The biggest threat to your SLAs - DDoS Attacks (Part I)

Stephen Gates
By | January 21, 2015

Posted in: Network Security Trends , Hosting Provider DDoS Protection

It is no secret that Hosting Providers live and die by the Service Level Agreements (SLAs) and uptime guarantees they offer to their customers.  Organizations select providers, and remain loyal when SLA thresholds are continuously met.  Hosting Providers are fighting an up-hill battle in striving to meet these aggressive guarantees.  There is a certain level of Network or service outages that are anticipated, and planned for. However, when it comes to DDoS attacks  - we’ve learned to expect the unexpected. This two part blog series aims to uncover the real threat that DDoS impose to a Hosting Provider environment and the staggering impact to Availability & Performance Standards.

Expected Outages vs. DDoS Attacks

Everyone knows there are a multitude of events that can impact uptime.  For example, power outages, server failures, application failures, or disasters have their effects.  Most of these risks are expected and system, network, and site redundancy measures have reduced the risks associated with these types of outages for years.  However, DDoS attacks are often not accounted for as a reason for an outage and must be included in the equation regarding SLA agreements.

In today’s Internet environment, protecting against DDoS attacks are a must for any Hosting Provider that wishes to maintain their customer base, and attract new ones.  DDoS attacks have a severe effect on SLAs and uptime guarantees by negatively impacting the entire hosted environment.   Tales of second-hand outages caused by DDoS attacks targeting a single customer are widespread and no Hosting Provider is immune to the effects of a DDoS attack.  Simply put, solutions must be implemented that eliminate the risk of outages caused by a DDoS attack.

Certified Uptime vs. DDoS Attacks

UptimeSafe  rates Hosting Provider uptime, and certifies providers utilizing a proprietary rating system named APSsm (Availability & Performance Standards) to classify the reliability of a service provider's network and application services.

How do uptime calculations work?

Each non-leap year has 365 days.  Multiply 365 days by 24 hours per day yields 8760 hours per year.  If a hosting provider’s SLA guarantee was 90% uptime, they would be permitted to be down 10% of the time which equals 876 hours or 36.5 days per year - while still meeting their SLA agreements. See the table below for more examples.

Hours per Year Availability % Downtime Per Year Time Scale
365 90 36.500 Days
Hours Per Year 95 18.250 Days
8760 97 10.950 Days
  98 7.300 Days
  99 3.650 Days
  99.5 1.825 Days
  99.8 17.520 Hours
  99.9 8.760 Hours
  99.95 4.380 Hours
  99.99 52.560 Minutes
  99.995 26.280 Minutes
"Five Nines" 99.999 5.256 Minutes
"Six Nines" 99.9999 31.536 Seconds

In comparison the much sought after “Five Nines” of availability as shown in the table above is not easy to achieve.  There’s only a hand full of Hosting Providers that guarantee 99.999% uptime which equates to less than 5.256 minutes of downtime per year. If a Hosting Provider guarantees a minimum of 90% uptime most likely they would have few if any customers, since no organization wants to be down 10% of the time.  When customers select a Hosting Provider these uptime calculations are always taken into account.

You May Also Be Interested In: