& cplSiteName &

Cloud Providers: Beware DDoS Domino Effect

Tom Bienkowski
7/7/2014
50%
50%

In this day and age, almost every organization is using the Internet as a platform for business as they realize the benefit of outsourcing online operations such as websites, storage, e-commerce, email, and domain name system (DNS). It makes sense because it allows them to focus more on the core business. It also brings about lower costs and requires fewer internal resources. As such, cloud and hosting providers are experiencing significant growth as they meet this market demand. But with this increase in growth comes a proportional increase in risk.

With the proliferation of cyber threat and "hacktivist" movements, any organization can be the target of a cyber attack, specifically distributed denial-of-service (DDoS) attacks. These days, they are occurring daily because of botnet-for-hire services that charge as little as $2 an hour. However, hosting providers incur a higher risk of being the targets of DDoS attacks than other businesses operating online. Why? They aggregate the risk of all their customers.

The Wikipedia definition of the "domino effect" is a chain reaction that occurs when a small change causes a similar change nearby, which then causes another similar change, and so on in linear sequence. The term is used as an analogy to a falling row of dominoes.

A DDoS attack on one hosting customer can potentially take down the entire operation because they all share the same network infrastructure. In the same way cloud hosting providers pool resources such as bandwidth and storage for their customers, they also pool the aggregated risk of all their customers.

Due to the multi-tenancy nature of cloud-based data centers, a volumetric DDoS attack against one tenant can lead to a domino effect of service outages. Imagine that an attack is launched against one tenant. If the massive amount of malicious traffic bombarding this one tenant can cause the cloud data center to go down or clog up the shared resources, the entire data center can be taken offline or severely slowed. If a company's data center is down because of a DDoS attack, its customers will lose revenue, and the hosting provider will lose revenue and credibility which impacts the viability of the business. This type of outage can be devastating to the reputation and finances of all involved. To make matters worse, the aftershock continues long after the attack has been mitigated.

Because of this looming threat, cloud hosting providers need to proactively defend themselves to ensure service remains available to all of their customers in the event of an attack.

How to avoid becoming the bullseye
The good news is that the risks associated with DDoS attacks can be mitigated. If you don't want to be a victim of the DDoS domino effect, consider four simple strategies that any hosting provider can implement to protect service availability for their customers and themselves:

  • Subscribe to "clean pipes" service from all upstream service providers. Clean pipes will ensure that large-scale DDoS attacks are detected and mitigated in the cloud before they have an impact on the cloud data center, and before customers suffer an outage.
  • Implement an on-premise DDoS mitigation solution. It will enable hosting providers to detect and eliminate stealthy, application-layer DDoS attacks. These attacks target specific applications such as log-in forms and downloads. Due to their narrow focus, they do not require a large amount of traffic, making them very difficult to detect.
  • Monitor traffic inside and outside the cloud data center. Monitoring traffic patterns and protocols is essential to detecting network misuse. Certain systems should be communicating with each other while others should not. When those that should not communicate with each other are communicating, it could mean trouble.
  • Offer additional anti-DDoS service to customers. Operators of cloud data centers can generate additional revenue by offering highly valued DDoS mitigation services to customers. For example, customers who subscribe to the service will have malicious traffic directed against them mitigated. Customers who do not subscribe to the service will simply have their traffic blackholed. This type of service can be a true differentiator in the highly competitive hosting space. The difference between winning and losing business is more and more frequently coming down to valued-added services like managed backup, email and DDoS mitigation.

By taking these precautions, hosting providers can increase their reliability and service availability while generating more revenue by offering valued DDoS protection services to their customers.

— Tom Bienkowski, Director of Product Marketing, Arbor Networks.

(1)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
danielcawrey
50%
50%
danielcawrey,
User Rank: Light Sabre
7/7/2014 | 4:45:13 PM
Tenants
With so many different tenants on a cloud provider's plate, it would seem problematic to be able to stop an all-out DDoS. But technology is improving, and it is clear that providers have no choice but to have procedures in place to prevent the so-called domino effect.

Here's hoping that they work, because major cloud outages are always widely reported and gives the technology a bad rap, fair or unfair. 
Educational Resources
sponsor supplied content
Educational Resources Archive
More Blogs from Column
NFV feels like it's going nowhere fast, suggests Napatech's Dan Joe Barry.
The NG-PON2 standard is the key to the future of ultra-broadband, believes Calix's Alan DiCicco.
Amazing new 5G innovations are coming below 6GHz -- it's not just about mmWave.
5G is about more than just faster mobile broadband, notes Tom Sawanobori, SVP and chief technology officer at the CTIA.
What companies should glean from network traffic patterns during the Olympic Games in Rio.
Light Reading’s Upskill U is a FREE, interactive, online educational resource that delivers must-have education on themes that relate to the overall business transformation taking place in the communications industry.
NEXT COURSE
Wednesday, September 28, 1:00PM EDT
Gigabit 101
Will Barkis, Senior Technology Analyst, Orange
UPCOMING COURSE SCHEDULE
Friday, September 30, 1:00PM EDT
Gigabit & the Great Migration
Robert Howald, Vice President, Network Architecture, Comcast
Wednesday, October 5, 1:00PM EDT
Gigabit & Smart Cities
Joe Kochan, COO & Co-Founder, US Ignite
Friday, October 7, 1:00PM EDT
Gigabit & DOCSIS 3.1
Ty Pearman, Director, Access Architecture, Comcast
in association with:
From The Founder
Light Reading today starts a new voyage as part of a larger Enterprise.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
LRTV Documentaries
MEC Congress: The Key Takeaways

9|22|16   |   03:25   |   (3) comments


Three key takeaways from the Mobile Edge Computing (MEC) Congress in Munich, Germany.
Wagner’s Ring
Time to Shut Up About 'Dumb Pipes'

9|22|16   |     |   (12) comments


Service providers can't compete with OTT players. It just isn't in their DNA. Instead, service providers need to embrace what they're good at -- providing reliable, secure connectivity.
Wagner’s Ring
Keeping Your Tech Career Going After 50

9|21|16   |     |   (13) comments


How do you keep your career moving forward when you're past the half-century mark?
LRTV Interviews
Peering Into the Digital Future

9|20|16   |   04:25   |   (0) comments


Nick Thomas, practice leader of digital media at Ovum, talks about how digital transformation in the technology, media and telecom sectors will enable the development of a new range of applications and services for enterprises and consumers and how the upcoming Digital Futures event in London will examine ...
LRTV Custom TV
Napatech Tackles NFV's Major Challenge

9|7|16   |   08:42   |   (0) comments


One of the main challenges for network operators introducing NFV is to combine performance and flexibility in a cost-effective way, but there is a solution, explains Napatech's Dan Joe Barry.
LRTV Custom TV
Huawei Optical Innovation 2016

9|6|16   |     |   (0) comments


Highlights of the 2016 Huawei Optical Innovation forum.
LRTV Huawei Video Resource Center
Are You Ready for Huawei Connect 2016?

8|31|16   |     |   (0) comments


Join us for an exclusive sneak peak of Huawei Connect, an integrated conference for the global ICT ecosystem taking place in Shanghai.
Between the CEOs
CEO Chat: UXP's Gemini Waghmare

8|26|16   |     |   (0) comments


Light Reading CEO Steve Saunders and UXP Systems CEO Gemini Waghmare discuss the strategic importance of digital identity for operators in the midst of transformation.
LRTV Custom TV
F5 Virtual Network Function Integrations With Partner Orchestration Platform

8|24|16   |   6:38   |   (0) comments


F5's Kishore Patnam, product manager for F5's service provider solutions, discusses why service providers are moving towards virtualization and how his clients are utilizing F5's solutions.
Between the CEOs
CEO Chat: Intel's Alexis Black Bjorlin

8|17|16   |   06:23   |   (0) comments


Join us for an in-depth interview between Steve Saunders of Light Reading and Alexis Black Bjorlin of Intel as they discuss the release of the company's Silicon Photonics platform, its performance, long-term prospects, customer expectations and much more.
Telecom Innovators Video Showcase
Accelerating Telecom Digital Transformation With Nominum DNS

8|1|16   |   12:04   |   (0) comments


Light Reading's Steve Saunders gets an update from Nominum CEO Gary Messiana on how his company is helping carriers on the digital transformation journey.
LRTV Custom TV
Reinventing Operations for a Virtual, Software-Defined World

7|28|16   |   5:23   |   (0) comments


Heavy Reading Senior Analyst Jim Hodges speaks with Accenture's Larry Socher and Matt Anderson about what service providers must do to transform their business to get the benefits of SDN and NFV including: leveraging DevOps, introducing real-time OSS and implementing analytics.
Upcoming Live Events
November 3, 2016, The Montcalm Marble Arch, London
November 30, 2016, The Westin Times Square, New York City
December 1, 2016, The Westin Times Square, New York, NY
December 6-8, 2016, The Westin Excelsior, Rome
May 16-17, 2017, Austin Convention Center, Austin, TX
All Upcoming Live Events
Infographics
Hot Topics
Keeping Your Tech Career Going After 50
Mitch Wagner, West Coast Bureau Chief, Light Reading, 9/21/2016
Time to Shut Up About 'Dumb Pipes'
Mitch Wagner, West Coast Bureau Chief, Light Reading, 9/22/2016
Comcast Will Go Wireless in 2017
Mari Silbey, Senior Editor, Cable/Video, 9/20/2016
Sprint CEO: We'll Lease Spectrum as Soon as Possible
Dan Jones, Mobile Editor, 9/20/2016
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
Light Reading CEO Steve Saunders and UXP Systems CEO Gemini Waghmare discuss the strategic importance of digital identity for operators in the midst of transformation.
Join us for an in-depth interview between Steve Saunders of Light Reading and Alexis Black Bjorlin of Intel as they discuss the release of the company's Silicon Photonics platform, its performance, long-term prospects, customer expectations and much more.
Animals with Phones
You Thought Your Customer Service Was Unreliable... Click Here
Live Digital Audio

A vital part of increasing the number of women in comms is transforming the ways companies can support and empower women. While progressive company policies that support both men and women in achieving work-life balance are a step in the right direction, creating a company culture that supports those policies can at times be more challenging.

During this show, we'll talk to Lynn Comp, Senior Director of Industry and Sales Enabling (ISE) in the Network Platforms Group at Intel, about why those challenges exist and how companies can overcome them. She'll provide insight into how Intel has worked to create a culture that supports work-life balance, and provide steps and guidance for other companies wishing to do the same. We will also leave plenty of time to get your questions answered live on the air.