DDoS Considerations for On-Premises Servers

There has been much hype around cloud computing in recent years, to the extent that it appeared the answer was to run everything in ‘the cloud’, as-a-service. Now the dust has settled somewhat, there is a level of pragmatism setting in. Companies are now adopting cloud computing where it makes sense, for reasons of business continuity, elastic scalability and monthly operational expenses rather than up-front capital expenditure.

The result of this pragmatism is that on-premise datacenters are not going away any time soon, if ever. A recent IDG Connect opinion piece stated that “Despite growing adoption of IaaS technology, 98% of businesses still run on-premises server hardware and 72% of businesses plan to purchase new server hardware within the next three years.”

The Benefits of an On-Premise Server

Having an on-premise datacenter makes good sense for certain use-cases, some of which are discussed in the recent Network World article on “cloud repatriation.” For one thing, server costs have come down dramatically in recent years, making it more economical to bring an application or service back on premises. Irrespective of cost though, a key reason for on-premise, instead of cloud, is that some organizations don’t want to risk their company or customer data to an off-premise, third-party, data center. Sharing those servers with other companies can also weaken your cybersecurity stance, because the host may not have adequate security practices or defenses in place. Additionally, cybercriminals may target one customer in a public cloud, with other customers of the same provider at significant risk of suffering from collateral damage. Thus, moving your data up to the cloud can significantly increase your attack surface. Of course, this assumes you have appropriate protection in place for your on-premise network.

Deploying effective protection against the sophisticated and complex threat landscape enabled by the Internet requires an in-depth defense approach. This is true whether your applications and services are hosted in the cloud or in your own on-premise datacenters. It can also be as much about availability as it is security. And, when it comes to business-critical application and service availability, DDoS protection should be a key consideration. In the cloud, many providers do offer DDoS protection, either included, or as an add-on service, but you should check, either way.

How to Ensure On-Premise Servers are Secure

If you are hosting any applications or services using on-premises servers, then you need to ensure your own security and availability provisions are up to the job. From the availability perspective, DDoS attacks have become a significant threat, to the extent that, without real-time, automatic DDoS protection there exists a significant risk to business continuity. Modern DDoS protection is essential to defend network resources and data. Although DDoS attacks technically do not constitute security breaches, they can also serve as a smokescreen to distract IT security staff from a more dangerous network intrusions, including being able to temporarily disarm certain network defenses.

For over a decade, Corero has been providing state-of-the-art, highly-effective, real-time automatic DDoS protection solutions for enterprise, hosting and service provider customers around the world. Our SmartWall DDoS mitigation solutions protect on-premise, cloud, virtual and hybrid environments. For more on Corero’s diverse deployment models, click here. If you’d like to learn more, please contact us.

Sean Newman is VP Product Management for Corero Network Security. Sean has worked in the security and networking industry for twenty years, with previous roles including network security Global Product Manager for Cisco, who he joined as part of their acquisition of cyber-security vendor Sourcefire, where he was Security Evangelist and Field Product Manager for EMEA. Prior to that he was Senior Product Manager for endpoint and network security vendor Sophos, after having spent more than 12 years as an Engineer, Engineering Manager and then Senior Product Manager for network infrastructure manufacturer 3Com.