Is 'Relaunching' Networking Business
Mitch Wagner, West Coast Bureau Chief, Light Reading, 3/26/2015
Average US Broadband Speeds No Great Shakes
Mari Silbey, Independent Technology Editor, 3/25/2015
The Rise of Industry 4.0
Ray Le Maistre, Editor-in-chief, 3/24/2015
Google Hires Wall Street's Most Influential Woman as CFO
Dan Jones, Mobile Editor, 3/24/2015
Like Us on Facebook
Twitter Feed
Webinar Archive
BETWEEN THE CEOs - Executive Interviews
LR CEO and Founder Steve Saunders sits down with the head of Qosmos to talk about the changing state of the art in deep packet inspection technology, including its role in SDN and NFV architectures.
Chattanooga’s EPB publicly owned utility comms company has become a poster child for how to enable a local economy using next-gen networking technology. Steve Saunders, Founder of Light Reading, sits down with Harold DePriest, president and CEO of EPB, to learn how EPB is bringing big time tech to small town America.
Cats with Phones
Interspecies Phone Love Click Here
"No, you hang up."
"No, YOU hang up."
Latest Comment