& cplSiteName &

Cloud Providers: Beware DDoS Domino Effect

Tom Bienkowski
7/7/2014
50%
50%

In this day and age, almost every organization is using the Internet as a platform for business as they realize the benefit of outsourcing online operations such as websites, storage, e-commerce, email, and domain name system (DNS). It makes sense because it allows them to focus more on the core business. It also brings about lower costs and requires fewer internal resources. As such, cloud and hosting providers are experiencing significant growth as they meet this market demand. But with this increase in growth comes a proportional increase in risk.

With the proliferation of cyber threat and "hacktivist" movements, any organization can be the target of a cyber attack, specifically distributed denial-of-service (DDoS) attacks. These days, they are occurring daily because of botnet-for-hire services that charge as little as $2 an hour. However, hosting providers incur a higher risk of being the targets of DDoS attacks than other businesses operating online. Why? They aggregate the risk of all their customers.

The Wikipedia definition of the "domino effect" is a chain reaction that occurs when a small change causes a similar change nearby, which then causes another similar change, and so on in linear sequence. The term is used as an analogy to a falling row of dominoes.

A DDoS attack on one hosting customer can potentially take down the entire operation because they all share the same network infrastructure. In the same way cloud hosting providers pool resources such as bandwidth and storage for their customers, they also pool the aggregated risk of all their customers.

Due to the multi-tenancy nature of cloud-based data centers, a volumetric DDoS attack against one tenant can lead to a domino effect of service outages. Imagine that an attack is launched against one tenant. If the massive amount of malicious traffic bombarding this one tenant can cause the cloud data center to go down or clog up the shared resources, the entire data center can be taken offline or severely slowed. If a company's data center is down because of a DDoS attack, its customers will lose revenue, and the hosting provider will lose revenue and credibility which impacts the viability of the business. This type of outage can be devastating to the reputation and finances of all involved. To make matters worse, the aftershock continues long after the attack has been mitigated.

Because of this looming threat, cloud hosting providers need to proactively defend themselves to ensure service remains available to all of their customers in the event of an attack.

How to avoid becoming the bullseye
The good news is that the risks associated with DDoS attacks can be mitigated. If you don't want to be a victim of the DDoS domino effect, consider four simple strategies that any hosting provider can implement to protect service availability for their customers and themselves:

  • Subscribe to "clean pipes" service from all upstream service providers. Clean pipes will ensure that large-scale DDoS attacks are detected and mitigated in the cloud before they have an impact on the cloud data center, and before customers suffer an outage.
  • Implement an on-premise DDoS mitigation solution. It will enable hosting providers to detect and eliminate stealthy, application-layer DDoS attacks. These attacks target specific applications such as log-in forms and downloads. Due to their narrow focus, they do not require a large amount of traffic, making them very difficult to detect.
  • Monitor traffic inside and outside the cloud data center. Monitoring traffic patterns and protocols is essential to detecting network misuse. Certain systems should be communicating with each other while others should not. When those that should not communicate with each other are communicating, it could mean trouble.
  • Offer additional anti-DDoS service to customers. Operators of cloud data centers can generate additional revenue by offering highly valued DDoS mitigation services to customers. For example, customers who subscribe to the service will have malicious traffic directed against them mitigated. Customers who do not subscribe to the service will simply have their traffic blackholed. This type of service can be a true differentiator in the highly competitive hosting space. The difference between winning and losing business is more and more frequently coming down to valued-added services like managed backup, email and DDoS mitigation.

By taking these precautions, hosting providers can increase their reliability and service availability while generating more revenue by offering valued DDoS protection services to their customers.

— Tom Bienkowski, Director of Product Marketing, Arbor Networks.

(1)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
danielcawrey
50%
50%
danielcawrey,
User Rank: Light Sabre
7/7/2014 | 4:45:13 PM
Tenants
With so many different tenants on a cloud provider's plate, it would seem problematic to be able to stop an all-out DDoS. But technology is improving, and it is clear that providers have no choice but to have procedures in place to prevent the so-called domino effect.

Here's hoping that they work, because major cloud outages are always widely reported and gives the technology a bad rap, fair or unfair. 
Educational Resources
sponsor supplied content
Educational Resources Archive
More Blogs from Column
How cable operators and other pay-TV providers can differentiate themselves by helping customers find needles in haystacks. More is not always better.
A new way of thinking as well as new technologies and procedures are needed for those devising network security strategies, argues Fortinet's Matthew Pley.
High-frequency is on the 5G agenda after the FCC mmWave decision.
With the Summer Olympics now halfway over in Brazil, CSPs and other tech providers are competing fiercely for their own gold, silver and bronze medals.
LTE is evolving to support the Internet of Things as we head towards a massively connected 5G world.
Light Reading’s Upskill U is a FREE, interactive, online educational resource that delivers must-have education on themes that relate to the overall business transformation taking place in the communications industry.
NEXT COURSE
Wednesday, September 14, 1:00PM EDT
What Is Agile?
Kent J. McDonald, Product Owner, Agile Alliance
UPCOMING COURSE SCHEDULE
Friday, September 16, 1:00PM EDT
How to Implement Agile
Alan Bateman, Director, Agile Transformation
Wednesday, September 21, 1:00PM EDT
What Is DevOps?
Colin Kincaid, CTO, Service Provider, Cisco
Friday, September 23, 1:00PM EDT
How to Implement DevOps
,
in association with:
From The Founder
Light Reading today starts a new voyage as part of a larger Enterprise.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
Between the CEOs
CEO Chat: UXP Systems' Gemini Waghmare

8|26|16   |     |   (0) comments


Light Reading CEO Steve Saunders and UXP Systems CEO Gemini Waghmare discuss the strategic importance of digital identity for operators in the midst of transformation.
LRTV Custom TV
F5 Virtual Network Function Integrations With Partner Orchestration Platform

8|24|16   |   6:38   |   (0) comments


F5's Kishore Patnam, product manager for F5's service provider solutions, discusses why service providers are moving towards virtualization and how his clients are utilizing F5's solutions.
Between the CEOs
CEO Chat: Intel's Alexis Black Bjorlin

8|17|16   |   06:23   |   (0) comments


Join us for an in-depth interview between Steve Saunders of Light Reading and Alexis Black Bjorlin of Intel as they discuss the release of the company's Silicon Photonics platform, its performance, long-term prospects, customer expectations and much more.
Telecom Innovators Video Showcase
Accelerating Telecom Digital Transformation With Nominum DNS

8|1|16   |   12:04   |   (0) comments


Light Reading's Steve Saunders gets an update from Nominum CEO Gary Messiana on how his company is helping carriers on the digital transformation journey.
LRTV Custom TV
Reinventing Operations for a Virtual, Software-Defined World

7|28|16   |   5:23   |   (0) comments


Heavy Reading Senior Analyst Jim Hodges speaks with Accenture's Larry Socher and Matt Anderson about what service providers must do to transform their business to get the benefits of SDN and NFV including: leveraging DevOps, introducing real-time OSS and implementing analytics.
Women in Comms Introduction Videos
Fujitsu Sales Leader Shares Lessons Learned

7|27|16   |   5:12   |   (1) comment


As Fujitsu's only female sales leader, Annie Bogue knows the importance of asking for what you want, being flexible (she's been relocated five times), keeping a meticulous calendar, 'leaning in,' working harder than everyone else around you, being aware and more.
Telecom Innovators Video Showcase
VeEX Test & Measurement Solutions

7|25|16   |   08:57   |   (0) comments


Cyrille Morelle, president and CEO of VeEX Inc., talks test and measurement with Light Reading's Steve Saunders at BCE 2016. This includes innovative products such as VeSion Cloud-Based platform for network monitoring; MTTplus Modular Test platform for Access, Business, Carrier Ethernet, Transport and Core services; and OPX-BOX+ for Fiber Optics.
LRTV Custom TV
VeEX: Live From BCE 2016

7|25|16   |   03:20   |   (0) comments


VeEX's Senior Director of Business Development, Perry Romano, explains how VeEX provides tools to help install, maintain, monitor and manage network infrastructure efficiently and effectively. The portfolio of products on display include the RXT-6000, MTTplus and TX300s.
LRTV Custom TV
Real-Time Telemetry & Analytics for Intelligent SDN Orchestration

7|25|16   |   03:09   |   (0) comments


Packet Design CEO Scott Sherwood discusses how real-time network telemetry and analytics are enabling a new breed of SDN orchestration applications.
From the Founder
The Russo Report: Driving Disruption

7|25|16   |   07:44   |   (2) comments


In the first episode of a four-part series, Light Reading Founder and CEO Steve Saunders and Calix President and CEO Carl Russo drive around town discussing the disruptive mega-changes in the communications industry and where hope lies for service providers to meet the escalating demands of the cloud.
LRTV Custom TV
NetScout: Maximizing Enterprise Cloud for Digital Transformation

7|20|16   |   04:53   |   (0) comments


Light Reading Editor Mitch Wagner talks to NetScout CMO Jim McNiel about maximizing the benefits of enterprise cloud and digital transformation while minimizing potential pitfalls with a proper monitoring and instrumentation strategy.
Women in Comms Introduction Videos
Ciena's VP Offers a Career Crash Course

7|20|16   |   4:14   |   (2) comments


How did Ciena's Vice President of Sales, Angela Finn, carve out her career path? Simple, she tells WiC. She stayed true to her company, customers and principles. She shares her advice for women on how to be authentic and credible, as well as for companies that want to make a real change to their culture and practices.
Upcoming Live Events
September 13-14, 2016, The Curtis Hotel, Denver, CO
November 3, 2016, The Montcalm Marble Arch, London
November 30, 2016, The Westin Times Square, New York City
December 1, 2016, The Westin Times Square, New York, NY
December 6-8, 2016, The Westin Excelsior, Rome
May 16-17, 2017, Austin Convention Center, Austin, TX
All Upcoming Live Events
Infographics
Hot Topics
Cisco Developing 'Monica' Digital Assistant
Mitch Wagner, West Coast Bureau Chief, Light Reading, 8/22/2016
FirstNet: A Billion-Dollar Boondoggle?
Dan Jones, Mobile Editor, 8/26/2016
WiCipedia: Should Men Be Included? & Olympians Face Discrimination
Eryn Leavens, Special Features & Copy Editor, 8/26/2016
Google Fiber Can't Be Called a Failure
Carol Wilson, Editor-at-large, 8/26/2016
Google Fiber Downsizing Not Confirmed
Mari Silbey, Senior Editor, Cable/Video, 8/25/2016
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
Light Reading CEO Steve Saunders and UXP Systems CEO Gemini Waghmare discuss the strategic importance of digital identity for operators in the midst of transformation.
Join us for an in-depth interview between Steve Saunders of Light Reading and Alexis Black Bjorlin of Intel as they discuss the release of the company's Silicon Photonics platform, its performance, long-term prospects, customer expectations and much more.
Animals with Phones
Live Digital Audio

Bridging the tech skills gap is a major challenge for service providers and suppliers alike today – and the challenge is two-fold when it comes to increasing the number of women in the comms space. Level 3 Communications has made it a priority to overcome both challenges by implementing several unique programs focused on building the right candidates from within – in addition to filling the funnel by supporting STEM and other education programs. During this radio show, you’ll learn about these programs from Mary Beth McGrath, SVP of Global Talent Management at Level 3, and the best ways to bridge your own skills gap so that you are motivated and equipped for change. Plus you’ll have the chance to ask Mary Beth your questions live on the air.