& cplSiteName &

Cloud Providers: Beware DDoS Domino Effect

Tom Bienkowski
7/7/2014
50%
50%

In this day and age, almost every organization is using the Internet as a platform for business as they realize the benefit of outsourcing online operations such as websites, storage, e-commerce, email, and domain name system (DNS). It makes sense because it allows them to focus more on the core business. It also brings about lower costs and requires fewer internal resources. As such, cloud and hosting providers are experiencing significant growth as they meet this market demand. But with this increase in growth comes a proportional increase in risk.

With the proliferation of cyber threat and "hacktivist" movements, any organization can be the target of a cyber attack, specifically distributed denial-of-service (DDoS) attacks. These days, they are occurring daily because of botnet-for-hire services that charge as little as $2 an hour. However, hosting providers incur a higher risk of being the targets of DDoS attacks than other businesses operating online. Why? They aggregate the risk of all their customers.

The Wikipedia definition of the "domino effect" is a chain reaction that occurs when a small change causes a similar change nearby, which then causes another similar change, and so on in linear sequence. The term is used as an analogy to a falling row of dominoes.

A DDoS attack on one hosting customer can potentially take down the entire operation because they all share the same network infrastructure. In the same way cloud hosting providers pool resources such as bandwidth and storage for their customers, they also pool the aggregated risk of all their customers.

Due to the multi-tenancy nature of cloud-based data centers, a volumetric DDoS attack against one tenant can lead to a domino effect of service outages. Imagine that an attack is launched against one tenant. If the massive amount of malicious traffic bombarding this one tenant can cause the cloud data center to go down or clog up the shared resources, the entire data center can be taken offline or severely slowed. If a company's data center is down because of a DDoS attack, its customers will lose revenue, and the hosting provider will lose revenue and credibility which impacts the viability of the business. This type of outage can be devastating to the reputation and finances of all involved. To make matters worse, the aftershock continues long after the attack has been mitigated.

Because of this looming threat, cloud hosting providers need to proactively defend themselves to ensure service remains available to all of their customers in the event of an attack.

How to avoid becoming the bullseye
The good news is that the risks associated with DDoS attacks can be mitigated. If you don't want to be a victim of the DDoS domino effect, consider four simple strategies that any hosting provider can implement to protect service availability for their customers and themselves:

  • Subscribe to "clean pipes" service from all upstream service providers. Clean pipes will ensure that large-scale DDoS attacks are detected and mitigated in the cloud before they have an impact on the cloud data center, and before customers suffer an outage.
  • Implement an on-premise DDoS mitigation solution. It will enable hosting providers to detect and eliminate stealthy, application-layer DDoS attacks. These attacks target specific applications such as log-in forms and downloads. Due to their narrow focus, they do not require a large amount of traffic, making them very difficult to detect.
  • Monitor traffic inside and outside the cloud data center. Monitoring traffic patterns and protocols is essential to detecting network misuse. Certain systems should be communicating with each other while others should not. When those that should not communicate with each other are communicating, it could mean trouble.
  • Offer additional anti-DDoS service to customers. Operators of cloud data centers can generate additional revenue by offering highly valued DDoS mitigation services to customers. For example, customers who subscribe to the service will have malicious traffic directed against them mitigated. Customers who do not subscribe to the service will simply have their traffic blackholed. This type of service can be a true differentiator in the highly competitive hosting space. The difference between winning and losing business is more and more frequently coming down to valued-added services like managed backup, email and DDoS mitigation.

By taking these precautions, hosting providers can increase their reliability and service availability while generating more revenue by offering valued DDoS protection services to their customers.

ó Tom Bienkowski, Director of Product Marketing, Arbor Networks.

(1)  | 
Comment  | 
Print  | 
Newest First  |  Oldest First  |  Threaded View        ADD A COMMENT
danielcawrey
50%
50%
danielcawrey,
User Rank: Light Sabre
7/7/2014 | 4:45:13 PM
Tenants
With so many different tenants on a cloud provider's plate, it would seem problematic to be able to stop an all-out DDoS. But technology is improving, and it is clear that providers have no choice but to have procedures in place to prevent the so-called domino effect.

Here's hoping that they work, because major cloud outages are always widely reported and gives the technology a bad rap, fair or unfair. 
Educational Resources
sponsor supplied content
Educational Resources Archive
More Blogs from Column
Spectrum sharing is becoming a bigger issue as the 5G radio specification evolves.
Addressing current and future app demands while laying the foundation for mobile's next big network transition.
Broadcasters can no longer rely on pulling audiences to the TV screen; they need to pursue their audiences on digital, wherever they are.
Why advanced data analytics are the future for streaming video services.
5G could ride the traditional wireless hype cycle, or – quite possibly – break the chain, suggests Nokia's North American CTO.
Light Readingís Upskill U is a FREE, interactive, online educational resource that delivers must-have education on themes that relate to the overall business transformation taking place in the communications industry.
LIVE NOW!
Friday, December 2, 1:00PM EST
The SDN Approach to IP & Optical Integration
Sterling Perrin, Senior Analyst, Heavy Reading
UPCOMING COURSE SCHEDULE
Friday, December 2, 1:00PM EST
The SDN Approach to IP & Optical Integration
Sterling Perrin, Senior Analyst, Heavy Reading
in association with:
From The Founder
Light Reading today starts a new voyage as part of a larger Enterprise.
Flash Poll
Live Streaming Video
Charting the CSP's Future
Six different communications service providers join to debate their visions of the future CSP, following a landmark presentation from AT&T on its massive virtualization efforts and a look back on where the telecom industry has been and where it's going from two industry veterans.
Women in Comms Introduction Videos
Korn Ferry Consultant: How to Find, Cultivate & Be the Best Talent

11|30|16   |   4:10   |   (1) comment


Erin Callaghan, a managing consultant for Korn Ferry Futurestep, shares strategies for companies to improve how they recruit and for women to ensure they don't get lost in the pipeline.
LRTV Custom TV
We Can Make the World More Sustainable

11|29|16   |     |   (0) comments


GeSI is a global e-Sustainability Initiative organization bringing together 40 big multinational companies around the world. According to GeSI's report, information and communication technology can make the world more sustainable. Luis Neves, chairman of GeSI, shared with us his opinion at Ultra-broadband Forum (UBBF2016).
LRTV Custom TV
Finding a New Way to Engage Customers & Drive Revenue

11|29|16   |     |   (0) comments


Mobile revenues are declining. Digicel, a player in the Caribbean telecommunications/entertainment space, has found a new way to engage customers and drive revenue. John Quinn, CTO of Digicel, shared with us its story at Ultra-broadband Forum (UBBF2016)
LRTV Custom TV
Do You Really Need Gigabit Infrastructure?

11|29|16   |     |   (0) comments


Altibox is the biggest fiber-to-the-home (FTTH) player and the largest provider of video and TV in Norway. They started out with zero customers in 2002. Now they have close to half a million households and companies attached to their FTTH business. Nils Arne, CEO of Altibox shared with us their story and insight on 5G at Ultra-broadband Forum (UBBF2016).
LRTV Custom TV
BTís Openreach Strategy & Its Updates in 2016

11|29|16   |     |   (0) comments


A lot of developments at Openreach this year in terms of strategy and planned investments. Peter Bell, CIO of Openreach BT, shared with us the updates of Openreach at Ultra-broadband Forum (UBBF2016).
LRTV Custom TV
ITU: The Broadband Is Our Future

11|29|16   |     |   (0) comments


At Ultra-broadband Forum, Houlin Zhao, Secretary General of ITU, discussed how important it is for countries, companies and everybody to be working together to help to build the broadband and digital economies (UBBF2016).
LRTV Custom TV
Tackling 5G in Dallas

11|28|16   |     |   (0) comments


Here are our highlights of the 5G North America show in Dallas, Texas with Light Reading's Dan Jones.
LRTV Interviews
Cox Prepping for Virtualization Trials

11|14|16   |     |   (0) comments


In this video interview, Cox's Jeff Finkelstein discusses MSO's plans to test managed business services in early 2017 and tackle Distributed Access Architectures.
LRTV Custom TV
Drivers & Potential of NGP

11|11|16   |     |   (0) comments


ETSI has created an Industry Specification Group to work on Next Generation Protocols (NGP ISG), looking at evolving communications and networking protocols to provide the scale, security, mobility and ease of deployment required for the connected society of the 21st century. The NGP ISG will identify the requirements for next generation protocols and network ...
LRTV Custom TV
Huawei IP 2020 for Future Networks

11|11|16   |     |   (0) comments


Future Networks should satisfy many requirements such as high throughput, extremely low latency, flexible mobility, intrinsic security, networking automation, and so forth. The Chief Architect of Huawei Future Networks addresses a holistic solution, i.e., IP 2020, to achieve these requirements for various future life scenarios (e.g., autonomous driving, tactile ...
LRTV Custom TV
Digital Object Architecture

11|11|16   |     |   (0) comments


Digital Object Architecture provides a basic information infrastructure that can facilitate interoperability between or among different systems, processes, and other information resources, including different identity management systems. Digital objects are networked objects that are named by digital object identifiers and instantiated by an infrastructure service ...
LRTV Custom TV
BT's Openreach Has High Hopes for Long-Reach VDSL

11|11|16   |   06:04   |   (0) comments


Peter Bell, Network Portfolio CIO at BT's access business Openreach, talks about the operator's trial of a new broadband access technology called Long Reach VDSL.
Upcoming Live Events
December 6-8, 2016, The Westin Excelsior, Rome
May 16-17, 2017, Austin Convention Center, Austin, TX
All Upcoming Live Events
Infographics
Hot Topics
AT&T Debuts DirecTV Now on New Video Platform
Mari Silbey, Senior Editor, Cable/Video, 11/28/2016
Apple Seeds 5G? Seeks 'Multi-Gigabit' Chip Designer
Dan Jones, Mobile Editor, 11/30/2016
Altice Plans FTTH for Entire US Footprint
Iain Morris, News Editor, 11/30/2016
Altice FTTH Bill Could Hit Almost $9.6B in US
Iain Morris, News Editor, 12/1/2016
Samsung Bows to Investors, Considers Revamp
Iain Morris, News Editor, 11/29/2016
Like Us on Facebook
Twitter Feed
BETWEEN THE CEOs - Executive Interviews
Eyal Waldman, CEO of Mellanox Technologies, speaks to Steve Saunders, CEO of Light Reading, for an exclusive interview about the 100 GB cable challenge, cybersecurity and much more.
Join us for an in-depth interview between Steve Saunders of Light Reading and Alexis Black Bjorlin of Intel as they discuss the release of the company's Silicon Photonics platform, its performance, long-term prospects, customer expectations and much more.
Live Digital Audio

Even when there's a strong pipeline of female talent in the comms industry, it tends to leak all the way to the top. McKinsey & Company says women experience pipeline leakage at three primary points: being unable to enter, being stuck in the middle or being locked out of the top. Each pipeline pain point presents its own challenges, but also opportunities to stop the leak. Wireless operator Sprint is making a conscious effort to improve its own pipeline from new recruits to the C-suite, and it wants the rest of the industry to do the same. In this Women in Comms radio show, WiC Board Member and Sprint Vice President of Enterprise Sales Nelly Pitocco will give us her take on the industry's pipeline challenges. Pitocco, who joined Sprint in May and has spent 20 years in the comms industry, will also offer solutions, share how Sprint is tackling the challenge within its own organization and take your questions live on air.