& cplSiteName &

Cloud Providers: Beware DDoS Domino Effect

Tom Bienkowski
7/7/2014
50%
50%

In this day and age, almost every organization is using the Internet as a platform for business as they realize the benefit of outsourcing online operations such as websites, storage, e-commerce, email, and domain name system (DNS). It makes sense because it allows them to focus more on the core business. It also brings about lower costs and requires fewer internal resources. As such, cloud and hosting providers are experiencing significant growth as they meet this market demand. But with this increase in growth comes a proportional increase in risk.

With the proliferation of cyber threat and "hacktivist" movements, any organization can be the target of a cyber attack, specifically distributed denial-of-service (DDoS) attacks. These days, they are occurring daily because of botnet-for-hire services that charge as little as $2 an hour. However, hosting providers incur a higher risk of being the targets of DDoS attacks than other businesses operating online. Why? They aggregate the risk of all their customers.

The Wikipedia definition of the "domino effect" is a chain reaction that occurs when a small change causes a similar change nearby, which then causes another similar change, and so on in linear sequence. The term is used as an analogy to a falling row of dominoes.

A DDoS attack on one hosting customer can potentially take down the entire operation because they all share the same network infrastructure. In the same way cloud hosting providers pool resources such as bandwidth and storage for their customers, they also pool the aggregated risk of all their customers.

Due to the multi-tenancy nature of cloud-based data centers, a volumetric DDoS attack against one tenant can lead to a domino effect of service outages. Imagine that an attack is launched against one tenant. If the massive amount of malicious traffic bombarding this one tenant can cause the cloud data center to go down or clog up the shared resources, the entire data center can be taken offline or severely slowed. If a company's data center is down because of a DDoS attack, its customers will lose revenue, and the hosting provider will lose revenue and credibility which impacts the viability of the business. This type of outage can be devastating to the reputation and finances of all involved. To make matters worse, the aftershock continues long after the attack has been mitigated.

Because of this looming threat, cloud hosting providers need to proactively defend themselves to ensure service remains available to all of their customers in the event of an attack.

How to avoid becoming the bullseye
The good news is that the risks associated with DDoS attacks can be mitigated. If you don't want to be a victim of the DDoS domino effect, consider four simple strategies that any hosting provider can implement to protect service availability for their customers and themselves:

  • Subscribe to "clean pipes" service from all upstream service providers. Clean pipes will ensure that large-scale DDoS attacks are detected and mitigated in the cloud before they have an impact on the cloud data center, and before customers suffer an outage.
  • Implement an on-premise DDoS mitigation solution. It will enable hosting providers to detect and eliminate stealthy, application-layer DDoS attacks. These attacks target specific applications such as log-in forms and downloads. Due to their narrow focus, they do not require a large amount of traffic, making them very difficult to detect.
  • Monitor traffic inside and outside the cloud data center. Monitoring traffic patterns and protocols is essential to detecting network misuse. Certain systems should be communicating with each other while others should not. When those that should not communicate with each other are communicating, it could mean trouble.
  • Offer additional anti-DDoS service to customers. Operators of cloud data centers can generate additional revenue by offering highly valued DDoS mitigation services to customers. For example, customers who subscribe to the service will have malicious traffic directed against them mitigated. Customers who do not subscribe to the service will simply have their traffic blackholed. This type of service can be a true differentiator in the highly competitive hosting space. The difference between winning and losing business is more and more frequently coming down to valued-added services like managed backup, email and DDoS mitigation.

By taking these precautions, hosting providers can increase their reliability and service availability while generating more revenue by offering valued DDoS protection services to their customers.

— Tom Bienkowski, Director of Product Marketing, Arbor Networks.

(1)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
danielcawrey
50%
50%
danielcawrey,
User Rank: Light Sabre
7/7/2014 | 4:45:13 PM
Tenants
With so many different tenants on a cloud provider's plate, it would seem problematic to be able to stop an all-out DDoS. But technology is improving, and it is clear that providers have no choice but to have procedures in place to prevent the so-called domino effect.

Here's hoping that they work, because major cloud outages are always widely reported and gives the technology a bad rap, fair or unfair. 
More Blogs from Column
In this final blog of a three-part series, Jeff Gordon examines what operators hope to gain from going down the converged service layer route.
SDN and NFV are more than just networking acquaintances, believes Open Networking Foundation (ONF) Executive Director Dan Pitt.
As niche OTT services abound, they could shatter the business model for the pay-TV industry's traditional fat bundles.
In the second of a three-part series, OpenCloud's Jeff Gordon delves deeper into the driving forces for adopting a converged service layer.
Edge computing is a compelling option for telcos looking to balance tightening finances with increasing demands for bandwidth and processing speed. 
From The Founder
The independent evaluation of Nokia's key virtual network functions (VNFs) was a defining moment for the Finnish giant.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
LRTV Custom TV
Energy 2020: Growing Services, Not Consumption

6|24|16   |   07:18   |   (0) comments


Management of power requirements needs to be a key consideration as cable operators deploy new services, says Dan Cooper, vice president of critical infrastructure for Charter Communications and chair of the SCTE/ISBE Standards Program's Energy Management Subcommittee. In this video, Cooper discusses the importance of cable operators and technology partners ...
LRTV Huawei Video Resource Center
Huawei & TDC First to Launch DOCSIS 3.1 Trial in Europe

6|24|16   |     |   (0) comments


To meet the rising demands for high-speed broadband and to tackle fierce competition for 1.5 million household, TDC wanted to upgrade its network to use the latest technology. Using Huawei's DOCSIS 3.1 solution, TDC is now able to offer gigabit speeds to its customers.
LRTV Documentaries
OPNFV Summit: Key Takeaways

6|22|16   |   03:28   |   (0) comments


MANO shortfalls, an increasingly bloated open source ecosystem and the cultural challenges for network operators were among the key takeaways from the OPNFV Summit in Berlin.
LRTV Huawei Video Resource Center
Bringing Ultra Broadband to the South Pacific

6|22|16   |   7:55   |   (0) comments


At Singapore's UBBS 2016 summit, Light Reading speaks to Lim Chee Siong, Huawei's CMO in the South Pacific Region.
LRTV Custom TV
Juniper's NFV Platform

6|22|16   |     |   (0) comments


A telco cloud is a key enabler for service providers to deliver virtualized services to their customers. Juniper has a differentiated approach with an open and comprehensive NFV platform to build the cloud of the future for multiple use cases.
Women in Comms Introduction Videos
Infinera: The Glass Ceiling's Been Broken

6|22|16   |   4:34   |   (0) comments


Shannon Williams, an engineer by trade and now the director of sales for Infinera's major accounts, draws confidence from being a female in a male-dominated industry and hopes other women will too as industry dynamics swing in our favor.
LRTV Custom TV
RAD Demonstrates SD-WAN Functionality at BCE 2016

6|22|16   |     |   (0) comments


In conjunction with Versa Networks, RAD demos a joint solution for SD-WAN implementation. The solution uses RAD's ETX-2i, a vCPE platform integrating a powerful IP and Carrier Ethernet NID/NTU with a field-pluggable x86 NFV module that runs Versa's FlexVNF for SD-WAN functionality. The demo implements SD-WAN over a simulated service provider footprint by deploying ...
LRTV Custom TV
Radware on Virtualizing Network Security

6|21|16   |     |   (0) comments


Radware's Michael O'Malley highlights the benefits for service providers of virtualizing network security.
LRTV Huawei Video Resource Center
Huawei 2016 UBBS World Tour: Singapore

6|21|16   |   02:39   |   (0) comments


Highlights from Huawei's UBBS World Tour event in Singapore.
LRTV Custom TV
The FlowBROKER Solution

6|21|16   |     |   (0) comments


During a demo at the Big Communications Event 2016, Accedian director of product line solutions Greg Spear demonstrates how the FlowBROKER distributed packet capture solution (part of Accedian's SkyLIGHT platform) can be used to troubleshoot and resolve QoE issues.

FlowBROKER is the industry's first lossless remote packet capture solution, which uses ...

LRTV Documentaries
BCE 2016: Dell & the New World Order

6|21|16   |   22:48   |   (0) comments


Dell's Jim Ganthier on how the very essence of enterprise is being affected by digital disruption – and how the cloud can help companies find a path forward.
LRTV Documentaries
BCE 2016: The CSP of the Future

6|20|16   |     |   (0) comments


Traditional telecom operators have been adopting new ways of doing business from the IT sector and emulating web-scale companies in their technology adoption. Are these strategies succeeding? A panel of experts at BCE considered the evidence...
Upcoming Live Events
September 13-14, 2016, The Curtis Hotel, Denver, CO
November 3, 2016, The Montcalm Marble Arch, London
November 30, 2016, The Westin Times Square, New York City
December 6-8, 2016,
May 16-17, 2017, Austin Convention Center, Austin, TX
All Upcoming Live Events
Infographics
A new survey conducted by Heavy Reading and TM Forum shows that CSPs around the world see the move to digital operations as a necessary part of their overall virtualization strategies.
Hot Topics
FCC to Vote on 5G Spectrum on July 14
Dan Jones, Mobile Editor, 6/20/2016
'Brexit' Vote Hits BT, Vodafone
Iain Morris, News Editor, 6/24/2016
Twitter Buys Magic Pony... Not That Kind
Mari Silbey, Senior Editor, Cable/Video, 6/20/2016
AT&T Settles on LTE for Cellular IoT
Dan Jones, Mobile Editor, 6/22/2016
Google Fiber Buys Webpass in Wireless Play
Iain Morris, News Editor, 6/23/2016
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
At the BCE 2016 show in Austin, ECI Telecom CEO Darryl Edwards tells Light Reading founder and CEO about the Elastic Network concept and the company's NFV and cybersecurity developments.
Mark Dzuban, president and CEO of SCTE/ISBE, sits down with Steve Saunders in Light Reading's New York office to discuss the society's Energy 2020 campaign, including its mission to benefit the environment, enable economic benefits and the key challenges facing cable operators wanting to reduce energy consumption.
Animals with Phones
Live Digital Audio

Our world has evolved through innovation from the Industrial Revolution of the 1740s to the information age, and it is now entering the Fourth Industrial Revolution, driven by technology. Technology is driving a paradigm shift in the way digital solutions deliver a connected world, changing the way we live, communicate and provide solutions. It can have a powerful impact on how we tackle some of the world’s most pressing problems. In this radio show, Caroline Dowling, President of Communications Infrastructure & Enterprise Computing at Flex, will join Women in Comms Director Sarah Thomas to discuss the impact technology has on society and how it can be a game-changer across the globe; improving lives and creating a smarter world. Dowling, a Cork, Ireland, native and graduate of Harvard Business School's Advanced Management Program, will also discuss her experience managing an international team focused on innovation in an age of high-speed change.