This week I co-presented a webinar hosted by the Web Host Industry Review (WHIR), on “DDoS Protection for Hosting Providers — Expand Your Cloud Offering & Protect Your Services.” Among the topics we covered was the fact that the majority of hosting provider customers expect hosting providers to ensure a “clean pipe.” That is, customers would like to see their provider implement additional services to eliminate DDoS traffic and other cyber threats from entering their networks.
There is growing consensus that hosting providers should ensure that Internet downtime and security threats do not affect their customers. Because of this expectation, hosting providers need the most comprehensive level of DDoS protection so they can analyze and respond effectively to DDoS attacks on their networks.
Low-Threshold Attacks are the Problem
According to our research, our average customer sees almost 4.5 attacks per day. Furthermore, that trend is growing, across all verticals and segments. The vast majority (93%) of DDoS attacks are low-threshold attacks, under 1 Gbps. Because these attacks typically require very little bandwidth to execute, they are nearly impossible to detect without an advanced in-line DDoS protection solution.
Most hosting providers don’t have visibility into these small-scale frequent attacks; they notice only the large-scale attacks that severely compromise network performance and crash websites. However, the small DDoS attacks can be just as serious. They not only drag down network performance, they may mask a more serious network security breach that is conducted to steal sensitive data or find the weak points in a network. Therefore, DDoS is not just a web availability issue; it’s a security issue.
In the WHIR webinar, Bill Kleyman, Contributing Editor at Penton Technology, said,
“Hosting providers must shift to holistic security. Don’t just look at the big bang. Test for vulnerabilities and “slow bleeds.” Kleyman added, “Downtime is expensive. Even partially saturated links can cause serious cost challenges.”
In-line, Automated DDoS Mitigation is the Key to Zero Downtime
Common approaches to handling DDoS include black-holing or out-of-band scrubbing solutions. Yet humans cannot detect and react quickly enough to respond to the steady flow of DDoS attacks. It takes only a few seconds of a breach to do damage, so even if security personnel do notice a low-level DDoS attack, usually the hackers have had enough time to infiltrate a network. Relying on human security personnel to detect DDoS attacks and re-route or black hole traffic is costly and inefficient.
In contrast, inline, automated mitigation requires virtually no human security analyst monitoring and ensures zero downtime. Corero’s SmartWall Threat Defense System uses advanced DDoS protection technology to detect and block low threshold attacks as well as large-scale saturating attacks, and gives hosting providers an aggregated view of their network as well as visibility into attacks on a per-customer basis, with detailed network forensics. They also get rapid response to alarms, real-time analysis of traffic, and the peace of mind that their customers are not being impacted.
The Opportunity for Hosting Providers
Hosting providers can differentiate themselves from competitors by providing DDoS mitigation technology that is exponentially more efficient and effective than black holing or rerouting. They also have an opportunity to increase revenue by offering this DDoS protection as a value-added security service. In our recent survey of network and IT security professionals, just over half of respondents indicated they would be willing to pay for a premium service offering to eliminate the DDoS challenge to their environment.
Learn more by watching the recorded webinar.